Created
February 12, 2011 01:31
-
-
Save outoftime/823383 to your computer and use it in GitHub Desktop.
Mixins for simple user authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module Authenticated | |
| module Controller | |
| extend ActiveSupport::Concern | |
| included do | |
| helper_method :current_user, :current_user?, :no_current_user? | |
| end | |
| module ClassMethods | |
| def require_login(options = {}) | |
| before_filter :require_current_user, options | |
| end | |
| end | |
| module InstanceMethods | |
| private | |
| def current_user | |
| return @current_user if defined? @current_user | |
| @current_user = current_user_from_session | |
| end | |
| def current_user? | |
| !!current_user | |
| end | |
| def no_current_user? | |
| !current_user? | |
| end | |
| def require_current_user | |
| if current_user.blank? | |
| redirect_to new_user_session_path( | |
| :return_to => url_for(params.merge(:only_path => true))) | |
| end | |
| end | |
| def current_user_from_session | |
| if session[:current_user_id].present? | |
| user_class.find(session[:current_user_id]) | |
| end | |
| end | |
| def sign_in(user) | |
| session[:current_user_id] = user.id | |
| end | |
| def sign_out | |
| session.delete(:current_user_id) | |
| end | |
| def user_class | |
| ::User | |
| end | |
| end | |
| end | |
| end |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module Authenticated | |
| module User | |
| extend ActiveSupport::Concern | |
| included do | |
| attr_reader :password, :password_confirmation | |
| before_save :update_crypted_password | |
| validates :email, :presence => true, :if => :email_required? | |
| validates :password, :presence => true, :if => :password_required? | |
| validates :password, :confirmation => true | |
| end | |
| module ClassMethods | |
| def authenticate(params) | |
| if params[:email].present? | |
| user = find_by_email(params[:email].downcase) | |
| if user.present? && user.validate_password(params[:password]) | |
| return user | |
| end | |
| end | |
| end | |
| end | |
| module InstanceMethods | |
| def validate_password(password) | |
| encrypt_password(password) == crypted_password | |
| end | |
| def password=(password) | |
| @password = password unless password.blank? | |
| end | |
| def password_confirmation=(password) | |
| @password_confirmation = password unless password.blank? | |
| end | |
| private | |
| def update_crypted_password | |
| if @password.present? | |
| self.password_salt = ActiveSupport::SecureRandom.hex(127) | |
| self.crypted_password = encrypt_password(@password) | |
| end | |
| end | |
| def encrypt_password(password) | |
| encrypt("#{password}#{password_salt}") | |
| end | |
| def encrypt(string) | |
| digest = string | |
| 20.times { digest = Digest::SHA512.hexdigest(digest) } | |
| digest | |
| end | |
| def email_required? | |
| true | |
| end | |
| def password_required? | |
| true | |
| end | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment