Class: Auth::User

Inherits:

Object

• Object
• Auth::User

Defined in:

lib/nitro/auth/model/user.rb

Overview

Represents a user or account. Has a many-to-many relationship with Auth::Role.

This class can be either extended or related to in order to create application users. This allows a ‘user’ to own other application objects, for example, without polluting the basic authentication/authorization code.

Your application’s user object’s #create method should:

• Have a signature like create(login, password, parameters = {}) Note that parameters is essentially request.parameters from the registration form, and thus should be treated as tainted.

• Call super(login, password, parameters) if it extends Auth::User

• Call Auth::User.create(login, password, parameters) if it relates to Auth::User rather than extending it.

Instance Attribute Summary

• #hashed_password ⇒ Object readonly

  The user’s salted and hashed password.

• #login ⇒ Object readonly

  The user’s login name.

• #salt ⇒ Object readonly

  The last salt used, for later password checks.

• #session_key ⇒ Object readonly

  :nodoc:.

• #session_key_expires ⇒ Object readonly

  Time when the session key expires.

Instance Method Summary

• #has_role?(role) ⇒ Boolean

  Convenience method.

• #initialize(login, password = nil, parameters = {}) ⇒ User constructor

  Creates a new user.

• #password=(new_password) ⇒ Object

  Set the raw password.

• #session_key_expired? ⇒ Boolean

  Has the session key expired?.

Constructor Details

#initialize(login, password = nil, parameters = {}) ⇒ User

Creates a new user. Login is required, password is optional. Currently, parameters is not used by this implementation. Auth::AuthController passes in request.params, though, so future implementations could get further information there. Subclasses can use it and should pass it along.

# File 'lib/nitro/auth/model/user.rb', line 103

def initialize(login, password = nil, parameters = {})
    @login = login
    self.password = password
end

Instance Attribute Details

#hashed_password ⇒ Object (readonly)

The user’s salted and hashed password.

# File 'lib/nitro/auth/model/user.rb', line 29

def hashed_password
  @hashed_password
end

#login ⇒ Object (readonly)

The user’s login name.

# File 'lib/nitro/auth/model/user.rb', line 27

def login
  @login
end

#salt ⇒ Object (readonly)

The last salt used, for later password checks.

# File 'lib/nitro/auth/model/user.rb', line 31

def salt
  @salt
end

#session_key ⇒ Object (readonly)

:nodoc:

# File 'lib/nitro/auth/model/user.rb', line 38

def session_key
  @session_key
end

#session_key_expires ⇒ Object (readonly)

Time when the session key expires.

# File 'lib/nitro/auth/model/user.rb', line 40

def session_key_expires
  @session_key_expires
end

Instance Method Details

#has_role?(role) ⇒ Boolean

Convenience method. Does this user have this role?

Can take either a Auth::Role object or a symbol/string role name.

Returns:

• (Boolean)

# File 'lib/nitro/auth/model/user.rb', line 87

def has_role?(role)
    if role.is_a? Role
        roles.include? role
    else
        # This is the canonical implementation
        # roles.include? Role.find_one(:where => "name = '#{role.to_s}'")
        # This is sort of a hack, but turns two queries into one.
        not find_roles(:extra => "AND #{Role.table}.name = '#{role.to_s}'").empty?
    end
end

#password=(new_password) ⇒ Object

Set the raw password. Will appropriately hash it and store it in hashed_password.

# File 'lib/nitro/auth/model/user.rb', line 59

def password=(new_password)
    if not new_password
        @salt = nil
        @hashed_password = nil
    else
        @salt = Crypt.make_salt
        @hashed_password = Crypt.salt_password @salt, new_password
    end
    update if @oid
end

#session_key_expired? ⇒ Boolean

Has the session key expired?

Returns:

• (Boolean)

# File 'lib/nitro/auth/model/user.rb', line 79

def session_key_expired?
    not @session_key or
        (session_key_expires and Time.now > session_key_expires)
end