RE: Agile book - getting confusing error

Craig:
I’ve used that code in three separate applications… I know it works.
I’ve made some minor changes to this code which I will send to you so
you can try it out.

Assuming your table is:

ActiveRecord::Schema.define() do
create_table “users”, :force => true do |t|
t.column “username”, :string, :limit => 100, :default => “”, :null
=> false
t.column “hashed_password”, :string, :default => “”, :null => false
end
end

Or something along those lines, then the Agile book’s code should work
just fine.
You are correct: You should not have a password field in your
database. The “password” is only used to hold the clear-text password
until it is hashed. (self.hashed_password =
User.hash_password(self.password))

–user.rb ----

require “digest/sha1”
class User < ActiveRecord::Base
attr_accessor :password
validates_uniqueness_of :username
validates_presence_of :username

def validate_on_create
if self.password == “” or self.password.nil?
errors.add_to_base(“Password field must not be left blank!”)
end
end

hash the password for storage in the DB

def before_create
self.hashed_password = User.hash_password(self.password)
end

hash the password before updating but only if the password field is

actually

filled in. This helps to prevent changing the password accidentally

on an update.
def before_update()
unless self.password.nil?
self.password = User.hash_password(self.password)
end
end

def after_create
self.password = nil
end

This exists so that you can easily create a “user” by

simply passing the form params to this object and “try to login”

on that object. It’s just to reduce code.

def try_to_login
User.login(self.username, self.password)
end

private
def self.hash_password(password)
Digest::SHA1.hexdigest(password)
end

Receives a username and password

def self.login(username, password)
hashed_password = hash_password(password || “”)
find(:first,
:conditions => [“username = ? and hashed_password = ?”,
username, hashed_password])
end
End

—/user.rb--------

I hope this helps you get moving a bit more.

-Brian

Yeah…I blew it on the table…cuz I was looking at Chad’s ‘Recipes’
and at Agile book and trying to work out the issues. Chad’s ‘Recipes’
threw me for a loop because it 'require “digest/md5” which turns out
that I don’t have that installed - had to figure it out from
script/console and so I punted back to Agile book which uses
“digest/sha1” which is installed at which point the postgres table was
already created with a ‘password’ column and Agile book clearly uses
‘hashed_password’ as the column. *** Doh ***

Thanks

Craig

PS…I’m not interested at this point in adding digest/md5