class User < ActiveRecord::Base

before_save { self.email = email.downcase }
before_save { self.user_name = user_name.downcase }

=begin

Rails looks for the create_remember_token
and runs it before anything else

=end

before_create :create_remember_token

=begin

VAILD_EMAIL is the regex used to valid a user given email.

A break down of the regex is listed below.

/ -----------> Start of the regex
\A ----------> match start of a string
[\w+\-.]+ ---> at least one owrd character, plus, hyphen, or 
			   dot
@ -----------> literal ampersand
[a-z\d\-.]+ -> at least one letter, digit, hyphen, or dot
(?:\.[a-z]+) > ensures that the error of example@foo..com
							 does not occur
\z ----------> match end of a string
/ -----------> end of the regex
i -----------> case sensative

=end
		
	VALID_EMAIL_REG = /\A[\w+\-.]+@[a-z\d\-.]+(?:\.[a-z]+)\z/i

=begin

VALID_USER_NAME checks to make sure a user's user_name
is in the proper format.

=end

	VALID_USER_NAME_REG = /[a-zA-Z0-9\-]/

=begin

The following lines put a user accout through a series of
validations in order to make sure all of their information
is in the proper format.

validates :symbol_to_be_valided

presence: determines whether or not a symbol is filled or not
length: ensures there is a length limit on the symbol
format: checks the format of given information to ensure 
        validity

=end

	validates :name, presence: true, length: { maximum: 50 }
	validates :email, presence: true, format: {with: 
                                       VALID_EMAIL_REG},
                      uniqueness: { case_sensitive: false }
  validates :user_name, presence: true, length:{maximum: 50},
                        format: {with: VALID_USER_NAME_REG },
                        uniqueness: {case_sensitive: false }

=begin

Instead of adding password and password_confirmation
attributes, requiring the presence of a password, 
requirin that pw and pw_com match, and add an authenticate
method to compare an encrypted password to the
password_digest to authenticate users, I can just add
has_secure_password which does all of this for me

=end

	has_secure_password

	validates :password, length: { minimum: 6 }

	# create a random remember token for the user
  def User.new_remember_token
    SecureRandom.urlsafe_base64
  end
	
	# encrypt the remember token
  def User.hash(token)
    Digest::SHA1.hexdigest(token.to_s)
  end

=begin

SHA-1 (Secure Hash Algorithm) is a US engineered hash
function that produces a 20 byte hash value which typically
forms a hexadecimal number 40 digits long. 
The reason I am not using the Bcrypt algorithm is because
SHA-1 is much faster and I will be calling this on
every page a user accesses.

https://en.wikipedia.org/wiki/SHA-1

=end

	# everything under private is hidden so you cannot call
	# create_remember_token in order to ensure security
	private
		
		#assign user a create remember token
		  def create_remember_token
		    self.remember_token = User.hash(User.new_remember_token)
		  end

=begin

in order to ensure that someone did not accidently submit
two accounts rapidly (which would throw off the validates 
for user_name and email) I added an index to the Users 
email and user_name in the database to ensure uniqueness
This also gives and index to the user_name and email
so finding a unique user SHOULD be easier

=end

end