require 'sha1'


class User < ActiveRecord::Base
  attr_accessor :password
  attr_protected :hashed_password
  validates_uniqueness_of :username
  validates_confirmation_of :password, :if => lambda { |user|
    user.new_record? or not user.password.blank? }
  validates_length_of :password, :within => 5..40, :if => lambda { |user|
    user.new_record? or not user.password.blank? }

  def self.hashed(str)
    SHA1.new(str).to_s
  end

  def self.authenticate(user_info)
    user = find_by_username(user_info[:username])
    if user && user.hashed_password == hashed(user_info[:password])
      return user
    end
  end

  private
  before_save :update_password

  def update_password
    if not password.blank?
      self.hashed_password = self.class.hashed(password)
    end
  end
end