RubyGems - corntrace-nifty-generators - Versions diffs - 0.4.0 - Mend

corntrace-nifty-generators 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

data/lib/generators/nifty/authentication/templates/authentication.rb ADDED Viewed

@@ -0,0 +1,60 @@
+# This module is included in your application controller which makes
+# several methods available to all controllers and views. Here's a
+# common example you might add to your application layout file.
+#
+#   <%% if logged_in? %>
+#     Welcome <%%= current_<%= user_singular_name %>.username %>! Not you?
+#     <%%= link_to "Log out", logout_path %>
+#   <%% else %>
+#     <%%= link_to "Sign up", signup_path %> or
+#     <%%= link_to "log in", login_path %>.
+#   <%% end %>
+#
+# You can also restrict unregistered users from accessing a controller using
+# a before filter. For example.
+#
+#   before_filter :login_required, :except => [:index, :show]
+module Authentication
+  def self.included(controller)
+    controller.send :helper_method, :current_<%= user_singular_name %>, :logged_in?, :redirect_to_target_or_default
+  end
+<%- if options[:authlogic] -%>
+  def current_<%= session_singular_name %>
+    return @current_<%= session_singular_name %> if defined?(@current_<%= session_singular_name %>)
+    @current_<%= session_singular_name %> = <%= session_class_name %>.find
+  end
+  def current_<%= user_singular_name %>
+    return @current_<%= user_singular_name %> if defined?(@current_<%= user_singular_name %>)
+    @current_<%= user_singular_name %> = current_<%= session_singular_name %> && current_<%= session_singular_name %>.record
+  end
+<%- else -%>
+  def current_<%= user_singular_name %>
+    @current_<%= user_singular_name %> ||= <%= user_class_name %>.find(session[:<%= user_singular_name %>_id]) if session[:<%= user_singular_name %>_id]
+  end
+<%- end -%>
+  def logged_in?
+    current_<%= user_singular_name %>
+  end
+  def login_required
+    unless logged_in?
+      flash[:error] = "You must first log in or sign up before accessing this page."
+      store_target_location
+      redirect_to login_url
+    end
+  end
+  def redirect_to_target_or_default(default)
+    redirect_to(session[:return_to] || default)
+    session[:return_to] = nil
+  end
+  private
+  def store_target_location
+    session[:return_to] = request.request_uri
+  end
+end

data/lib/generators/nifty/authentication/templates/authlogic_session.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ class <%= session_class_name %> < Authlogic::Session::Base
2	+ end

data/lib/generators/nifty/authentication/templates/fixtures.yml ADDED Viewed

@@ -0,0 +1,24 @@
+# password: "secret"
+foo:
+  username: foo
+  email: foo@example.com
+<%- if options[:authlogic] -%>
+  persistence_token: d5ddba13ed4408ea2b0a12ab18ed2d2eda086279736bdc121ca726a11f1e4b99217d9c534c2cc4ebb22729349c8c5fdbe1529e1f2c3c5859c62ef4dd9feea25c
+  crypted_password: 3d16c326648cccafe3d4b4cb024475c381dda92f430dfedf6f933e1f61203bacb6bae2437849bdb43b06be335e23790e4aa03902b3c28c3bbbbe27d501e521f3
+  password_salt: n6z_wtpWoIsHgQb5IcFd
+<%- else -%>
+  password_hash: 3488f5f7efecab14b91eb96169e5e1ee518a569f
+  password_salt: bef65e058905c379436d80d1a32e7374b139e7b0
+<%- end -%>
+bar:
+  username: bar
+  email: bar@example.com
+<%- if options[:authlogic] -%>
+  persistence_token: 19e074bd7cb506ab3e7e53e41f24f0ab3221c8cb68111f4c1aa43965114ad734233979a50a9463537487cdca18c279ac91c4bc83693d589625d446493322394c
+  crypted_password: 3bc9f4113ca645a186765df3d31a9352d0067bf2304ba0cdd6b08a7f3d58c6668ab1762fa3e76aef466ea2ff188399d8e6c40244fa59312bb4112292dac9f7f0
+  password_salt: UiAh9ejabnKRxqsiK0xO
+<%- else -%>
+  password_hash: 3488f5f7efecab14b91eb96169e5e1ee518a569f
+  password_salt: bef65e058905c379436d80d1a32e7374b139e7b0
+<%- end -%>

