D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
opt
/
td-agent
/
embedded
/
lib
/
ruby
/
gems
/
2.1.0
/
gems
/
fluentd-ui-0.4.4
/
app
/
models
/
Filename :
user.rb
back
Copy
# NOTE: Application has "admin" user only # admin's password can be changed from browser, but user name "admin" can't be changed. # many clients can login at the same time (App has multiple active sessions) # raw password shouldn't be compromised (except default password) # you may find detail at https://github.com/treasure-data/fluentd-ui/pull/34 class User include ActiveModel::Model SALT = "XG16gfdC5IFRaQ3c".freeze ENCRYPTED_PASSWORD_FILE = FluentdUI.data_dir + "/#{Rails.env}-user-pwhash.txt" attr_accessor :name, :password, :password_confirmation, :current_password validates :name, presence: true validates :password, length: { minimum: 8 } validate :valid_current_password validate :valid_password_confirmation def authenticate(unencrypted_password) return false if @name != "admin" digest(unencrypted_password) == stored_digest end def digest(unencrypted_password) unencrypted_password ||= "" hash = Digest::SHA1.hexdigest(SALT + unencrypted_password) stretching_cost.times do hash = Digest::SHA1.hexdigest(hash + SALT + unencrypted_password) end hash end def stored_digest if File.exist?(ENCRYPTED_PASSWORD_FILE) File.read(ENCRYPTED_PASSWORD_FILE).rstrip else digest(Settings.default_password) end end def update_attributes(params) params.each_pair do |key, value| send("#{key}=", value) end return false unless valid? File.open(ENCRYPTED_PASSWORD_FILE, "w") do |f| f.write digest(password) end end def valid_current_password unless authenticate(current_password) errors.add(:current_password, :wrong_password) end end def valid_password_confirmation if password != password_confirmation errors.add(:password, :confirmation, attribute: User.human_attribute_name(:password_confirmation)) end end def stretching_cost Rails.env.test? ? 1 : 20000 end end