Ignore exceptions looking up a user from a session.

[rails.git] / app / models / user.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index ec4c2f788bad93a37133d9815f3ea2136fd456b3..054695e5b8f74089bb5a822ac192272690bf9da0 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -20,7 +20,7 @@ class User < ActiveRecord::Base
   before_save :encrypt_password
 
   def after_initialize
-    self.creation_time = Time.now
+    self.creation_time = Time.now if self.creation_time.nil?
   end
 
   def encrypt_password
@@ -33,7 +33,7 @@ class User < ActiveRecord::Base
   def self.authenticate(options)
     if options[:username] and options[:password]
       user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]])
-      user = nil unless user.pass_crypt == OSM::encrypt_password(options[:password], user.pass_salt)
+      user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
     elsif options[:token]
       token = UserToken.find(:first, :include => :user, :conditions => ["user_tokens.token = ?", options[:token]])
       user = token.user if token