data/lib/generators/nifty/authentication/templates/migration.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class Create<%= user_plural_class_name %> < ActiveRecord::Migration
+  def self.up
+    create_table :<%= user_plural_name %> do |t|
+      t.string :username
+      t.string :email
+    <%- if options[:authlogic] -%>
+      t.string :persistence_token
+      t.string :crypted_password
+    <%- else -%>
+      t.string :password_hash
+    <%- end -%>
+      t.string :password_salt
+      t.timestamps
+    end
+  end
+  def self.down
+    drop_table :<%= user_plural_name %>
+  end
+end

data/lib/generators/nifty/authentication/templates/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,45 @@
+class <%= session_plural_class_name %>Controller < ApplicationController
+<%- if options[:authlogic] -%>
+  def new
+    @<%= session_singular_name %> = <%= session_class_name %>.new
+  end
+  def create
+    @<%= session_singular_name %> = <%= session_class_name %>.new(params[:<%= session_singular_name %>])
+    if @<%= session_singular_name %>.save
+      flash[:notice] = "Logged in successfully."
+      redirect_to_target_or_default("/")
+    else
+      render :action => 'new'
+    end
+  end
+  def destroy
+    @<%= session_singular_name %> = <%= session_class_name %>.find
+    @<%= session_singular_name %>.destroy
+    flash[:notice] = "You have been logged out."
+    redirect_to "/"
+  end
+<%- else -%>
+  def new
+  end
+  def create
+    <%= user_singular_name %> = <%= user_class_name %>.authenticate(params[:login], params[:password])
+    if <%= user_singular_name %>
+      session[:<%= user_singular_name %>_id] = <%= user_singular_name %>.id
+      flash[:notice] = "Logged in successfully."
+      redirect_to_target_or_default("/")
+    else
+      flash.now[:error] = "Invalid login or password."
+      render :action => 'new'
+    end
+  end
+  def destroy
+    session[:<%= user_singular_name %>_id] = nil
+    flash[:notice] = "You have been logged out."
+    redirect_to "/"
+  end
+<%- end -%>
+end

data/lib/generators/nifty/authentication/templates/sessions_helper.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ module <%= session_plural_class_name %>Helper
2	+ end

data/lib/generators/nifty/authentication/templates/tests/rspec/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe <%= session_plural_class_name %>Controller do
+  fixtures :all
+  integrate_views
+  it "new action should render new template" do
+    get :new
+    response.should render_template(:new)
+  end
+<%- if options[:authlogic] -%>
+  it "create action should render new template when authentication is invalid" do
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "badpassword" }
+    response.should render_template(:new)
+    <%= session_class_name %>.find.should be_nil
+  end
+  it "create action should redirect when authentication is valid" do
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "secret" }
+    response.should redirect_to("/")
+    <%= session_class_name %>.find.<%= user_singular_name %>.should == <%= user_plural_name %>(:foo)
+  end
+<%- else -%>
+  it "create action should render new template when authentication is invalid" do
+    <%= user_class_name %>.stubs(:authenticate).returns(nil)
+    post :create
+    response.should render_template(:new)
+    session['<%= user_singular_name %>_id'].should be_nil
+  end
+  it "create action should redirect when authentication is valid" do
+    <%= user_class_name %>.stubs(:authenticate).returns(<%= user_class_name %>.first)
+    post :create
+    response.should redirect_to("/")
+    session['<%= user_singular_name %>_id'].should == <%= user_class_name %>.first.id
+  end
+<%- end -%>
+end

data/lib/generators/nifty/authentication/templates/tests/rspec/user.rb ADDED Viewed

