Sha256: a004d263231814c6f235b554008819d909537456bd99c7ba0901a514f6ac9ac1
Contents?: true
Size: 1.28 KB
Versions: 18
Compression:
Stored size: 1.28 KB
Contents
require 'bcrypt' unless RUBY_PLATFORM == 'opal'
module Volt
class User < Model
field :password
# returns login field name depending on config settings
def self.login_field
if Volt.config.try(:public).try(:auth).try(:use_username)
:username
else
:email
end
end
permissions(:read) do
# Never pass the hashed_password to the client
deny :hashed_password
# Deny all if this isn't the owner
deny if !id == Volt.current_user_id && !new?
end
unless RUBY_PLATFORM == 'opal'
permissions(:update) do
deny unless id == Volt.current_user_id
end
end
validations do
# Only validate password when it has changed
if changed?(:password)
# Don't validate on the server
validate :password, length: 8
end
end
# On the server, we hash the password and remove it (so we just store the hash)
unless RUBY_PLATFORM == 'opal'
before_save :hash_password
def hash_password
password = get('password')
if password.present?
# Clear the password
set('password', nil)
# Set the hashed_password field instead
set('hashed_password', BCrypt::Password.create(password))
end
end
end
end
end
Version data entries
18 entries across 18 versions & 1 rubygems