Skip to content

Instantly share code, notes, and snippets.

@elricstorm
Created Mar 6, 2012
Embed
What would you like to do?
class ApplicationController < ActionController::Base
helper :all
protect_from_forgery
helper_method :current_user, :user_signed_in?, :user_signed_out?, :authenticate_user!, :sign_in_and_redirect
# this method will sign in and redirect the user to the root path
def sign_in_and_redirect(user)
@current_user = User.find_by_id(user)
session[:user_id] = @current_user
redirect_to root_path
end
# this method is used for pages that require authentication
def authenticate_user!
if !current_user
flash[:notice] = 'You need to sign in before accessing this page!'
redirect_to login_path
end
end
# Find the current_user
def current_user
@current_user ||= User.find_by_id(session[:user_id])
end
# Find if the current_user is true and signed in
def user_signed_in?
!!current_user
end
# Sign our user out
def user_signed_out?
!user_signed_in?
end
# Assign current_user to an @user object to automatically log the user in
def current_user=(user)
@current_user = user
session[:user_id] = user.id
end
# ......
end
gem 'bcrypt-ruby'
class User < ActiveRecord::base
require 'bcrypt'
attr_reader :password
attr_accessible :password
validates :password, :on => :create, :confirmation => true, :length => { :within => 4..20 }, :presence => true
# Encrypts the :password into the :password_digest attribute.
def password=(unencrypted_password)
@password = unencrypted_password
unless unencrypted_password.blank?
self.password_digest = BCrypt::Password.create(unencrypted_password)
end
end
# Returns self if the password is correct, otherwise false.
# This is used in the create method from the sessions controller
def authenticate(unencrypted_password)
if BCrypt::Password.new(password_digest) == unencrypted_password
self
else
false
end
end
#...
end
class UsersController < ApplicationController
before_filter :authenticate_user!, :except => [:new, :create, :reset_password]
# .....
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment