Refactor code related to authentication:

* User model * SessionsController
2011-08-25 21:46:29 +00:00
parent 07c2b5f525
commit 4f66db2682
4 changed files with 53 additions and 71 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -2,15 +2,12 @@ class SessionsController < ApplicationController
  skip_before_filter :authenticate!, :only => [:new, :create]

  def create
-    user = User.authenticate(
-      params[:session][:email],
-      params[:session][:password]
-    )
-    if ! user
-      render 'new'
-    else
+    user = User.find_by_email(params[:session][:email])
+    if user.try(:authenticate?, params[:session][:password])
      self.current_user = user
      redirect_to :root
+    else
+      render 'new'
    end
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -3,31 +3,18 @@ require 'bcrypt'
 class User < ActiveRecord::Base
  include BCrypt

-  attr_accessor :password
+  attr_reader :password
  attr_accessible :email, :password, :password_confirmation

-  validates_presence_of :email
+  validates_presence_of :email, :password_hash
+  validates_confirmation_of :password

-  validates :password,
-    :presence     => true,
-    :confirmation => true
-
-  before_save :hash_password
-
-  def self.authenticate(email, password)
-    user = find_by_email(email)
-    return false if user.nil?
-    return user if Password.new(user.password_hash) == password
+  def password=(plain_password)
+    @password = plain_password
+    self.password_hash = Password.create(plain_password)
  end

-
-  private
-
-  def hash_password
-    self.password_hash = bcrypt(password)
-  end
-
-  def bcrypt(string)
-    Password.create(string)
+  def authenticate?(password)
+    Password.new(password_hash) == password
  end
 end