diff options
author | Azul <azul@leap.se> | 2012-12-07 08:28:23 +0100 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-12-07 08:28:23 +0100 |
commit | 1ec55c4f562a4fdd57c50077ff286ef08e9978a1 (patch) | |
tree | 16203d2ca4f32e24d38fef6062aa9534cecb3bfe /users/app/models | |
parent | effa6b0f84cfe954cc9dd73f592663b743b0d857 (diff) | |
parent | a3dce077881c7e97090e5e560b1fb004952d5b23 (diff) |
Merge branch 'develop'
Diffstat (limited to 'users/app/models')
-rw-r--r-- | users/app/models/session.rb | 34 | ||||
-rw-r--r-- | users/app/models/user.rb | 41 |
2 files changed, 60 insertions, 15 deletions
diff --git a/users/app/models/session.rb b/users/app/models/session.rb new file mode 100644 index 0000000..a9fdb1b --- /dev/null +++ b/users/app/models/session.rb @@ -0,0 +1,34 @@ +class Session < SRP::Session + include ActiveModel::Validations + + attr_accessor :login + + validates :login, + :presence => true, + :format => { :with => /\A[A-Za-z\d_]+\z/, + :message => "Only letters, digits and _ allowed" } + + def initialize(user = nil, aa = nil) + super(user, aa) if user + end + + def persisted? + false + end + + def new_record? + true + end + + def to_model + self + end + + def to_key + [object_id] + end + + def to_param + nil + end +end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 1afb9db..325c981 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -9,42 +9,46 @@ class User < CouchRest::Model::Base :presence => true validates :login, - :uniqueness => true + :uniqueness => true, + :if => :serverside? validates :login, :format => { :with => /\A[A-Za-z\d_]+\z/, :message => "Only letters, digits and _ allowed" } validates :password_salt, :password_verifier, - :format => { :with => /\A[\dA-Fa-f]+\z/, - :message => "Only hex numbers allowed" } + :format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" } + + validates :password, :presence => true, + :confirmation => true, + :format => { :with => /.{8}.*/, :message => "needs to be at least 8 characters long" } timestamps! design do view :by_login + view :by_created_at end class << self - def find_by_param(login) - return find_by_login(login) || raise(RECORD_NOT_FOUND) - end + alias_method :find_by_param, :find # valid set of attributes for testing def valid_attributes_hash { :login => "me", - :password_verifier => "1234ABC", + :password_verifier => "1234ABCD", :password_salt => "4321AB" } end end - def to_param - self.login - end + alias_method :to_param, :id def to_json(options={}) - super(options.merge(:only => ['login', 'password_salt'])) + { + :login => login, + :ok => valid? + }.to_json(options) end def initialize_auth(aa) @@ -63,11 +67,18 @@ class User < CouchRest::Model::Base login end - def self.current - Thread.current[:user] + # Since we are storing admins by login, we cannot allow admins to change their login. + def is_admin? + APP_CONFIG['admins'].include? self.login end - def self.current=(user) - Thread.current[:user] = user + + protected + def password + password_verifier end + # used as a condition for validations that are server side only + def serverside? + true + end end |