Forum: Ruby on Rails validating login form

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
85c15595356c7d4e5d69ab33c03438dc?d=identicon&s=25 Sharma Chelluri (rubysharma)
on 2007-03-01 21:11
Hi,

when i submit form with blank username and password its not showing
errors. its only showing unsuccessful why?. by the by how to validate
html forms with out atbase link..

Thanks in advance..
*************************************************************
login.rhtml
*************************************************************
<%= error_messages_for "user" %>
<%= start_form_tag :action=> "login" %>
<h3>Login</h3>

<label for="user_login">Login:</label><br/>
<%= text_field "user", "login", :size => 20 %><br/>

<label for="user_password">Password:</label><br/>
<%= password_field "user", "password", :size => 20 %><br/>

<%= submit_tag "Submit" %><br />

<%= link_to 'Register', :action => 'signup' %> |
<%= link_to 'Forgot my password', :action => 'forgot_password' %>

<%= end_form_tag %>

*************************************************************
user_controller.rb
*************************************************************
class UserController < ApplicationController
layout "languages"

  before_filter :login_required, :only
=>['welcome','change_password','hidden']

  def signup
  @user = User.new(@params[:user])
    if request.post?
      if @user.save
        session[:user] = User.authenticate(@user.login, @user.password)
        flash[:message] = "Signup successful"
        redirect_to :action => "welcome"
      else
        flash[:warning] = "Signup unsuccessful"
      end
    end

  end

  def login
  if request.post?
      if session[:user] = User.authenticate(params[:user][:login],
params[:user][:password])
        flash[:notice]  = "Login successful"
        redirect_to_stored
      else
        flash[:notice] = "Login Unsuccessful"
      end
    end

  end

  def logout

  session[:user] = nil
    flash[:message] = 'Logged out'
    redirect_to :action => 'login'

  end

  def delete
  end

  def edit
  end

  def forgot_password
  if request.post?
      u= User.find_by_email(params[:user][:email])
      if u and u.send_new_password
        flash[:message]  = "A new password has been sent by email."
        redirect_to :action=>'login'
      else
        flash[:warning]  = "Couldn't send password"
      end
    end
  end

   def change_password
    @user=session[:user]
    if request.post?
      @user.update_attributes(:password=>params[:user][:password],
:password_confirmation => params[:user][:password_confirmation])
      if @user.save
        flash[:message]="Password Changed"
      end
    end
  end

  def welcome
  end

  def hidden
  end

end

*************************************************************
user.rb(model)
*************************************************************
require 'digest/sha1'
class User < ActiveRecord::Base

validates_length_of :login, :within => 3..40
  validates_length_of :password, :within => 5..40
  validates_presence_of :login, :email, :password,
:password_confirmation, :salt
  validates_uniqueness_of :login, :email
  validates_confirmation_of :password
  validates_format_of :email, :with =>
/^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :message => "Invalid email"

  attr_protected :id, :salt

  attr_accessor :password, :password_confirmation
 def validate
   errors.add(:login, 'cannot be the same as away team') if home_team_id
== away_team_id
 end

  def self.authenticate(login, pass)
    u=find(:first, :conditions=>["login = ?", login])
    return nil if u.nil?
    return u if User.encrypt(pass, u.salt)==u.hashed_password
    nil
  end

  def password=(pass)
    @password=pass
    self.salt = User.random_string(10) if !self.salt?
    self.hashed_password = User.encrypt(@password, self.salt)
  end

  def send_new_password
    new_pass = User.random_string(10)
    self.password = self.password_confirmation = new_pass
    self.save
    Notifications.deliver_forgot_password(self.email, self.login,
new_pass)
  end

  protected

  def self.encrypt(pass, salt)
    Digest::SHA1.hexdigest(pass+salt)
  end

  def self.random_string(len)
    #generat a random password consisting of strings and digits
    chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
    newpass = ""
    1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
    return newpass
  end


end

*************************************************************
*************************************************************
This topic is locked and can not be replied to.