When I amended my registration page, I included the digest to encrypt
the password in the database.
If someone forgets their password, how do I get this mailed back to
the user?
The action is as follows:
def remind
@title = "Remind Me!"
if param_posted?(:user)
email = params[:user][:email]
user = User.find_by_email(email)
If user
UserMailer.deliver_reminder(@user)
flash[:notice] = "Reminder sent."
redirect_to :action => "index", :controller =>
"site"
else
flash[:notice] = "There is no user with that email
address."
end
end
end
This then calls the reminder part of UserMailer.deliver and sends the
user their username and password.
This template shows… Hello, You have just requested your login
details. Please see below:
Username: <%= @user.username %
Password: <%= @user.password %>
Thing is, with the password, as-is, it just prints the encrypted
string, so is no use to a user.
AT the moment I only mail out the username, as the password at the
moment isn’t helpful.
Is there a way to decrypt for the purposes of reminding someone?
Many Thanks... :-)
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
groups.google.com/group/rubyonrails-talk?hl=en.
If you are using a one way hash, like ''digest/sha1'', then you will not be able to decrypt the password. You can only reset it to something the system knows then send that password to them. On Tue, Feb 9, 2010 at 6:54 AM, RubyonRails_newbie <craigwesty79-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> When I amended my registration page, I included the digest to encrypt > the password in the database. > > If someone forgets their password, how do I get this mailed back to > the user? > > The action is as follows: > > > > def remind > > @title = "Remind Me!" > > if param_posted?(:user) > > email = params[:user][:email] > > user = User.find_by_email(email) > > If user > > UserMailer.deliver_reminder(@user) > > flash[:notice] = "Reminder sent." > > redirect_to :action => "index", :controller => "site" > > else > > flash[:notice] = "There is no user with that email > address." > > end > > end > > end > > This then calls the reminder part of UserMailer.deliver and sends the > user their username and password. > > This template shows… Hello, You have just requested your login > details. Please see below: > > > Username: <%= @user.username % > > Password: <%= @user.password %> > > Thing is, with the password, as-is, it just prints the encrypted > string, so is no use to a user. > > AT the moment I only mail out the username, as the password at the > moment isn’t helpful. > > Is there a way to decrypt for the purposes of reminding someone? > > Many Thanks... :-) > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > For more options, visit this group at groups.google.com/group/rubyonrails-talk?hl=en. > >-- Curtis Cooley curtis.cooley-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org home:curtiscooley.com blog:ponderingobjectorienteddesign.blogspot.com ==============Leadership is a potent combination of strategy and character. But if you must be without one, be without the strategy. -- H. Norman Schwarzkopf -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at groups.google.com/group/rubyonrails-talk?hl=en.
how would I go about resetting the password for the user to then go ahead and change to something more memorable? Is there a tutorial about this, or can you explain how this is achieved? Kind Regards On 9 Feb, 15:06, Curtis Cooley <curtis.coo...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> If you are using a one way hash, like ''digest/sha1'', then you will not > be able to decrypt the password. You can only reset it to something > the system knows then send that password to them. > > On Tue, Feb 9, 2010 at 6:54 AM, RubyonRails_newbie > > > > > > <craigwest...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote: > > When I amended my registration page, I included the digest to encrypt > > the password in the database. > > > If someone forgets their password, how do I get this mailed back to > > the user? > > > The action is as follows: > > > def remind > > > @title = "Remind Me!" > > > if param_posted?(:user) > > > email = params[:user][:email] > > > user = User.find_by_email(email) > > > If user > > > UserMailer.deliver_reminder(@user) > > > flash[:notice] = "Reminder sent." > > > redirect_to :action => "index", :controller => "site" > > > else > > > flash[:notice] = "There is no user with that email > > address." > > > end > > > end > > > end > > > This then calls the reminder part of UserMailer.deliver and sends the > > user their username and password. > > > This template shows… Hello, You have just requested your login > > details. Please see below: > > > Username: <%= @user.username % > > > Password: <%= @user.password %> > > > Thing is, with the password, as-is, it just prints the encrypted > > string, so is no use to a user. > > > AT the moment I only mail out the username, as the password at the > > moment isn’t helpful. > > > Is there a way to decrypt for the purposes of reminding someone? > > > Many Thanks... :-) > > > -- > > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > For more options, visit this group athttp://groups.google.com/group/rubyonrails-talk?hl=en. > > -- > Curtis Cooley > curtis.coo...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org > home:curtiscooley.com > blog:ponderingobjectorienteddesign.blogspot.com > ==============> Leadership is a potent combination of strategy and character. But if > you must be without one, be without the strategy. > -- H. Norman Schwarzkopf- Hide quoted text - > > - Show quoted text --- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at groups.google.com/group/rubyonrails-talk?hl=en.
Craig Westmoreland wrote:> how would I go about resetting the password for the user to then go > ahead and change to something more memorable? > > Is there a tutorial about this, or can you explain how this is > achieved? >If you''re using Authlogic, this is trivial and explained in the docs IIRC. If you''re not using Authlogic, you should be. :)> Kind RegardsBest, -- Marnen Laibow-Koser marnen.org marnen-sbuyVjPbboAdnm+yROfE0A@public.gmane.org -- Posted via ruby-forum.com. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at groups.google.com/group/rubyonrails-talk?hl=en.
On Tue, Feb 9, 2010 at 7:14 AM, RubyonRails_newbie <craigwesty79-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> how would I go about resetting the password for the user to then go > ahead and change to something more memorable? > > Is there a tutorial about this, or can you explain how this is > achieved? >Not sure if there are tutorials for this or not. I got my authorization and authentication code from "Rails Recipes" and "Agile Development with Rails". You should have a change password page anyways. Just create the standard reset password page that takes the existing password and two new passwords and changes the password to the new one. It should work a lot like the registration page. Then when a user requests a new password, you randomly generate one, set it as there password, then email them to new password and a link the change password page. -- Curtis Cooley curtis.cooley-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org home:curtiscooley.com blog:ponderingobjectorienteddesign.blogspot.com ==============Leadership is a potent combination of strategy and character. But if you must be without one, be without the strategy. -- H. Norman Schwarzkopf -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at groups.google.com/group/rubyonrails-talk?hl=en.