Password Requests?

When I amended my registration page, I included the digest to encrypt
the password in the database.

If someone forgets their password, how do I get this mailed back to
the user?

The action is as follows:

def remind

    @title = "Remind Me!"

if param_posted?(:user)

        email = params[:user][:email]

        user = User.find_by_email(email)

         If user

         UserMailer.deliver_reminder(@user)

         flash[:notice] = "Reminder sent."

         redirect_to :action => "index", :controller => "site"

         else

           flash[:notice] = "There is no user with that email

address."

         end

end

end

This then calls the reminder part of UserMailer.deliver and sends the
user their username and password.

This template shows… Hello, You have just requested your login
details. Please see below:

Username: <%= @user.username %

Password: <%= @user.password %>

Thing is, with the password, as-is, it just prints the encrypted
string, so is no use to a user.

AT the moment I only mail out the username, as the password at the
moment isn’t helpful.

Is there a way to decrypt for the purposes of reminding someone?

Many Thanks… :slight_smile:

If you are using a one way hash, like ‘digest/sha1’, then you will not
be able to decrypt the password. You can only reset it to something
the system knows then send that password to them.

On Tue, Feb 9, 2010 at 6:54 AM, RubyonRails_newbie
[email protected] wrote:

def remind

details. Please see below:
moment isn’t helpful.


Curtis C.
[email protected]
home:http://curtiscooley.com
blog:http://ponderingobjectorienteddesign.blogspot.com

Leadership is a potent combination of strategy and character. But if
you must be without one, be without the strategy.
– H. Norman Schwarzkopf

how would I go about resetting the password for the user to then go
ahead and change to something more memorable?

Is there a tutorial about this, or can you explain how this is
achieved?

Kind Regards

On Tue, Feb 9, 2010 at 7:14 AM, RubyonRails_newbie
[email protected] wrote:

how would I go about resetting the password for the user to then go
ahead and change to something more memorable?

Is there a tutorial about this, or can you explain how this is
achieved?

Not sure if there are tutorials for this or not. I got my
authorization and authentication code from “Rails Recipes” and “Agile
Development with Rails”.

You should have a change password page anyways. Just create the
standard reset password page that takes the existing password and two
new passwords and changes the password to the new one. It should work
a lot like the registration page.

Then when a user requests a new password, you randomly generate one,
set it as there password, then email them to new password and a link
the change password page.

Curtis C.
[email protected]
home:http://curtiscooley.com
blog:http://ponderingobjectorienteddesign.blogspot.com

Leadership is a potent combination of strategy and character. But if
you must be without one, be without the strategy.
– H. Norman Schwarzkopf

Craig W. wrote:

how would I go about resetting the password for the user to then go
ahead and change to something more memorable?

Is there a tutorial about this, or can you explain how this is
achieved?

If you’re using Authlogic, this is trivial and explained in the docs
IIRC. If you’re not using Authlogic, you should be. :slight_smile:

Kind Regards

Best,
–Â
Marnen Laibow-Koser
http://www.marnen.org
[email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs