summaryrefslogtreecommitdiff
path: root/users/app/models
diff options
context:
space:
mode:
Diffstat (limited to 'users/app/models')
-rw-r--r--users/app/models/session.rb34
-rw-r--r--users/app/models/user.rb41
2 files changed, 60 insertions, 15 deletions
diff --git a/users/app/models/session.rb b/users/app/models/session.rb
new file mode 100644
index 0000000..a9fdb1b
--- /dev/null
+++ b/users/app/models/session.rb
@@ -0,0 +1,34 @@
+class Session < SRP::Session
+ include ActiveModel::Validations
+
+ attr_accessor :login
+
+ validates :login,
+ :presence => true,
+ :format => { :with => /\A[A-Za-z\d_]+\z/,
+ :message => "Only letters, digits and _ allowed" }
+
+ def initialize(user = nil, aa = nil)
+ super(user, aa) if user
+ end
+
+ def persisted?
+ false
+ end
+
+ def new_record?
+ true
+ end
+
+ def to_model
+ self
+ end
+
+ def to_key
+ [object_id]
+ end
+
+ def to_param
+ nil
+ end
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 1afb9db..325c981 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -9,42 +9,46 @@ class User < CouchRest::Model::Base
:presence => true
validates :login,
- :uniqueness => true
+ :uniqueness => true,
+ :if => :serverside?
validates :login,
:format => { :with => /\A[A-Za-z\d_]+\z/,
:message => "Only letters, digits and _ allowed" }
validates :password_salt, :password_verifier,
- :format => { :with => /\A[\dA-Fa-f]+\z/,
- :message => "Only hex numbers allowed" }
+ :format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" }
+
+ validates :password, :presence => true,
+ :confirmation => true,
+ :format => { :with => /.{8}.*/, :message => "needs to be at least 8 characters long" }
timestamps!
design do
view :by_login
+ view :by_created_at
end
class << self
- def find_by_param(login)
- return find_by_login(login) || raise(RECORD_NOT_FOUND)
- end
+ alias_method :find_by_param, :find
# valid set of attributes for testing
def valid_attributes_hash
{ :login => "me",
- :password_verifier => "1234ABC",
+ :password_verifier => "1234ABCD",
:password_salt => "4321AB" }
end
end
- def to_param
- self.login
- end
+ alias_method :to_param, :id
def to_json(options={})
- super(options.merge(:only => ['login', 'password_salt']))
+ {
+ :login => login,
+ :ok => valid?
+ }.to_json(options)
end
def initialize_auth(aa)
@@ -63,11 +67,18 @@ class User < CouchRest::Model::Base
login
end
- def self.current
- Thread.current[:user]
+ # Since we are storing admins by login, we cannot allow admins to change their login.
+ def is_admin?
+ APP_CONFIG['admins'].include? self.login
end
- def self.current=(user)
- Thread.current[:user] = user
+
+ protected
+ def password
+ password_verifier
end
+ # used as a condition for validations that are server side only
+ def serverside?
+ true
+ end
end