1. Remember me
When the user login and checks the “Remember me” checkbox, the :save_login parameter is set, the User instance remember_me method invoked and the :auth_token cookie set...
class AccountController < ApplicationController
def login
case @request.method
when :post
if @session[:user] = User.authenticate(@params[:user_login], @params[:user_password])
flash['notice'] = "Login successful"
if @params[:save_login] == "1"
@session[:user].remember_me
cookies[:auth_token] = { :value => @session[:user].remember_token , :expires => @session[:user].remember_token_expires }
end
redirect_back_or_default :controller => "time"
else
flash.now['notice'] = "Login unsuccessful"
@login = @params[:user_login]
end
end
end
def logout
@session[:user].forget_me if @session[:user]
@session[:user] = nil
cookies.delete :auth_token
end
end
2. login_from_cookie
The next time the user visits the website the “login_from_cookie” filter is triggered. This method checks that the user is not logged in and that the :auth_token cookie is set. If that’s the case the user matching the :auth_token is searched and the token_expiration verified the the user is automatically logged in. Et voila! I guess auto_login would be more appropriate as method name.
class ApplicationController < ActionController::Base
before_filter :login_from_cookie
def login_from_cookie
return unless cookies[:auth_token] && @session[:user].nil?
user = User.find_by_remember_token(cookies[:auth_token])
if user && !user.remember_token_expires.nil? && Time.now < user.remember_token_expires
@session[:user] = user
end
end
end
3. the User class
The User class has two methods to set and remove the token from the database. It’s pretty secure as from the token the user cannot be identified without having the salt, the email, and the token expiration, which is most unlikely to be recreated. It could be even more secure by just encrypting some random unique identifier. The only issue I encountered was that the user class always forces the password validation and encryption when saving. For now I just bypass validation and encryption when setting and clearing the remember_me token.
class User < ActiveRecord::Base
def remember_me
self.remember_token_expires = 2.weeks.from_now
self.remember_token = Digest::SHA1.hexdigest("#{salt}--#{self.email}--#{self.remember_token_expires}")
self.password = "" # This bypasses password encryption, thus leaving password intact
self.save_with_validation(false)
end
def forget_me
self.remember_token_expires = nil
self.remember_token = nil
self.password = "" # This bypasses password encryption, thus leaving password intact
self.save_with_validation(false)
end
end
my blog is abt wht i have learnt technically, mostly in Ruby on Rails, Javascript, node.js hope this share a little bit of info & adds a bit stuff., Thanks.
Tuesday, June 29, 2010
Wednesday, June 23, 2010
FaceBook Javascript SDK Like button examples
<h1>Defaults</h1>
<fb:like></fb:like>
<h1>Explicit href</h1>
<fb:like href="http://fbrell.com"></fb:like>
<h1>Custom Font</h1>
<fb:like font="trebuchet ms" href="http://fbrell.com"></fb:like>
<h1>Disable Faces</h1>
<fb:like show_faces="no" href="http://fbrell.com"></fb:like>
<h1>Button Count</h1>
<fb:like layout="button_count" href="http://fbrell.com"></fb:like>
<h1>Narrow</h1>
<fb:like width="200" href="http://fbrell.com"></fb:like>
<h1>Narrow no faces</h1>
<fb:like width="200" show_faces="no" href="http://fbrell.com"></fb:like>
<h1>Recommend</h1>
<fb:like href="http://fbrell.com"></fb:like>
<h1>Dark</h1>
<div style="background-color: black; padding: 10px;">
<fb:like colorscheme="dark" href="http://fbrell.com"></fb:like>
</div>
<h1>Dark Button SuscribeCount</h1>
<fb:like layout="button_count" colorscheme="dark" href="http://fbrell.com"></fb:like>
To Subscribe the likes
<script>
// this will fire when any of the like widgets are "liked" by the user
FB.Event.subscribe('edge.create', function(href, widget) {
Log.info('You liked ' + href, widget);
});
</script>
Source: http://developers.facebook.com/tools/console/ -> examples
<fb:like></fb:like>
<h1>Explicit href</h1>
<fb:like href="http://fbrell.com"></fb:like>
<h1>Custom Font</h1>
<fb:like font="trebuchet ms" href="http://fbrell.com"></fb:like>
<h1>Disable Faces</h1>
<fb:like show_faces="no" href="http://fbrell.com"></fb:like>
<h1>Button Count</h1>
<fb:like layout="button_count" href="http://fbrell.com"></fb:like>
<h1>Narrow</h1>
<fb:like width="200" href="http://fbrell.com"></fb:like>
<h1>Narrow no faces</h1>
<fb:like width="200" show_faces="no" href="http://fbrell.com"></fb:like>
<h1>Recommend</h1>
<fb:like href="http://fbrell.com"></fb:like>
<h1>Dark</h1>
<div style="background-color: black; padding: 10px;">
<fb:like colorscheme="dark" href="http://fbrell.com"></fb:like>
</div>
<h1>Dark Button SuscribeCount</h1>
<fb:like layout="button_count" colorscheme="dark" href="http://fbrell.com"></fb:like>
To Subscribe the likes
<script>
// this will fire when any of the like widgets are "liked" by the user
FB.Event.subscribe('edge.create', function(href, widget) {
Log.info('You liked ' + href, widget);
});
</script>
Source: http://developers.facebook.com/tools/console/ -> examples
Monday, June 14, 2010
using map with html images
Wanna Use 1 image with 2 links??
<img src="/images/submit.png" width="219" height="59" border="0" usemap="#Map" />
<map name="Map" id="Map">
<area shape="rect" coords="17,15,218,44" href="http://www.google.com" />
<area shape="rect" coords="8,46,219,59" href="http://yahoo.com />
</map>
<img src="/images/submit.png" width="219" height="59" border="0" usemap="#Map" />
<map name="Map" id="Map">
<area shape="rect" coords="17,15,218,44" href="http://www.google.com" />
<area shape="rect" coords="8,46,219,59" href="http://yahoo.com />
</map>
Thursday, June 3, 2010
Making a http/https post request
Spent an hour to find out how to send a https post request and this is how ..
require 'rubygems'
require 'net/http'
require 'net/https'
require 'uri'
http = Net::HTTP.new('facebook.com', 443)
http.use_ssl = true
path = "/oauth/access_token"
data = 'id=123456'
resp, data = http.post(path, data)
puts resp.inspect
puts data.inspect
require 'net/http'
require 'net/https'
require 'uri'
http = Net::HTTP.new('facebook.com', 443)
http.use_ssl = true
path = "/oauth/access_token"
data = 'id=123456'
resp, data = http.post(path, data)
puts resp.inspect
puts data.inspect
Subscribe to:
Posts (Atom)