0

I have completed Railstutorial.org book. Now I want to change that only admin can register a new user with name and email. Password is automactically generated and sent to user'email. I'm stuck on how to randomly generate password for user. Can someone help me ? thank a lot.

model/user.fb
class User < ActiveRecord::Base
  attr_accessor :remember_token
  before_save { self.email = email.downcase }
  validates :name,  presence: true, length: { maximum: 50 }
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  validates :email, presence: true, length: { maximum: 255 },
                    format: { with: VALID_EMAIL_REGEX },
                    uniqueness: { case_sensitive: false }
  has_secure_password
  validates :password, presence: true, length: { minimum: 6 }, on: :create // this line will be removed

  # Returns the hash digest of the given string.
  def User.digest(string)
    cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST :
                                                  BCrypt::Engine.cost
    BCrypt::Password.create(string, cost: cost)
  end

  # Returns a random token.
  def User.new_token
    SecureRandom.urlsafe_base64
  end

  # Remembers a user in the database for use in persistent sessions.
  def remember
    self.remember_token = User.new_token
    update_attribute(:remember_digest, User.digest(remember_token))
  end

  # Returns true if the given token matches the digest.
  def authenticated?(remember_token)
    BCrypt::Password.new(remember_digest).is_password?(remember_token)
  end

   # Forgets a user.
  def forget
    update_attribute(:remember_digest, nil)
  end

  # Returns true if the given token matches the digest.
  def authenticated?(remember_token)
    return false if remember_digest.nil?
    BCrypt::Password.new(remember_digest).is_password?(remember_token)
  end
end

controller/admin/user_controller.rb
class Admin::UsersController < ApplicationController
  before_action :admin_user 
  before_action :logged_in_user 
  def new
    @user = User.new
  end

  def index
    @users = User.where(admin: false)
  end

  def show
    @user = User.find(params[:id])
    @subjects = @user.subjects
  end

  def create
    @user = User.new(user_params)
    if @user.save
      flash[:success] = "create new user successfully"
      redirect_to admin_users_url
    else
      render 'new'
    end  
  end

  def edit
    @user = User.find(params[:id])
  end

  def update
    @user = User.find(params[:id])
    if @user.update_attributes(user_params)
      flash[:success] = "Profile updated!"
      redirect_to admin_users_url
    else
      render 'edit'
    end
  end

  def destroy
    User.find(params[:id]).destroy
    flash[:success] = "User deleted!"
    redirect_to admin_users_url
  end

  private

    def user_params
      params.require(:user).permit(:name, :email, :password, :password_confirmation, :address, :phone, :admin)
    end
end

views/admin/new.html
<% provide(:title, 'Sign up') %>
<h1>add user</h1>

<div class="row">
  <div class="col-md-6 col-md-offset-3">
    <%= form_for [:admin, @user] do |f| %>
      <%= render 'shared/error_messages', object: @user %>

      <%= f.label :name %>
      <%= f.text_field :name, class: 'form-control' %>

      <%= f.label :email %>
      <%= f.email_field :email, class: 'form-control' %>

      <%= f.label :address %>
      <%= f.text_field :address, class: 'form-control' %>

      <%= f.label :phone %>
      <%= f.text_field :phone, class: 'form-control' %>

      <%= f.label :password %> // this line will be removed
      <%= f.password_field :password, class: 'form-control' %>// this line will be removed

      <%= f.label :password_confirmation, "Confirmation" %>// this line will be removed
      <%= f.password_field :password_confirmation, class: 'form-control' %>// this line will be removed

      <%= f.label :admin, 'Is this admin?' %>
      <%= f.select :admin, options_for_select(['false', 'true']) %><br>

      <%= f.submit "Save", class: "btn btn-primary" %>
    <% end %>
  </div>
</div>
Improve this question
1
  • Post your code, you have worked so far.. Commented Feb 1, 2016 at 5:41

1 Answer 1

Reset to default
1

In the code below User is the model.

Here you will check the secure password generated with every other user's password, if the newly generated password does not match any, then you can use it for the new user.

def generate_password
 loop do
    seed = "--#{rand(10000000)}--#{Time.now}--#{rand(10000000)}"
    secure_password = Digest::SHA1.hexdigest(seed)[0,8]
    break secure_password unless User.exists?(password: secure_password)
  end
end
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.