Skip to content

Instantly share code, notes, and snippets.

@mrinterweb
Created August 31, 2008 22:23
Show Gist options
  • Save mrinterweb/8225 to your computer and use it in GitHub Desktop.
Save mrinterweb/8225 to your computer and use it in GitHub Desktop.
# this works very nicely
def self.authenticate(email, password)
user = self.find_by_email(email)
locked_for_x_seconds = 0
if user && user.account_locked_until && Time.now < user.account_locked_until
locked_for_x_seconds = (user.account_locked_until - Time.now).round
user = nil
end
if user
expected_password = encrypted_password(password, user.salt)
unless user.hashed_password == expected_password
user.login_attempts += 1
if(user.login_attempts >= 5)
user.account_locked_until = Time.now + 30.seconds
user.login_attempts = 0
end
user.save!
user = nil
else
user.login_attempts = 0
user.account_locked_until = nil
user.save!
end
end
user ||= locked_for_x_seconds
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment