When I amended my registration page, I included the digest to encrypt
the password in the database.
If someone forgets their password, how do I get this mailed back to
the user?
The action is as follows:
def remind
@title = "Remind Me!"
if param_posted?(:user)
email = params[:user][:email]
user = User.find_by_email(email)
If user
UserMailer.deliver_reminder(@user)
flash[:notice] = "Reminder sent."
redirect_to :action => "index", :controller => "site"
else
flash[:notice] = "There is no user with that email
address."
end
end
end
This then calls the reminder part of UserMailer.deliver and sends the
user their username and password.
This template shows… Hello, You have just requested your login
details. Please see below:
Username: <%= @user.username %
Password: <%= @user.password %>
Thing is, with the password, as-is, it just prints the encrypted
string, so is no use to a user.
AT the moment I only mail out the username, as the password at the
moment isn’t helpful.
Is there a way to decrypt for the purposes of reminding someone?
Many Thanks… 
If you are using a one way hash, like ‘digest/sha1’, then you will not
be able to decrypt the password. You can only reset it to something
the system knows then send that password to them.
On Tue, Feb 9, 2010 at 6:54 AM, RubyonRails_newbie
[email protected] wrote:
def remind
details. Please see below:
moment isn’t helpful.
Leadership is a potent combination of strategy and character. But if
you must be without one, be without the strategy.
– H. Norman Schwarzkopf
how would I go about resetting the password for the user to then go
ahead and change to something more memorable?
Is there a tutorial about this, or can you explain how this is
achieved?
Kind Regards
On Tue, Feb 9, 2010 at 7:14 AM, RubyonRails_newbie
[email protected] wrote:
how would I go about resetting the password for the user to then go
ahead and change to something more memorable?
Is there a tutorial about this, or can you explain how this is
achieved?
Not sure if there are tutorials for this or not. I got my
authorization and authentication code from “Rails Recipes” and “Agile
Development with Rails”.
You should have a change password page anyways. Just create the
standard reset password page that takes the existing password and two
new passwords and changes the password to the new one. It should work
a lot like the registration page.
Then when a user requests a new password, you randomly generate one,
set it as there password, then email them to new password and a link
the change password page.
Leadership is a potent combination of strategy and character. But if
you must be without one, be without the strategy.
– H. Norman Schwarzkopf
Craig W. wrote:
how would I go about resetting the password for the user to then go
ahead and change to something more memorable?
Is there a tutorial about this, or can you explain how this is
achieved?
If you’re using Authlogic, this is trivial and explained in the docs
IIRC. If you’re not using Authlogic, you should be. 
Kind Regards
Best,
–Â
Marnen Laibow-Koser
http://www.marnen.org
[email protected]
