class RackWarden::User

Attributes

password[RW]
password_confirmation[RW]

Public Class Methods

authenticate(login, password) click to toggle source

Authenticates a user by their login name and unencrypted password. Returns the user or nil. This is not currently used in RackWarden (has it's own auth logic section).

# File lib/rack_warden/models/user.rb, line 63
def self.authenticate(login, password)
  # hides records with a nil activated_at
  #u = find :first, :conditions => ['login = ? and activated_at IS NOT NULL', login]
  u = first(:conditions => ['(username = ? or email = ?) and activated_at IS NOT NULL', login, login])
  if u && u.authenticate(password)
     # This bit clears a password_reset_code (this assumes it's not needed, cuz user just authenticated successfully).
     (u.update_attributes(:password_reset_code => nil)) if u.password_reset_code
     u
  else
     nil
  end
end
find_for_activate(code) click to toggle source
# File lib/rack_warden/models/user.rb, line 81
def self.find_for_activate(code)
     decoded = App.uri_decode(code)
     App.logger.debug "RW find_for_activate with #{decoded}"
  User.first :activation_code => "#{decoded}"
end
find_for_forget(email) click to toggle source
# File lib/rack_warden/models/user.rb, line 76
def self.find_for_forget(email) #, question, answer)
  first(:conditions => ['email = ? AND (activation_code IS NOT NULL or activated_at IS NOT NULL)', email])
  #find :first, :conditions=>{:email=>email, :security_question=>question, :security_answer=>answer}
end

Public Instance Methods

activate() click to toggle source
# File lib/rack_warden/models/user.rb, line 121
def activate
  @activated = true
  self.activated_at = Time.now
  self.activation_code = nil
  # added by wbr for auto-password generation from blank activation
  self.encrypted_password.to_s.empty? ? self.new_random_password : nil
  self.save!
end
authenticate(attempted_password) click to toggle source

INSTANCE ###

# File lib/rack_warden/models/user.rb, line 91
def authenticate(attempted_password)
  if self.encrypted_password == attempted_password
    true
  else
    false
  end
end
authorized?(options={}) click to toggle source
# File lib/rack_warden/models/user.rb, line 99
def authorized?(options={})
     #options[:request].script_name[/login|new|create|logout/] ||
     self.id==1
end
forget_me() click to toggle source
# File lib/rack_warden/models/user.rb, line 115
def forget_me
  self.remember_token_expires_at = nil
  self.remember_token            = nil
  save!   #(false)
end
forgot_password() click to toggle source

Reset Password ###

# File lib/rack_warden/models/user.rb, line 152
def forgot_password
              @forgotten_password = true
              self.make_password_reset_code
end
make_activation_code() click to toggle source
# File lib/rack_warden/models/user.rb, line 135
def make_activation_code
  self.activation_code = (Time.now.to_s.split(//).sort_by {rand}.join)
  App.logger.debug "RW make_activation_code result #{activation_code}"
  activation_code
end
make_password_reset_code() click to toggle source
# File lib/rack_warden/models/user.rb, line 181
def make_password_reset_code
              self.password_reset_code = ( Time.now.to_s.split(//).sort_by {rand}.join )
end
new_random_password() click to toggle source
# File lib/rack_warden/models/user.rb, line 187
def new_random_password # should maybe be private?
  self.make_password_reset_code # added by wbr for blank activation
  @recently_generated_password = self.password_reset_code #added by wbr for blank activation
  self.password = Digest::SHA1.hexdigest("--#{rand.to_s}--#{username}--")[0,10]
  self.password_confirmation = self.password
end
password_element_count(pwd=password, character_classes = %w[upper lower digit punct]) click to toggle source

Returns number of specified character classes found in pwd

# File lib/rack_warden/models/user.rb, line 52
def password_element_count(pwd=password, character_classes = %w[upper lower digit punct])
        character_classes.find_all{|c| pwd.to_s[/[[:#{c}:]]/]}.size
rescue
        0
end
password_required?() click to toggle source

check validity of password if we have a new resource, or there is a plaintext password provided

# File lib/rack_warden/models/user.rb, line 35
def password_required?
  password || new?
end
recent_manual_activation?() click to toggle source

wbr - to resend activation email from existing record

# File lib/rack_warden/models/user.rb, line 177
def recent_manual_activation?
  @manual_activation
end
recently_activated?() click to toggle source

Returns true if the user has just been activated.

# File lib/rack_warden/models/user.rb, line 131
def recently_activated?
  @activated
end
recently_forgot_password?() click to toggle source
# File lib/rack_warden/models/user.rb, line 172
def recently_forgot_password?
              @forgotten_password
end
recently_generated_password() click to toggle source

returns password_reset_code if recently generated password

# File lib/rack_warden/models/user.rb, line 195
def recently_generated_password
  @recently_generated_password
end
recently_reset_password?() click to toggle source
# File lib/rack_warden/models/user.rb, line 168
def recently_reset_password?
 @reset_password
end
remember_me() click to toggle source

These create and unset the fields required for remembering users between browser closes

# File lib/rack_warden/models/user.rb, line 109
def remember_me
  self.remember_token_expires_at = Time.now+(60*60*24*14)      #2.weeks.from_now.utc
  self.remember_token            = "#{email}--#{remember_token_expires_at}"
  save! && remember_token 
end
remember_token?() click to toggle source
# File lib/rack_warden/models/user.rb, line 104
def remember_token?
  remember_token_expires_at && Time.now.utc < remember_token_expires_at 
end
reset_password() click to toggle source
# File lib/rack_warden/models/user.rb, line 157
def reset_password
              # First update the password_reset_code before setting the
              # reset_password flag to avoid duplicate email notifications.
              update_attributes(:password_reset_code => nil)
              @reset_password = true
              # These steps will activate an account that hasn't been activated yet, allowing the user to activate when lost/forgotten activation email.
              if activated_at == nil and activation_code != nil
                      activate
              end
end
send_activation() click to toggle source
# File lib/rack_warden/models/user.rb, line 141
def send_activation
              RackWarden::Mail.new({
                :to                                =>  email,
                :subject   =>        "Signup confirmation",
                :body                      => App.render_template('rw_activation.email.erb', :user=>self)
              }).deliver!
end
valid_password_elements() click to toggle source

Validation returns nil if valid

# File lib/rack_warden/models/user.rb, line 40
def valid_password_elements
        unless password_element_count >= 2
                message = "Passwords must be minimum 8 characters in length
                and contain at least two of the following character types: uppercase,
                lowercase, numbers, symbols."
                [false, message]
        else
                true
        end
end