Forum: Ruby on Rails Rails Recipes #31 Authenticating Users

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
chris (Guest)
on 2007-03-05 22:50
I have figured out everything except for how to add a new user to the
database.  The book gives an example of adding a user through the
command line, and that works fine.  I can login using a user created
that way.  I cannot, however, figure out how to add a new user from a
form.  The problem seems to occur when trying to except a user submitted
password (of which there is no corresponding DB listing) and generating
a salt and hash to be stored in the DB.  The method in the user model:

def password=(pass)
    salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
    self.password_salt, self.password_hash = salt,
Digest::SHA256.hexdigest(pass + salt)
  end

how do I accept a password from a view from a form, generate the
password and salt and save it to the DB.  Here is what I have for the
view form

View:

<%= form_tag({:action => 'new_user'}, :multipart => true) %>

<div class="new_i">
                  <p><b>Username:</b><br>
                    <%= text_field("user", "username", "size" => 20 ) %>
</p>
</div>

<div class="new_i">
                  <p><b>Password:</b><br>
                    <%= text_field_tag("password",nil, "size" => 20 ) %>
</p>
</div>


<%= submit_tag(" Register ")%>
<%= end_form_tag %>


I changed the text_field to text_field_tag because the fact that
password is not a line in the DB was raising an error.  I can't figure
out how to handle this in the controller in :action => "new_user"

Thanks

chris
Craig W. (Guest)
on 2007-03-06 00:09
(Received via mailing list)
On Mon, 2007-03-05 at 21:50 +0100, chris wrote:
>     self.password_salt, self.password_hash = salt,
>
> </div>
>
>
> <%= submit_tag(" Register ")%>
> <%= end_form_tag %>
>
>
> I changed the text_field to text_field_tag because the fact that
> password is not a line in the DB was raising an error.  I can't figure
> out how to handle this in the controller in :action => "new_user"
----
<%= form_tag({:action => 'new_user'}, :multipart => true) %>
  <div class="new_i">
    <p><b>Username:</b><br>
      <%= text_field("user", "username", "size" => 20 ) %>
    </p>
  </div>
  <div class="new_i">
    <p><b>Password:</b><br>
      <%= text_field("user", "password", "size" => 20 ) %>
    </p>
  </div>
<%= submit_tag(" Register ")%>
<%= end_form_tag %>

I don't know what ':multipart => true' does for you

--
Craig W. <removed_email_address@domain.invalid>
This topic is locked and can not be replied to.