Agile Web Dev w/Rails - Password Change

Happy New Year everyone.
Just wondering if anyone has coded the ability to allow a user to change
their password following the way the book (second edition) implements
administration.
Seems like I should be able to cut out the
password/password_confirmation portion of ‘add_user’ form to create a
‘change_pass’ form. The problem is I’m not sure how to go about having
it confirm the password and implementing the change. Seems the code will
only do that for new users.
Thanks, any help appreciated…Bill

On 12/31/07, Bill McG [email protected] wrote:

Happy New Year everyone.
Just wondering if anyone has coded the ability to allow a user to change
their password following the way the book (second edition) implements
administration.

Sure.

Seems like I should be able to cut out the
password/password_confirmation portion of ‘add_user’ form to create a
‘change_pass’ form. The problem is I’m not sure how to go about having
it confirm the password and implementing the change. Seems the code will
only do that for new users.

You get new salt and rehash the password. I actually adjusted mine so
it re-salts every time the password gets updated.

def password=( passwd )
@password = passwd
return if passwd.blank?
self.passwd_salt = User.salt
self.passwd_hash = User.hash_password( @password, self.passwd_salt )
end

private

def self.salt
Digest::SHA1.hexdigest( rand.to_s )
end

def self.hash_password( password, salt )
Digest::SHA1.hexdigest( password + salt )
end


Greg D.
http://destiney.com/

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs