Module: Authlogic::ActsAsAuthentic::Password::Methods::InstanceMethods

Defined in:
lib/authlogic/acts_as_authentic/password.rb

Instance Method Summary collapse

Instance Method Details

#passwordObject

The password



262
263
264
 
# File 'lib/authlogic/acts_as_authentic/password.rb', line 262

def password
  @password
end

#password=(pass) ⇒ Object

This is a virtual method. Once a password is passed to it, it will create new password salt as well as encrypt the password.



268
269
270
271
272
273
274
275
276
277
278
279
280
281
 
# File 'lib/authlogic/acts_as_authentic/password.rb', line 268

def password=(pass)
  return if ignore_blank_passwords? && pass.blank?
  before_password_set
  @password = pass
  send("#{password_salt_field}=", Authlogic::Random.friendly_token) if password_salt_field
  send(
    "#{crypted_password_field}=",
    crypto_provider.encrypt(
      *encrypt_arguments(@password, false, act_like_restful_authentication? ? :restful_authentication : nil)
    )
  )
  @password_changed = true
  after_password_set
end

#reset_passwordObject Also known as: randomize_password

Resets the password to a random friendly token.



316
317
318
319
320
 
# File 'lib/authlogic/acts_as_authentic/password.rb', line 316

def reset_password
  friendly_token = Authlogic::Random.friendly_token
  self.password = friendly_token
  self.password_confirmation = friendly_token if self.class.require_password_confirmation
end

#reset_password!Object Also known as: randomize_password!

Resets the password to a random friendly token and then saves the record.



324
325
326
327
 
# File 'lib/authlogic/acts_as_authentic/password.rb', line 324

def reset_password!
  reset_password
  save_without_session_maintenance(:validate => false)
end

#valid_password?(attempted_password, check_against_database = check_passwords_against_database?) ) ⇒ Boolean

Accepts a raw password to determine if it is the correct password or not. Notice the second argument. That defaults to the value of check_passwords_against_database. See that method for more information, but basically it just tells Authlogic to check the password against the value in the database or the value in the object.

Returns:

  • (Boolean) 


288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
 
# File 'lib/authlogic/acts_as_authentic/password.rb', line 288

def valid_password?(attempted_password, check_against_database = check_passwords_against_database?)
  crypted =
    if check_against_database && send("#{crypted_password_field}_changed?")
      send("#{crypted_password_field}_was")
    else
      send(crypted_password_field)
    end

  return false if attempted_password.blank? || crypted.blank?
  before_password_verification

  crypto_providers.each_with_index do |encryptor, index|
    # The arguments_type of for the transitioning from restful_authentication
    arguments_type = (act_like_restful_authentication? && index == 0) ||
      (transition_from_restful_authentication? && index > 0 && encryptor == Authlogic::CryptoProviders::Sha1) ?
      :restful_authentication : nil

    if encryptor.matches?(crypted, *encrypt_arguments(attempted_password, check_against_database, arguments_type))
      transition_password(attempted_password) if transition_password?(index, encryptor, crypted, check_against_database)
      after_password_verification
      return true
    end
  end

  false
end