Sha256: ac558d0642df03721fbfa4ab38f15349897e35ba01389cad1102dfd144219d2e
Contents?: true
Size: 1.42 KB
Versions: 6
Compression:
Stored size: 1.42 KB
Contents
require 'bcrypt' unless RUBY_PLATFORM == 'opal'
module Volt
class User < Model
field :hashed_password
def password=(val)
set(:password, val)
end
def password
get(:password)
end
# returns login field name depending on config settings
def self.login_field
if Volt.config.try(:public).try(:auth).try(:use_username)
:username
else
:email
end
end
permissions(:read) do
# Never pass the hashed_password to the client
deny :hashed_password
# Deny all if this isn't the owner
deny if !id == Volt.current_user_id && !new?
end
unless RUBY_PLATFORM == 'opal'
permissions(:update) do
deny unless id == Volt.current_user_id
end
end
validations do
# Only validate password when it has changed
if changed?(:password)
# Don't validate on the server
validate :password, length: 8
end
end
# On the server, we hash the password and remove it (so we just store the hash)
unless RUBY_PLATFORM == 'opal'
before_save :hash_password
def hash_password
password = get('password')
if password.present?
# Clear the password
# set('password', nil)
# Set the hashed_password field instead
set('hashed_password', BCrypt::Password.create(password))
delete('password')
end
end
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems