Forum: Ruby on Rails Two quick newbie questions

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Greg (Guest)
on 2006-03-04 08:01
2 quick questions regarding authentication ...

1) the flash[:notice] on successful login looks completely wrong to me.
How should it be done?

  def index
    if request.post?
      @user = User.new(params[:user])
      authentic_user = @user.attempt_login
      if authentic_user
        session[:user_id] = authentic_user.id
        flash[:notice]  =
        'Login successful! Welcome ' + authentic_user.first_name + ' ' +
        authentic_user.last_name + '!'
        redirect_to(:controller => 'user')
      else
        flash[:notice] = 'Invalid username or password.'
      end
    end
  end

2) can someone explain why the first of these two techniques works (ie,
login is successful) but the second doesn't:

@user = User.new(params[:user])
@user = User.new(params[:user => 'username', :user => 'password'])

... given this model:

class User < ActiveRecord::Base
  attr_accessor :password
  attr_accessible :username, :password

  def before_create
    self.hashed_password = User.encrypt_password(self.password)
  end

  def after_create
    @password = nil
  end

  def self.login(username, password)
    hashed_password = encrypt_password(password || '')
    find(:first,
         :conditions => ['username = ? and hashed_password =?',
         username, hashed_password])
  end

  def attempt_login
    User.login(self.username, self.password)
  end

  private
  def self.encrypt_password(password)
    Digest::SHA1.hexdigest(password)
  end

end

... and assuming a form with fields 'name=user[username]' &
'name=user[password]'. Thanks for the help. Kindly appreciated.

Greg
Manish S. (Guest)
on 2006-03-04 10:44
(Received via mailing list)
for the 1st question:

I'm fairly new to rails too, but i dont think thats how you concatenate
strings in ruby.  I think you need "<<" where the "+" is.


for the 2nd question:

params is a hash, and you are referencing the values to the key "user".
The
second one looks wrong because it seems to be redefining the key "user"
to
two different things, username and password.

When you do User.new(params[:user]), you are passing the hash to the
model
to build a new user object.  This would be the same as
User.new(:username =>
"foo", :password => "secret", ...)

the call to new is also given a hash.
Peter E. (Guest)
on 2006-03-04 10:50
(Received via mailing list)
irb(main):001:0> "XXX" + "123"
=> "XXX123"
Peter E. (Guest)
on 2006-03-04 10:53
(Received via mailing list)
this is what you want:

user = User.new(:username => "the username", :password => "the
password")
Peter E. (Guest)
on 2006-03-04 10:56
(Received via mailing list)
try that instead:

flash[:notice]  = 'Login successful! Welcome
#{authentic_user.first_name}
#{authentic_user.last_name}!'

one of the things why I love ruby...
This topic is locked and can not be replied to.