class User < ApplicationRecord has_secure_password generates_token_for :password_reset, expires_in: 4.hours do password_salt.last(10) # Invalidates when password changed end validates :username, presence: true, uniqueness: true, length: { minimum: 3, maximum: 20 } normalizes :username, with: ->(username) { username.strip.downcase } validates :email, presence: true, uniqueness: true, length: { minimum: 5, maximum: 100 }, format: { with: URI::MailTo::EMAIL_REGEXP, message: "must be a valid email address" } normalizes :email, with: ->(email) { email.strip.downcase } validates :first_name, presence: true, length: { maximum: 50 } validates :last_name, allow_nil: false, length: { maximum: 50 } def full_name return first_name if last_name.blank? "#{first_name} #{last_name}" end end