First, A Happy New Year to you all
Second :
this is my login action form the admin controller:
def login
if request.post?
user = User.authenticate(params[:name], params[:password])
if user
if user.banned_status == "true"
flash.now[:notice] = "We are sorry.You can not log in beause
you have been banned.Contact the admin at
radu-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org to solve this
problem"
elsif user.blocked_status == "true"
flash.now[:notice] = "We are sorry.You are still
blocked.Contact the admin at radu-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org to
solve this problem"
else
session[:user_id] = user.id
redirect_to :action => "index"
end
else
flash.now[:notice] = "Invalid user/password combination #
{user.id}"
end# 2nd if
end# 1st if
end#login
===============this is my user model for the authenticate method :
def self.authenticate(name, password)
user = User.find(:all, :conditions => ["name =
:param",{:param
=> name}])
if user.size > 0
user.each do |correct_user|
expected_password = User.encrypted_password(password,
correct_user.salt)
if correct_user.hashed_password == expected_password
idx = user.index(correct_user)
return user[idx]
end
end#do
user = nil
else
user = nil
end#1st if
end#def
=====and the login view :
<div class="shope_form">
<% form_tag do %>
<fieldset>
<div>
<label for="name">Name:</label>
<%= text_field_tag :name, params[:name] %>
</div>
<div>
<label for="password">Password:</label>
<%= password_field_tag :password, params[:password] %>
</div>
<div>
<%= submit_tag "Login", :name => nil %>
<div>
</fieldset>
<% end %>
</div>
So the thing is that in my db i have two users with the same name, but
no twith the same password.
id = 2
name = radu
surname = puspana
hashed_password = 6b2711b337ae9b5c8a5932e60955f25dc42bcec1
id = 4
name = radu
surname = gica
hashed_password = caf5488d972483c5b064a1afbe30b4370391ab73
The problem is that when i try to login with the first name, radu and
the password admin, it works fine, but if i try to login in with the
second name(id =4) radu andthe pass gica1, it return the nil value
back to the controller, so user in the controller will be nil, showing
the message "Invalid username/password" although the name and pass are
correct...
what the heck???
a billion thx in advance,
radu
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
problem solved!!! thx to me :) On Jan 3, 6:37 pm, radu puspana <radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> First, A Happy New Year to you all > Second : > > this is my login action form the admin controller: > def login > if request.post? > user = User.authenticate(params[:name], params[:password]) > if user > if user.banned_status == "true" > flash.now[:notice] = "We are sorry.You can not log in beause > you have been banned.Contact the admin at r...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org to solve this > problem" > > elsif user.blocked_status == "true" > flash.now[:notice] = "We are sorry.You are still > blocked.Contact the admin at r...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org to solve this problem" > else > session[:user_id] = user.id > redirect_to :action => "index" > end > else > flash.now[:notice] = "Invalid user/password combination # > {user.id}" > end# 2nd if > end# 1st if > end#login > ===============> this is my user model for the authenticate method : > def self.authenticate(name, password) > user = User.find(:all, :conditions => ["name = :param",{:param > => name}]) > if user.size > 0 > user.each do |correct_user| > expected_password = User.encrypted_password(password, > correct_user.salt) > if correct_user.hashed_password == expected_password > idx = user.index(correct_user) > > return user[idx] > end > end#do > user = nil > else > user = nil > end#1st if > end#def > =====> and the login view : > <div class="shope_form"> > <% form_tag do %> > <fieldset> > <div> > <label for="name">Name:</label> > <%= text_field_tag :name, params[:name] %> > </div> > > <div> > <label for="password">Password:</label> > <%= password_field_tag :password, params[:password] %> > </div> > > <div> > <%= submit_tag "Login", :name => nil %> > <div> > </fieldset> > <% end %> > </div> > > So the thing is that in my db i have two users with the same name, but > no twith the same password. > id = 2 > name = radu > surname = puspana > hashed_password = 6b2711b337ae9b5c8a5932e60955f25dc42bcec1 > > id = 4 > name = radu > surname = gica > hashed_password = caf5488d972483c5b064a1afbe30b4370391ab73 > > The problem is that when i try to login with the first name, radu and > the password admin, it works fine, but if i try to login in with the > second name(id =4) radu andthe pass gica1, it return the nil value > back to the controller, so user in the controller will be nil, showing > the message "Invalid username/password" although the name and pass are > correct... > > what the heck??? > > a billion thx in advance, > radu-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Jan 3, 4:37 pm, radu puspana <radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> user.each do |correct_user| > expected_password = User.encrypted_password(password, correct_user.salt) > if correct_user.hashed_password == expected_password > idx = user.index(correct_user) > return user[idx] > end > endThis is somewhat unwieldy - why the busines with index when you could just return correct_user ? Even better, use a method like detect - the code above is equivalent to user.detect {|current_user| current_user == User.encrypt(password, current_user)} You''ll also find your code reads more easily if variables that contain collections are pluralised (ie users = User.find :all rather than user = User.find( :all)) This shouldn''t change the result of the code however. Seems to me that the data in your table might just be bad (or you''re typing in the wrong password) - What is the value of User.encrypted_password ( ''gica1'', User.find(4).salt) ? Having users with the same name is really rather weird - every website I can think of requires usernames to be unique Fred -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Jan 3, 6:50 pm, Frederick Cheung <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On Jan 3, 4:37 pm, radu puspana <radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > user.each do |correct_user| > > expected_password = User.encrypted_password(password, correct_user.salt) > > if correct_user.hashed_password == expected_password > > idx = user.index(correct_user) > > return user[idx] > > end > > end > > This is somewhat unwieldy - why the busines with index when