Assign random password.
Roger Patrick
I have a user table in my database and what I wish to do is have a
random password generated for each user on create which is then sent to
their email address. I was wondering how I would assign the random
password.
I have the following in my view:
<p>
<div id="p1"><%= t('.username')%></div>
<%= f.text_field :username %>
</p>
<p>
<div id="p1"><%= t('.email')%></div>
<%= f.text_field :email %>
</p>
<p class="button"><%= f.submit 'Create Account' %></p>
The following in my controller:
def create
@user = User.new(params[:user])
respond_to do |format|
if @user.save
Notifier.user_created(@user).deliver
session[:user_id] = @user.id
format.html { redirect_to @user, notice: 'User was successfully
created.' }
format.json { render json: @user, status: :created, location:
@user }
else
format.html { render action: "new" }
format.json { render json: @user.errors, status:
:unprocessable_entity }
end
end
end
And I have the following in my user model:
attr_accessor :password
before_save :encrypt_password
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password,
password_salt)
end
end
def self.random_string(len)
#generate a random password consisting of strings and digits
chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
newpass = ""
1.upto(len) { |i| newpass << chars[rand(chars.size-1)]}
return newpass
end
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash ==
BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
I will have to remove my if password.present? line because it won't be
present but I have the random string code, I just need to assign it to
the hash/salt.
--
Posted via http://www.ruby-forum.com/.
JMcG
@user.password = User.random_string(8)
1.) Don't allow the 'password' attribute to be mass assigned.
2.) The random string method probably doesn't belong in the User class and could be refactored
Hope that helps