summaryrefslogtreecommitdiff
path: root/users/app
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2013-04-08 11:04:01 -0700
committerjessib <jessib@riseup.net>2013-04-08 11:04:01 -0700
commit176845b45f6982b0bf26aa69e7432562eed97c69 (patch)
tree1dd74d5afcdb8cfb96588937eda612b37449923c /users/app
parent602229c463c58be9ffb909570155d14d59f6b4d5 (diff)
parent654ab25fa4659119d5ddaa9ae116fce69a386ab1 (diff)
Merge pull request #41 from azul/feature/allow-getting-salt
Allow getting salt and proper error messages for invalid login attempts
Diffstat (limited to 'users/app')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb16
-rw-r--r--users/app/controllers/v1/sessions_controller.rb7
-rw-r--r--users/app/models/user.rb3
3 files changed, 23 insertions, 3 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index f2184d9..f0a6564 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -8,13 +8,27 @@ module ControllerExtension::Authentication
end
def authentication_errors
- return unless errors = warden.winning_strategy.try(:message)
+ return unless attempted_login?
+ errors = get_warden_errors
errors.inject({}) do |translated,err|
translated[err.first] = I18n.t(err.last)
translated
end
end
+ def get_warden_errors
+ if strategy = warden.winning_strategy
+ strategy.message
+ else
+ { login: :all_strategies_failed }
+ end
+ end
+
+ def attempted_login?
+ request.env['warden.options'] &&
+ request.env['warden.options'][:attempted_path]
+ end
+
def logged_in?
!!current_user
end
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 0551ca9..9365d76 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -13,7 +13,12 @@ module V1
def create
logout if logged_in?
- authenticate!
+ if params['A']
+ authenticate!
+ else
+ @user = User.find_by_login(params['login'])
+ render :json => {salt: @user.salt}
+ end
end
def update
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index c9b367f..62c5054 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -47,7 +47,8 @@ class User < CouchRest::Model::Base
timestamps!
design do
- load_views(Rails.root.join('users', 'app', 'designs', 'user'))
+ own_path = Pathname.new(File.dirname(__FILE__))
+ load_views(own_path.join('..', 'designs', 'user'))
view :by_login
view :by_created_at
end