@@ -0,0 +1,83 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe <%= user_class_name %> do
+<%- unless options[:authlogic] -%>
+  def new_<%= user_singular_name %>(attributes = {})
+    attributes[:username] ||= 'foo'
+    attributes[:email] ||= 'foo@example.com'
+    attributes[:password] ||= 'abc123'
+    attributes[:password_confirmation] ||= attributes[:password]
+    <%= user_class_name %>.new(attributes)
+  end
+  before(:each) do
+    <%= user_class_name %>.delete_all
+  end
+  it "should be valid" do
+    new_<%= user_singular_name %>.should be_valid
+  end
+  it "should require username" do
+    new_<%= user_singular_name %>(:username => '').should have(1).error_on(:username)
+  end
+  it "should require password" do
+    new_<%= user_singular_name %>(:password => '').should have(1).error_on(:password)
+  end
+  it "should require well formed email" do
+    new_<%= user_singular_name %>(:email => 'foo@bar@example.com').should have(1).error_on(:email)
+  end
+  it "should validate uniqueness of email" do
+    new_<%= user_singular_name %>(:email => 'bar@example.com').save!
+    new_<%= user_singular_name %>(:email => 'bar@example.com').should have(1).error_on(:email)
+  end
+  it "should validate uniqueness of username" do
+    new_<%= user_singular_name %>(:username => 'uniquename').save!
+    new_<%= user_singular_name %>(:username => 'uniquename').should have(1).error_on(:username)
+  end
+  it "should not allow odd characters in username" do
+    new_<%= user_singular_name %>(:username => 'odd ^&(@)').should have(1).error_on(:username)
+  end
+  it "should validate password is longer than 3 characters" do
+    new_<%= user_singular_name %>(:password => 'bad').should have(1).error_on(:password)
+  end
+  it "should require matching password confirmation" do
+    new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').should have(1).error_on(:password)
+  end
+  it "should generate password hash and salt on create" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>
+    <%= user_singular_name %>.save!
+    <%= user_singular_name %>.password_hash.should_not be_nil
+    <%= user_singular_name %>.password_salt.should_not be_nil
+  end
+  it "should authenticate by username" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret')
+    <%= user_singular_name %>.save!
+    <%= user_class_name %>.authenticate('foobar', 'secret').should == <%= user_singular_name %>
+  end
+  it "should authenticate by email" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:email => 'foo@bar.com', :password => 'secret')
+    <%= user_singular_name %>.save!
+    <%= user_class_name %>.authenticate('foo@bar.com', 'secret').should == <%= user_singular_name %>
+  end
+  it "should not authenticate bad username" do
+    <%= user_class_name %>.authenticate('nonexisting', 'secret').should be_nil
+  end
+  it "should not authenticate bad password" do
+    new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret').save!
+    <%= user_class_name %>.authenticate('foobar', 'badpassword').should be_nil
+  end
+<%- end -%>
+end

data/lib/generators/nifty/authentication/templates/tests/rspec/users_controller.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe <%= user_plural_class_name %>Controller do
+  fixtures :all
+  integrate_views
+  it "new action should render new template" do
+    get :new
+    response.should render_template(:new)
+  end
+  it "create action should render new template when model is invalid" do
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+    post :create
+    response.should render_template(:new)
+  end
+  it "create action should redirect when model is valid" do
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+    post :create
+    response.should redirect_to("/")
+  <%- unless options[:authlogic] -%>
+    session['<%= user_singular_name %>_id'].should == assigns['<%= user_singular_name %>'].id
+  <%- end -%>
+  end
+end

data/lib/generators/nifty/authentication/templates/tests/shoulda/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,40 @@
+require 'test_helper'
+class <%= session_plural_class_name %>ControllerTest < ActionController::TestCase
+  context "new action" do
+    should "render new template" do
+      get :new
+      assert_template 'new'
+    end
+  end
+  context "create action" do
+  <%- if options[:authlogic] -%>
+    should "render new template when authentication is invalid" do
+      post :create, :<%= session_singular_name %> => { :username => "foo", :password => "badpassword" }
+      assert_template 'new'
+      assert_nil <%= session_class_name %>.find
+    end
+    should "redirect when authentication is valid" do
+      post :create, :<%= session_singular_name %> => { :username => "foo", :password => "secret" }
+      assert_redirected_to "/"
+      assert_equal <%= user_plural_name %>(:foo), <%= session_class_name %>.find.<%= user_singular_name %>
+    end
+  <%- else -%>
+    should "render new template when authentication is invalid" do
+      <%= user_class_name %>.stubs(:authenticate).returns(nil)
+      post :create
+      assert_template 'new'
+      assert_nil session['<%= user_singular_name %>_id']
+    end
+    should "redirect when authentication is valid" do
+      <%= user_class_name %>.stubs(:authenticate).returns(<%= user_class_name %>.first)
+      post :create
+      assert_redirected_to "/"
+      assert_equal <%= user_class_name %>.first.id, session['<%= user_singular_name %>_id']
+    end
+  <%- end -%>
+  end
+end

data/lib/generators/nifty/authentication/templates/tests/shoulda/user.rb ADDED Viewed

