On 12/31/07, Bill McG
<rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
wrote:>
> Happy New Year everyone.
> Just wondering if anyone has coded the ability to allow a user to change
> their password following the way the book (second edition) implements
> administration.
Sure.
> Seems like I should be able to cut out the
> password/password_confirmation portion of ''add_user'' form
to create a
> ''change_pass'' form. The problem is I''m not sure
how to go about having
> it confirm the password and implementing the change. Seems the code will
> only do that for new users.
You get new salt and rehash the password. I actually adjusted mine so
it re-salts every time the password gets updated.
def password=( passwd )
@password = passwd
return if passwd.blank?
self.passwd_salt = User.salt
self.passwd_hash = User.hash_password( @password, self.passwd_salt )
end
private
def self.salt
Digest::SHA1.hexdigest( rand.to_s )
end
def self.hash_password( password, salt )
Digest::SHA1.hexdigest( password + salt )
end
--
Greg Donald
http://destiney.com/
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---