Class User
In: app/models/user.rb
Parent: ActiveRecord::Base

A User is used to validate administrative staff. The class is complicated by the fact that on the application side it deals with plain-text passwords, but in the database it uses SHA1-hashed passwords.

Methods

after_create   before_create   check_more_than_one_user   login   try_to_login  

Attributes

password  [RW]  The plain-text password, which is not stored in the database

Public Class methods

login(name, password)

Return the User with the given name and plain-text password

[Source]

    # File app/models/user.rb, line 24
24:   def self.login(name, password)
25:     hashed_password = hash_password(password || "")
26:     find(:first,
27:          :conditions => ["name = ? and hashed_password = ?", 
28:                           name, hashed_password])
29:   end

Public Instance methods

after_create()

Clear out the plain-text password once we’ve saved this row. This stops it being made available in the session

[Source]

    # File app/models/user.rb, line 57
57:   def after_create
58:     @password = nil
59:   end
before_create()

When a new User is created, it initially has a plain-text password. We convert this to an SHA1 hash before saving the user in the database.

[Source]

    # File app/models/user.rb, line 42
42:   def before_create
43:     self.hashed_password = User.hash_password(self.password)
44:   end
check_more_than_one_user()

Don‘t delete the last user from the database

[Source]

    # File app/models/user.rb, line 50
50:   def check_more_than_one_user
51:     raise "Less than two users" unless User.count > 1
52:   end
try_to_login()

Log in if the name and password (after hashing) match the database, or if the name matches an entry in the database with no password

[Source]

    # File app/models/user.rb, line 34
34:   def try_to_login
35:     User.login(self.name, self.password) ||
36:     User.find_by_name_and_hashed_password(name, "")
37:   end

[Validate]