@@ -0,0 +1,85 @@
+require 'test_helper'
+class <%= user_class_name %>Test < ActiveSupport::TestCase
+<%- unless options[:authlogic] -%>
+  def new_<%= user_singular_name %>(attributes = {})
+    attributes[:username] ||= 'foo'
+    attributes[:email] ||= 'foo@example.com'
+    attributes[:password] ||= 'abc123'
+    attributes[:password_confirmation] ||= attributes[:password]
+    <%= user_singular_name %> = <%= user_class_name %>.new(attributes)
+    <%= user_singular_name %>.valid? # run validations
+    <%= user_singular_name %>
+  end
+  def setup
+    <%= user_class_name %>.delete_all
+  end
+  should "be valid" do
+    assert new_<%= user_singular_name %>.valid?
+  end
+  should "require username" do
+    assert new_<%= user_singular_name %>(:username => '').errors[:username]
+  end
+  should "require password" do
+    assert new_<%= user_singular_name %>(:password => '').errors[:password]
+  end
+  should "require well formed email" do
+    assert new_<%= user_singular_name %>(:email => 'foo@bar@example.com').errors[:email]
+  end
+  should "validate uniqueness of email" do
+    new_<%= user_singular_name %>(:email => 'bar@example.com').save!
+    assert new_<%= user_singular_name %>(:email => 'bar@example.com').errors[:email]
+  end
+  should "validate uniqueness of username" do
+    new_<%= user_singular_name %>(:username => 'uniquename').save!
+    assert new_<%= user_singular_name %>(:username => 'uniquename').errors[:username]
+  end
+  should "not allow odd characters in username" do
+    assert new_<%= user_singular_name %>(:username => 'odd ^&(@)').errors[:username]
+  end
+  should "validate password is longer than 3 characters" do
+    assert new_<%= user_singular_name %>(:password => 'bad').errors[:password]
+  end
+  should "require matching password confirmation" do
+    assert new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').errors[:password]
+  end
+  should "generate password hash and salt on create" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>
+    <%= user_singular_name %>.save!
+    assert <%= user_singular_name %>.password_hash
+    assert <%= user_singular_name %>.password_salt
+  end
+  should "authenticate by username" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foobar', 'secret')
+  end
+  should "authenticate by email" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:email => 'foo@bar.com', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foo@bar.com', 'secret')
+  end
+  should "not authenticate bad username" do
+    assert_nil <%= user_class_name %>.authenticate('nonexisting', 'secret')
+  end
+  should "not authenticate bad password" do
+    new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret').save!
+    assert_nil <%= user_class_name %>.authenticate('foobar', 'badpassword')
+  end
+<%- end -%>
+end

data/lib/generators/nifty/authentication/templates/tests/shoulda/users_controller.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require 'test_helper'
+class <%= user_plural_class_name %>ControllerTest < ActionController::TestCase
+  context "new action" do
+    should "render new template" do
+      get :new
+      assert_template 'new'
+    end
+  end
+  context "create action" do
+    should "render new template when model is invalid" do
+      <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+      post :create
+      assert_template 'new'
+    end
+    should "redirect when model is valid" do
+      <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+      post :create
+      assert_redirected_to "/"
+    <%- unless options[:authlogic] -%>
+      assert_equal assigns['<%= user_singular_name %>'].id, session['<%= user_singular_name %>_id']
+    <%- end -%>
+    end
+  end
+end

data/lib/generators/nifty/authentication/templates/tests/testunit/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,36 @@
+require 'test_helper'
+class <%= session_plural_class_name %>ControllerTest < ActionController::TestCase
+  def test_new
+    get :new
+    assert_template 'new'
+  end
+<%- if options[:authlogic] -%>
+  def test_create_invalid
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "badpassword" }
+    assert_template 'new'
+    assert_nil <%= session_class_name %>.find
+  end
+  def test_create_valid
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "secret" }
+    assert_redirected_to "/"
+    assert_equal <%= user_plural_name %>(:foo), <%= session_class_name %>.find.<%= user_singular_name %>
+  end
+<%- else -%>
+  def test_create_invalid
+    <%= user_class_name %>.stubs(:authenticate).returns(nil)
+    post :create
+    assert_template 'new'
+    assert_nil session['<%= user_singular_name %>_id']
+  end
+  def test_create_valid
+    <%= user_class_name %>.stubs(:authenticate).returns(<%= user_class_name %>.first)
+    post :create
+    assert_redirected_to "/"
+    assert_equal <%= user_class_name %>.first.id, session['<%= user_singular_name %>_id']
+  end
+<%- end -%>
+end

data/lib/generators/nifty/authentication/templates/tests/testunit/user.rb ADDED Viewed

