Rails认证存储在不同型号上的用户和密码

时间:2014-07-08 09:06:07

标签: ruby-on-rails ruby authentication

我正在开发一个项目,我需要有不同类型的用户,有些将是管理员而其他人将只是用户,我有一个所有用户的模型,我有一个模型“登录”我将存储一个ecrypted密码。问题是,我创建了用户,并且它保存在数据库中,但是应该存储密码的模型是空的... 我试图在用户和登录控制器以及两个模型上进行协商。

向我询问您需要查看的代码,并在此处发布。

这是我的user.rb代码

    class User < ActiveRecord::Base
      has_and_belongs_to_many :requisitions
      has_many :historics
      has_one :login
      belongs_to :rank
      belongs_to :sub_unit
      belongs_to :user_type
      #attr_accessor :password, :password_confirmation, :salt, :encrypted_password

      validates :nim, :posto_id, :apelido, :nome, :telefone, :sub_un_id, :tipo_util_id, presence: true
      validates :email, format: { with: /@/ }
      validates :nim, uniqueness: true
      validates :password, :confirmation => true
      validates_length_of :password, :in => 6..20, :on => :create

      # Encrypting calls for new user's password
      before_save :encrypt_password
      after_save :clear_password

      # Authentication process for user's login
      def match_password(login_password = '')
      encrypted_password == BCrypt::Engine.hash_secret(login_password, salt)
      end

      def self.authenticate(nim_as_login = '', login_password = '')
        user = User.find_by_nim(nim_as_login)
        if user && user.match_password(login_password)
          return user
        else
          return false
        end
      end

      # Encrypting process for new user's password
      private
      def encrypt_password
        if password.present?
          self.salt = BCrypt::Engine.generate_salt
          self.encrypted_password = BCrypt::Engine.hash_secret(password, salt)
        end
      end

      private
      def clear_password
        self.password = nil
      end

    end

这是我的login.rb代码

    class Login < ActiveRecord::Base
      belongs_to :user

      attr_accessor :password, :password_confirmation, :salt, :encrypted_password

      #validating fields
      validates :user_id, :password, presence: true
      validates :password, confirmation: true
      validates :password, length: { in: 6..30 }

      # Encrypting calls for new user's password
      before_save :encrypt_password
      after_save :clear_password

      # Authentication process for user's login
      def match_password(login_password = '')
        encrypted_password == BCrypt::Engine.hash_secret(login_password, salt)
      end

      def self.authenticate(nim_as_login = '', login_password = '')
        user = User.find_by_nim(nim_as_login)
        login = Login.find_by_user_id(user.id)
        if login && login.match_password(login_password)
          return login
        else
          return false
        end
      end

      # Encrypting process for new user's password
      private
      def encrypt_password
        if password.present?
          self.salt = BCrypt::Engine.generate_salt
          self.encrypted_password = BCrypt::Engine.hash_secret(password, salt)
        end
      end

      private
      def clear_password
        self.password = nil
      end


    end

这是我的用户控制器代码

    class UsersController < ApplicationController

      before_filter :save_login_state, only: [:new, :create]

      def new
        @user = User.new
        @ranks = Rank.all
        @types = UserType.all
        @unit = SubUnit.all
        @logins = Login.all
        @page_title = "LoginUser | Novo"
      end

      def create
        @user = User.new(user_params, login_params)

        #LoginsController(:password, :password_confirmation)

        @ranks = Rank.all
        @types = UserType.all
        @unit = SubUnit.all
        @logins = Login.all
        if @user.save
          flash[:notice] = "Bem vindo #{@user.apelido}, sua conta foi criada com sucesso!"
          redirect_to sessions_path
        else
          @user.errors.full_messages.each do |e|
            if e == "Nim has already been taken"
              flash.now[:error] = "Este Utilizador já está registado!"
            else
              flash.now[:error] = "Corrija os campos do formulário!"
            end
          end
          render 'new'
        end
      end
      def show
        @user = User.find(params[:id])
        @ranks = Rank.all
        @types = UserType.all
        @unit = SubUnit.all
        @logins = Login.all
      end

      private

      def user_params
        params.require(:user).permit(:id, :nim, :posto_id, :apelido, :nome, :telefone, :telemovel, :email, :sub_un_id, :tipo_util_id)
      end

      def login_params
        params.require(Login).permit(:password, :password_confirmation, :user_id )
      end

    end

这是我的登录控制器

    class LoginsController < ApplicationController

      def create
       @login = Login.all

      end

    end

这是我的会话控制器

    class SessionsController < ApplicationController
      before_filter :authenticate_user, only: [:home, :profile, :setting]
      before_filter :save_login_state, only: [:login, :login_attempt]

      def login
        @page_title = "LoginUser | Entrar"
      end

      def login_attempt
        authorized_user = User.authenticate(params[:nim_as_login], params[:login_password])
        if authorized_user
          session[:user_id] = authorized_user.id
          flash[:notice] = "Benvindo de volta #{authorized_user.apelido}"
          redirect_to user_path
        else
          flash.now[:error] = "Email ou palavra passe inválida!"
          render 'sessions/login'
        end
      end

      def home
      end

      def profile
      end

      def setting
      end

      def logout
        session[:user_id] = nil
        redirect_to sessions_path
      end
    end

我的问题是,我可以将加密密码和用户存储在不同的表中吗?

0 个答案:

没有答案
相关问题
最新问题