DZone Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world

Snippets Manager

Snippets has posted 5883 posts at DZone. View Full User Profile

User Management Module In Ruby

08.21.2008

| 3075 views |

#!/usr/bin/ruby -Ku

# user management system

###############################################################################
=begin

- æ–°è¦ãƒ¦ãƒ¼ã‚¶ç™»éŒ²
- ãƒã‚°ã‚¤ãƒ³èªè¨¼

ãŒã§ãã¾ã™ã€‚

æƒ³å®šã™ã‚‹ãƒ†ãƒ¼ãƒ–ãƒ«æ§‹æˆï¼š
	CREATE TABLE `user_table` (
		`id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
		`name` VARCHAR(32) NOT NULL,
		`cryptedPassword` VARCHAR(40) NOT NULL,
		`salt` VARCHAR(8) NOT NULL,
		`email` VARCHAR(32),
		`createdAt` DATETIME,
		PRIMARY KEY (`id`, `name`),
		UNIQUE(`name`)
	);

- salt
- æš—å·åŒ–ã¯SHA1ã§è¡Œã†ã®ã§ã€é•·ã•ã¯40æ–‡å—

ç™ºç”Ÿã™ã‚‹ä¾‹å¤–ï¼š
	æ–°è¦ãƒ¦ãƒ¼ã‚¶ç™»éŒ²æ™‚ï¼š
		"UserAlreadyExist"
	ãƒã‚°ã‚¤ãƒ³èªè¨¼æ™‚ï¼š
		"UserNotExist"
		"PasswordNotMatch"

=end
###############################################################################

module UserMan
	UserTableName = "user_table"


	# æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®è¿½åŠ 
	def add_new_user(db, name, pass, email, salt_len=8)
		user_id = get_user_id(db, name)
		if user_id
			raise "UserAlreadyExist"
			return false
		end

		salt = create_salt(salt_len)
		enc_pass = encrypt_password(pass, salt)
		createdAt = Time.now.strftime("%Y-%m-%d %H:%M:%S")

		fields = ["name", "cryptedPassword", "salt", "email", "createdAt"]
		r = db.insert(UserTableName, fields, name, enc_pass, salt, email, createdAt)

		return true
	end


	# ãƒ¦ãƒ¼ã‚¶id ã®å–å¾—
	def get_user_id(db, name)
		db.query1("select id from #{UserTableName} where name=? limit 1;", name)
	end


	# salt ç”Ÿæˆ
	def create_salt(salt_len, chrs='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()-=+*;:{}[]~|')
		n = chrs.length
		(0...salt_len).map do
			chrs[rand(n), 1]
		end.join
	end


	# ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã®æš—å·åŒ–
	def encrypt_password(pass, salt)
		require "digest/sha1"
		Digest::SHA1.hexdigest("#{pass}:#{salt}")
	end


	# ãƒã‚°ã‚¤ãƒ³èªè¨¼
	#	èªè¨¼ã«æˆåŠŸã—ãŸã‚‰ã€id ã‚’è¿”ã™
	def login_authorize_get_id(db, name, pass)
		r = db.query1("select id, salt, cryptedPassword from #{UserTableName} where name=? limit 1;", name)
		unless r
			raise "UserNotExist"
			return false
		end

		enc_pass = encrypt_password(pass, r["salt"])
		if enc_pass != r["cryptedPassword"]
			raise "PasswordNotMatch"
			return false
		end

		return r["id"].to_i
	end
end



if $0 == __FILE__
	include UserMan
	require 'setting'

	def with_open_mydb(&block)
		require "db"
		db = MySQLDatabase.new
		db.connect(DBHost, DBUser, DBPass, DBName)
		block.call(db)
	ensure
		db.close
	end

	r = with_open_mydb do |db|
#		create_salt(8)
#		add_new_user(db, "anonymous", "mypassword", "hoge@example.com")
#		(with_open_mydb {|db| get_user_id(db, "anonymous")})
		login_authorize_get_id(db, "anonymous", "mypassword")
	end
	p r
end

Tags: