diff options
author | Azul <azul@leap.se> | 2012-10-05 13:59:39 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-10-05 13:59:39 +0200 |
commit | 118d9ab5c9f4d7a82b7cf24774ef12d3c221f8ef (patch) | |
tree | 0f698522a1beaaab6993cc5d2160c3d69ab2a19f /users/app/controllers | |
parent | f7e832b111b38c1b2bdef45ab74001590b17c0dc (diff) |
moving to ruby_srp 0.1.0, works with python srp
Diffstat (limited to 'users/app/controllers')
-rw-r--r-- | users/app/controllers/sessions_controller.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 7852e5c..b8043f5 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -15,11 +15,13 @@ class SessionsController < ApplicationController end def update + # TODO: validate the id belongs to the session @user = User.find_by_param(params[:id]) - @server_auth = @user.authenticate!(params[:client_auth].hex, session.delete(:handshake)) + @srp_session = session.delete(:handshake) + @server_auth = @srp_session.authenticate!(params[:client_auth].hex) session[:user_id] = @user.id User.current = @user #? - render :json => {:M2 => @server_auth} + render :json => {:M2 => "%064x" % @server_auth} rescue WRONG_PASSWORD session[:handshake] = nil render :json => {:errors => {"password" => ["wrong password"]}} |