This allows you to cipher the password of the user automatically upon entry. This way you can allow entry of raw ciphered password via web services etc. as well as keep it ciphered in the database (for instance as a char(32))
require 'md5'
class User < ActiveRecord::Base
before_save :cipher_password!
def self.login(login, password)
password = MD5.new(password).to_s unless password.to_s =~ /^[\dabcdef]{32}$/
self.find_by_login_and_password(login, password)
end
private
def cipher_password!
unless password.to_s =~ /^[\dabcdef]{32}$/
write_attribute("password", MD5.new(password).to_s)
# this is needed for virtual validation
@password_confirmation = MD5.new(@password_confirmation).to_s if @password_confirmation
end
end
end