app/models/user_mailer.rb app/models/user_observer.rb log/.gitignore @@ -1,3 +1,5 @@ *.iml *.ipr *.iws +.generators +.rakeTasks .gitignore @@ -2,6 +2,10 @@ class UsersController < ApplicationController # Be sure to include AuthenticationSystem in Application Controller instead include AuthenticatedSystem + # Protect these actions behind an admin login + # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge] + before_filter :find_user, :only => [:suspend, :unsuspend, :destroy, :purge] + # render new.rhtml def new @@ -14,7 +18,7 @@ class UsersController < ApplicationController # uncomment at your own risk # reset_session @user = User.new(params[:user]) - @user.save + @user.register! if @user.valid? if @user.errors.empty? self.current_user = @user redirect_back_or_default('/') @@ -24,4 +28,38 @@ class UsersController < ApplicationController end end + def activate + self.current_user = params[:activation_code].blank? ? false : User.find_by_activation_code(params[:activation_code]) + if logged_in? && !current_user.active? + current_user.activate! + flash[:notice] = "Signup complete!" + end + redirect_back_or_default('/') + end + + def suspend + @user.suspend! + redirect_to users_path + end + + def unsuspend + @user.unsuspend! + redirect_to users_path + end + + def destroy + @user.delete! + redirect_to users_path + end + + def purge + @user.destroy + redirect_to users_path + end + +protected + def find_user + @user = User.find(params[:id]) + end + end app/controllers/users_controller.rb @@ -1,3 +1,4 @@ +require 'digest/sha1' class User < ActiveRecord::Base # Virtual attribute for the unencrypted password attr_accessor :password @@ -16,9 +17,38 @@ class User < ActiveRecord::Base # anything else you want your user to change should be added here. attr_accessible :login, :email, :password, :password_confirmation + acts_as_state_machine :initial => :pending + state :passive + state :pending, :enter => :make_activation_code + state :active, :enter => :do_activate + state :suspended + state :deleted, :enter => :do_delete + + event :register do + transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) } + end + + event :activate do + transitions :from => :pending, :to => :active + end + + event :suspend do + transitions :from => [:passive, :pending, :active], :to => :suspended + end + + event :delete do + transitions :from => [:passive, :pending, :active, :suspended], :to => :deleted + end + + event :unsuspend do + transitions :from => :suspended, :to => :active, :guard => Proc.new {|u| !u.activated_at.blank? } + transitions :from => :suspended, :to => :pending, :guard => Proc.new {|u| !u.activation_code.blank? } + transitions :from => :suspended, :to => :passive + end + # Authenticates a user by their login name and unencrypted password. Returns the user or nil. def self.authenticate(login, password) - u = find_by_login(login) # need to get the salt + u = find_in_state :first, :active, :conditions => {:login => login} # need to get the salt u && u.authenticated?(password) ? u : nil end @@ -78,5 +108,18 @@ class User < ActiveRecord::Base crypted_password.blank? || !password.blank? end + def make_activation_code + self.deleted_at = nil + self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join ) + end + def do_delete + self.deleted_at = Time.now.utc + end + + def do_activate + @activated = true + self.activated_at = Time.now.utc + self.deleted_at = self.activation_code = nil + end end app/models/user.rb 7022d6ae3cdb2d4818be543feec7ca2b87eb3a79 Brian Takita brian.takita@gmail.com http://github.com/btakita/pain-point/commit/309f2a03e636624378d696206e1691c24c93266a 309f2a03e636624378d696206e1691c24c93266a 2008-04-07T00:02:15-07:00 2008-04-07T00:02:15-07:00 Updating Restful Authentication files. Ignoring all files in log directory. 62f4611ddfbf0e6535e802430c2824133ad782dd Brian Takita brian.takita@gmail.com