@@ -0,0 +1,88 @@
+require 'test_helper'
+class <%= user_class_name %>Test < ActiveSupport::TestCase
+<%- unless options[:authlogic] -%>
+  def new_<%= user_singular_name %>(attributes = {})
+    attributes[:username] ||= 'foo'
+    attributes[:email] ||= 'foo@example.com'
+    attributes[:password] ||= 'abc123'
+    attributes[:password_confirmation] ||= attributes[:password]
+    <%= user_singular_name %> = <%= user_class_name %>.new(attributes)
+    <%= user_singular_name %>.valid? # run validations
+    <%= user_singular_name %>
+  end
+  def setup
+    <%= user_class_name %>.delete_all
+  end
+  def test_valid
+    assert new_<%= user_singular_name %>.valid?
+  end
+  def test_require_username
+    assert new_<%= user_singular_name %>(:username => '').errors[:username]
+  end
+  def test_require_password
+    assert new_<%= user_singular_name %>(:password => '').errors[:password]
+  end
+  def test_require_well_formed_email
+    assert new_<%= user_singular_name %>(:email => 'foo@bar@example.com').errors[:email]
+  end
+  def test_validate_uniqueness_of_email
+    new_<%= user_singular_name %>(:email => 'bar@example.com').save!
+    assert new_<%= user_singular_name %>(:email => 'bar@example.com').errors[:email]
+  end
+  def test_validate_uniqueness_of_username
+    new_<%= user_singular_name %>(:username => 'uniquename').save!
+    assert new_<%= user_singular_name %>(:username => 'uniquename').errors[:username]
+  end
+  def test_validate_odd_characters_in_username
+    assert new_<%= user_singular_name %>(:username => 'odd ^&(@)').errors[:username]
+  end
+  def test_validate_password_length
+    assert new_<%= user_singular_name %>(:password => 'bad').errors[:password]
+  end
+  def test_require_matching_password_confirmation
+    assert new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').errors[:password]
+  end
+  def test_generate_password_hash_and_salt_on_create
+    <%= user_singular_name %> = new_<%= user_singular_name %>
+    <%= user_singular_name %>.save!
+    assert <%= user_singular_name %>.password_hash
+    assert <%= user_singular_name %>.password_salt
+  end
+  def test_authenticate_by_username
+    <%= user_class_name %>.delete_all
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foobar', 'secret')
+  end
+  def test_authenticate_by_email
+    <%= user_class_name %>.delete_all
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:email => 'foo@bar.com', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foo@bar.com', 'secret')
+  end
+  def test_authenticate_bad_username
+    assert_nil <%= user_class_name %>.authenticate('nonexisting', 'secret')
+  end
+  def test_authenticate_bad_password
+    <%= user_class_name %>.delete_all
+    new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret').save!
+    assert_nil <%= user_class_name %>.authenticate('foobar', 'badpassword')
+  end
+<%- end -%>
+end

data/lib/generators/nifty/authentication/templates/tests/testunit/users_controller.rb ADDED Viewed

@@ -0,0 +1,23 @@
+require 'test_helper'
+class <%= user_plural_class_name %>ControllerTest < ActionController::TestCase
+  def test_new
+    get :new
+    assert_template 'new'
+  end
+  def test_create_invalid
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+    post :create
+    assert_template 'new'
+  end
+  def test_create_valid
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+    post :create
+    assert_redirected_to "/"
+  <%- unless options[:authlogic] -%>
+    assert_equal assigns['<%= user_singular_name %>'].id, session['<%= user_singular_name %>_id']
+  <%- end -%>
+  end
+end

data/lib/generators/nifty/authentication/templates/user.rb ADDED Viewed

@@ -0,0 +1,42 @@
+class <%= user_class_name %> < ActiveRecord::Base
+<%- if options[:authlogic] -%>
+  acts_as_authentic
+<%- else -%>
+  # new columns need to be added here to be writable through mass assignment
+  attr_accessible :username, :email, :password, :password_confirmation
+  attr_accessor :password
+  before_save :prepare_password
+  validates_presence_of :username
+  validates_uniqueness_of :username, :email, :allow_blank => true
+  validates_format_of :username, :with => /^[-\w\._@]+$/i, :allow_blank => true, :message => "should only contain letters, numbers, or .-_@"
+  validates_format_of :email, :with => /^[-a-z0-9_+\.]+\@([-a-z0-9]+\.)+[a-z0-9]{2,4}$/i
+  validates_presence_of :password, :on => :create
+  validates_confirmation_of :password
+  validates_length_of :password, :minimum => 4, :allow_blank => true
+  # login can be either username or email address
+  def self.authenticate(login, pass)
+    <%= user_singular_name %> = find_by_username(login) || find_by_email(login)
+    return <%= user_singular_name %> if <%= user_singular_name %> && <%= user_singular_name %>.matching_password?(pass)
+  end
+  def matching_password?(pass)
+    self.password_hash == encrypt_password(pass)
+  end
+  private
+  def prepare_password
+    unless password.blank?
+      self.password_salt = Digest::SHA1.hexdigest([Time.now, rand].join)
+      self.password_hash = encrypt_password(password)
+    end
+  end
+  def encrypt_password(pass)
+    Digest::SHA1.hexdigest([pass, password_salt].join)
+  end
+<%- end -%>
+end