Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

115 lines (90 sloc) 2.791 kb
require 'digest/sha1'
module Clearance
module User
def self.included(model)
model.extend ClassMethods
model.send(:include, InstanceMethods)
model.class_eval do
attr_accessible :email, :password, :password_confirmation
attr_accessor :password, :password_confirmation
validates_presence_of :email
validates_presence_of :password, :if => :password_required?
validates_confirmation_of :password, :if => :password_required?
validates_uniqueness_of :email, :case_sensitive => false
validates_format_of :email, :with => %r{.+@.+\..+}
before_save :initialize_salt, :encrypt_password, :initialize_token
end
end
module InstanceMethods
def authenticated?(password)
encrypted_password == encrypt(password)
end
def encrypt(string)
generate_hash("--#{salt}--#{string}--")
end
def remember?
token_expires_at && Time.now.utc < token_expires_at
end
def remember_me!
remember_me_until! 2.weeks.from_now.utc
end
def forget_me!
clear_token
save(false)
end
def confirm_email!
self.email_confirmed = true
self.token = nil
save(false)
end
def forgot_password!
generate_token
save(false)
end
def update_password(new_password, new_password_confirmation)
self.password = new_password
self.password_confirmation = new_password_confirmation
clear_token if valid?
save
end
protected
def generate_hash(string)
Digest::SHA1.hexdigest(string)
end
def initialize_salt
if new_record?
self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
end
end
def encrypt_password
return if password.blank?
self.encrypted_password = encrypt(password)
end
def generate_token
self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
self.token_expires_at = nil
end
def clear_token
self.token = nil
self.token_expires_at = nil
end
def initialize_token
generate_token if new_record?
end
def password_required?
encrypted_password.blank? || !password.blank?
end
def remember_me_until!(time)
self.token_expires_at = time
self.token = encrypt("--#{token_expires_at}--#{password}--")
save(false)
end
end
module ClassMethods
def authenticate(email, password)
return nil unless user = find_by_email(email)
return user if user.authenticated?(password)
end
end
end
end
Jump to Line
Something went wrong with that request. Please try again.