X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/0c8ad2f86edefed72052b402742cadedb0d674d9..c798fe416a60eb25f8390ca8a5ab22126dfc7155:/app/models/user.rb diff --git a/app/models/user.rb b/app/models/user.rb index 778afbf8a..b8ec9aebc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,6 +52,7 @@ class User < ActiveRecord::Base after_initialize :set_defaults before_save :encrypt_password + after_save :spam_check has_attached_file :image, :default_url => "/assets/:class/:attachment/:style.png", @@ -69,7 +70,14 @@ class User < ActiveRecord::Base end end - user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt) + if user and PasswordHash.check(user.pass_crypt, user.pass_salt, options[:password]) + if PasswordHash.upgrade?(user.pass_crypt, user.pass_salt) + user.pass_crypt, user.pass_salt = PasswordHash.create(options[:password]) + user.save + end + else + user = nil + end elsif options[:token] token = UserToken.find_by_token(options[:token]) user = token.user if token @@ -216,6 +224,14 @@ class User < ActiveRecord::Base return score.to_i end + ## + # perform a spam check on a user + def spam_check + if status == "active" and spam_score > SPAM_THRESHOLD + update_column(:status, "suspended") + end + end + ## # return an oauth access token for a specified application def access_token(application_key) @@ -231,8 +247,7 @@ private def encrypt_password if pass_crypt_confirmation - self.pass_salt = OSM::make_token(8) - self.pass_crypt = OSM::encrypt_password(pass_crypt, pass_salt) + self.pass_crypt, self.pass_salt = PasswordHash.create(pass_crypt) self.pass_crypt_confirmation = nil end end