using rails_warden bit of refactoring

without rails_warden the failure app action was not getting set properly.

5 files changed, 31 insertions, 14 deletions

diff --git a/Gemfile.lock b/Gemfile.lock
index 5b1fbf6..a9ca432 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -19,8 +19,8 @@ PATH
   specs:
     leap_web_users (0.1.0)
       leap_web_core (= 0.1.0)
+      rails_warden
       ruby-srp (~> 0.1.3)
-      warden
 
 GEM
   remote: https://rubygems.org/
@@ -120,6 +120,8 @@ GEM
       activesupport (= 3.2.8)
       bundler (~> 1.0)
       railties (= 3.2.8)
+    rails_warden (0.5.7)
+      warden (>= 1.0.0)
     railties (3.2.8)
       actionpack (= 3.2.8)
       activesupport (= 3.2.8)
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 3872866..7b7799c 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -6,12 +6,10 @@ class SessionsController < ApplicationController
   end
 
   def create
-    debugger
     env['warden'].authenticate!
   end
 
   def update
-    debugger
     env['warden'].authenticate!
   end
 
diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb
index bb7dc13..98dd99c 100644
--- a/users/config/initializers/warden.rb
+++ b/users/config/initializers/warden.rb
@@ -1,6 +1,8 @@
-Rails.configuration.middleware.use Warden::Manager do |manager|
-  manager.default_strategies :secure_remote_password
-  manager.failure_app = SessionsController
+Rails.configuration.middleware.use RailsWarden::Manager do |config|
+  config.default_strategies :secure_remote_password
+  config.failure_app = SessionsController
+  config.default_scope = :user
+  config.scope_defaults :user, :action => :new
 end
 
 # Setup Session Serialization
@@ -18,31 +20,46 @@ end
 Warden::Strategies.add(:secure_remote_password) do
 
   def valid?
-    id && ( params['A'] || params['client_auth'] )
+    handshake? || authentication?
   end
 
   def authenticate!
-    if params['client_auth'] && session[:handshake]
+    if authentication?
       validate!
-    else
+    else  # handshake
       initialize!
     end
   end
 
   protected
 
+  def handshake?
+    params['A'] && params['login']
+  end
+
+  def authentication?
+    params['client_auth'] && session[:handshake]
+  end
+
   def validate!
     srp_session = session.delete(:handshake)
     user = srp_session.authenticate(params['client_auth'].hex)
-    user.nil? ? fail!("Could not log in") : success!(u)
+    user.nil? ? fail!("Could not log in") : success!(user)
   end
 
   def initialize!
     user = User.find_by_param(id)
     session[:handshake] = user.initialize_auth(params['A'].hex)
-    custom! [200, {}, [session[:handshake].to_json]]
+    custom! json_response(session[:handshake])
   rescue RECORD_NOT_FOUND
-    fail! "User not found"
+    fail! "User not found!"
+  end
+
+  def json_response(object)
+    [ 200,
+      {"Content-Type" => "application/json; charset=utf-8"},
+      [object.to_json]
+    ]
   end
 
   def id
diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec
index 477265e..053f8dc 100644
--- a/users/leap_web_users.gemspec
+++ b/users/leap_web_users.gemspec
@@ -18,5 +18,5 @@ Gem::Specification.new do |s|
   s.add_dependency "leap_web_core", LeapWeb::VERSION
 
   s.add_dependency "ruby-srp", "~> 0.1.3"
-  s.add_dependency "warden"
+  s.add_dependency "rails_warden"
 end
diff --git a/users/lib/leap_web_users/engine.rb b/users/lib/leap_web_users/engine.rb
index 25c110e..42ca072 100644
--- a/users/lib/leap_web_users/engine.rb
+++ b/users/lib/leap_web_users/engine.rb
@@ -1,7 +1,7 @@
 # thou shall require all your dependencies in an engine.
 require "leap_web_core"
 require "leap_web_core/ui_dependencies"
-require "warden"
+require "rails_warden"
 require "ruby-srp"
 
 module LeapWebUsers