Validating login form


#1

Hi,

when i submit form with blank username and password its not showing
errors. its only showing unsuccessful why?. by the by how to validate
html forms with out atbase link…

Thanks in advance…


login.rhtml


<%= error_messages_for “user” %>
<%= start_form_tag :action=> “login” %>

Login

Login:

<%= text_field “user”, “login”, :size => 20 %>

Password:

<%= password_field “user”, “password”, :size => 20 %>

<%= submit_tag “Submit” %>

<%= link_to ‘Register’, :action => ‘signup’ %> |
<%= link_to ‘Forgot my password’, :action => ‘forgot_password’ %>

<%= end_form_tag %>


user_controller.rb


class UserController < ApplicationController
layout “languages”

before_filter :login_required, :only
=>[‘welcome’,‘change_password’,‘hidden’]

def signup
@user = User.new(@params[:user])
if request.post?
if @user.save
session[:user] = User.authenticate(@user.login, @user.password)
flash[:message] = “Signup successful”
redirect_to :action => “welcome”
else
flash[:warning] = “Signup unsuccessful”
end
end

end

def login
if request.post?
if session[:user] = User.authenticate(params[:user][:login],
params[:user][:password])
flash[:notice] = “Login successful”
redirect_to_stored
else
flash[:notice] = “Login Unsuccessful”
end
end

end

def logout

session[:user] = nil
flash[:message] = ‘Logged out’
redirect_to :action => ‘login’

end

def delete
end

def edit
end

def forgot_password
if request.post?
u= User.find_by_email(params[:user][:email])
if u and u.send_new_password
flash[:message] = “A new password has been sent by email.”
redirect_to :action=>‘login’
else
flash[:warning] = “Couldn’t send password”
end
end
end

def change_password
@user=session[:user]
if request.post?
@user.update_attributes(:password=>params[:user][:password],
:password_confirmation => params[:user][:password_confirmation])
if @user.save
flash[:message]=“Password Changed”
end
end
end

def welcome
end

def hidden
end

end


user.rb(model)


require ‘digest/sha1’
class User < ActiveRecord::Base

validates_length_of :login, :within => 3…40
validates_length_of :password, :within => 5…40
validates_presence_of :login, :email, :password,
:password_confirmation, :salt
validates_uniqueness_of :login, :email
validates_confirmation_of :password
validates_format_of :email, :with =>
/^([^@\s]+)@((?:[-a-z0-9]+.)+[a-z]{2,})$/i, :message => “Invalid email”

attr_protected :id, :salt

attr_accessor :password, :password_confirmation
def validate
errors.add(:login, ‘cannot be the same as away team’) if home_team_id
== away_team_id
end

def self.authenticate(login, pass)
u=find(:first, :conditions=>[“login = ?”, login])
return nil if u.nil?
return u if User.encrypt(pass, u.salt)==u.hashed_password
nil
end

def password=(pass)
@password=pass
self.salt = User.random_string(10) if !self.salt?
self.hashed_password = User.encrypt(@password, self.salt)
end

def send_new_password
new_pass = User.random_string(10)
self.password = self.password_confirmation = new_pass
self.save
Notifications.deliver_forgot_password(self.email, self.login,
new_pass)
end

protected

def self.encrypt(pass, salt)
Digest::SHA1.hexdigest(pass+salt)
end

def self.random_string(len)
#generat a random password consisting of strings and digits
chars = (“a”…“z”).to_a + (“A”…“Z”).to_a + (“0”…“9”).to_a
newpass = “”
1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
return newpass
end

end