you could > just return correct_user ? Even better, use a method like detect - the > code above is equivalent to > user.detect {|current_user| current_user == User.encrypt(password, > current_user)}the manbo jumbo with idx was that it was the only method which worked. as you suggested, i was putting in the wrong password, and the method did the correct this, it returned user=nil. The name problem, was another bad thing to do, I thought about it and it made no sense at all.Mistakenly i forgot that name was in fact the username, and i thought that two users can have the same name and surname, logically, but not the same username.I will create another column with this name,username, and leave the name column alone. Thx so much for the alternate version of my code, but i don''t understand anything, as i said, i''m a noob, been working with rails about 3 months, and studied a nit of Ruby, about 3 chapters, about classes, objects and stuff.maybe you could translate it a bit for me, if you have the time, i will much appreciate it. and this line : user.detect {|current_user| current_user =User.encrypt(password,current_user)}, shouldn''t be something like user.detect {|current_user| current_user == User.encrypt (password,current_user.salt)}> You''ll also find your code reads more easily if variables that contain > collections are pluralised (ie users = User.find :all rather than user > = User.find( :all))thx so much for this tip too, it doesn''t have to do anything with the line user.detect {|current_user| current_user == User.encrypt (password, current_user)} right?> This shouldn''t change the result of the code however. Seems to me that > the data in your table might just be bad (or you''re typing in the > wrong password) - What is the value of User.encrypted_password > ( ''gica1'', User.find(4).salt) ? > > Having users with the same name is really rather weird - every website > I can think of requires usernames to be unique > > Fredthx so much for all your help, have a Happy New Year ok? , sincerely, radu -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Jan 4, 4:10 pm, radu puspana <radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> and this line : user.detect {|current_user| current_user => User.encrypt(password,current_user)}, shouldn''t be something like > user.detect {|current_user| current_user == User.encrypt > (password,current_user.salt)}that''s right. This means: iterate over the user collection, passing each element into the block as current_user. return the first element for which the condition in the block returns true.> > You''ll also find your code reads more easily if variables that contain > > collections are pluralised (ie users = User.find :all rather than user > > = User.find( :all)) > > thx so much for this tip too, it doesn''t have to do anything with the > line user.detect {|current_user| current_user == User.encrypt > (password, current_user)} right?no. just a stylistic thing Fred -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Jan 4, 6:22 pm, Frederick Cheung <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On Jan 4, 4:10 pm, radu puspana <radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > and this line : user.detect {|current_user| current_user => > User.encrypt(password,current_user)}, shouldn''t be something like > > user.detect {|current_user| current_user == User.encrypt > > (password,current_user.salt)} > > that''s right. > This means: iterate over the user collection, passing each element > into the block as current_user. return the first element for which the > condition in the block returns true.Sry for bothering you agan but shouldn''t it be : user.detect {|current_user| current_user.hashed_password =User.encrypt(password,current_user.salt)} reather than user.detect {| current_user| current_user== User.encrypt (password,current_user.salt)} ??. == means a condition if i recall correctly. because the string that comes out of User.encrypt (password,current_user.salt)} should be compared with something in the current_user, namely hashed_password, not the object refered by the variable current_user, right?> > > > You''ll also find your code reads more easily if variables that contain > > > collections are pluralised (ie users = User.find :all rather than user > > > = User.find( :all)) > > > thx so much for this tip too, it doesn''t have to do anything with the > > line user.detect {|current_user| current_user == User.encrypt > > (password, current_user)} right? > > no. just a stylistic thingthx again for the trick:)> Fredmuch much appreciate it Fred, regards, radu -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On Jan 4, 4:53 pm, radu puspana <radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On Jan 4, 6:22 pm, Frederick Cheung <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > wrote: > > Sry for bothering you agan but shouldn''t it be : > user.detect {|current_user| current_user.hashed_password => User.encrypt(password,current_user.salt)} reather than user.detect {| > current_user| current_user== User.encrypt > (password,current_user.salt)} ??. > == means a condition if i recall correctly. > because the string that comes out of User.encrypt > (password,current_user.salt)} should be compared with something in the > current_user, namely hashed_password, not the object refered by the > variable current_user, right?correct. Fred -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Problem solved!
Hi again Fred,
I tried user.detect {|current_user| current_user.hashed_password
==User.encrypt(password,current_user.salt)} and it worked like a
charm.
thx a million yet again for ALL your help,
radu
On Jan 4, 7:34 pm, Frederick Cheung
<frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> On Jan 4, 4:53 pm, radu puspana
<radupusp...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > On Jan 4, 6:22 pm, Frederick Cheung
<frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> > wrote:
>
> > Sry for bothering you agan but shouldn''t it be :
> > user.detect {|current_user| current_user.hashed_password => >
User.encrypt(password,current_user.salt)} reather than user.detect {|
> > current_user| current_user== User.encrypt
> > (password,current_user.salt)} ??.
> > == means a condition if i recall correctly.
> > because the string that comes out of User.encrypt
> > (password,current_user.salt)} should be compared with something in the
> > current_user, namely hashed_password, not the object refered by the
> > variable current_user, right?
>
> correct.
>
> Fred
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.