# this User model is based on the code presented on page 116 in
#   Beginning Rails 3.
#
# Unlike the book, this User model uses a login name (name) for 
#    authentication instead of the email address

require 'digest'
class User < ActiveRecord::Base
  attr_accessor :password
  
  validates :password, :confirmation => true, 
            :presence => true, 
            :if => :password_required?
  
  before_save :encrypt_new_password
  
  def self.authenticate(name, password)
    user = find_by_name(name)
    return user if user && user.authenticated?(password)
  end
  
  def authenticated?(password)
    self.hashed_password == encrypt(password)
  end
  
  protected
  def encrypt_new_password
    return if password.blank?
    self.hashed_password = encrypt(password)
  end
  
  def password_required?
    hashed_password.blank? || password.present?
  end
  
  def encrypt(pwd)
    Digest::SHA1.hexdigest(pwd)
  end
end