how to "encrypt" the password/login for the blog.rb example?

Albert Ng twinwing at gmail.com
Mon Feb 25 19:43:34 EST 2008 

On Mon, Feb 25, 2008 at 6:24 PM, Aria Stewart <aredridel at nbtsc.org> wrote:

>
> On Feb 25, 2008, at 2:21 PM, Albert Ng wrote:
>
> > I'll keep that in mind.
> >
> > As an aside, using this gem, how would I go about changing the user
> > without closing the browser or raising «Unauthorized»?  That last
> > pops up a log-in window that can't authorize (have to press escape).
>
> You can't. Browsers really really really should include a logout
> button, and they don't. File bugs with me!
>
:)

After cursing at @state, wondering why it wasn't saving before I «raise
Unauthorized» (for 3 hours *rolleyes*) , I've finally gotten the expected
behavior by creating a «Loginstate» table that belongs to «User», calling
save explicitly, and working some logic with that.

It's horribly expensive on the database, but it's ok for my purposes,
because the app is only accessible locally.

Another thing is that I changed password_for_user to record_for_user, as I'm
using @user for an AR record, and the gem kept turning it into a string :P

P.S. http://code.whytheluckystiff.net/camping/ticket/129 is very annoying,
they changed mongrel/camping again (for the worse)

Module Ctd:Models
  class Loginstate < Base
    belongs_to :users
  end

  ---

      create_table :ctd_loginstates do |t|
        t.column :user_id, :integer, :null => false
        t.column :reauthenticate, :boolean, :default => false
      end
      user.create_loginstate

---
Module Ctd:Controlers
  class CloseSession
    def get
      authenticate
      @user.loginstate.reauthenticate = true
      @user.loginstate.save
      redirect R(Index)
    end
  end
---
module Ctd
  include Camping::DigestAuth
  REALM = "ctd"

  module_function

  def record_for_user(username)
    include Ctd::Models
    user = User.find( :first, :conditions => ['username = ?', username])
    user = User.find( :first, :conditions => ['username = ?', 'dummy'])
unless user
    if user.loginstate.reauthenticate == true
      user.loginstate.reauthenticate = false
      user.loginstate.save
      raise Unauthorized
    end if user
    return user
  end
end
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/camping-list/attachments/20080225/9a9ca62c/attachment.html

More information about the Camping-list mailing list