diff options
| author | jessib <jessib@riseup.net> | 2012-11-12 10:48:40 -0800 |
|---|---|---|
| committer | jessib <jessib@riseup.net> | 2012-11-12 10:48:40 -0800 |
| commit | 347c1d73c855cfad8c37e8a0bd98a60831151812 (patch) | |
| tree | 104c89712d9a1f7d7eefd49187a2f6bbc70a33ce /users/app | |
| parent | 67cb22d50193a58e4697549d9ce8a22e790a7a0d (diff) | |
| parent | fe8b49232d31681667badaaeff7aa4d0a40445ea (diff) | |
Merge branch 'develop' into help_develop
Conflicts:
help/test/functional/tickets_controller_test.rb
users/test/functional/application_controller_test.rb
users/test/support/auth_test_helper.rb
Diffstat (limited to 'users/app')
| -rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 4 | ||||
| -rw-r--r-- | users/app/controllers/sessions_controller.rb | 18 | ||||
| -rw-r--r-- | users/app/views/sessions/new.json.erb | 3 |
3 files changed, 10 insertions, 15 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index e27b4da..1726278 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -7,8 +7,8 @@ module ControllerExtension::Authentication helper_method :current_user, :logged_in?, :admin? end - def current_user - @current_user ||= User.find(session[:user_id]) if session[:user_id] + def authentication_error + warden.winning_strategy.try(:message) end def logged_in? diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 4a1107d..486f67e 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -3,28 +3,20 @@ class SessionsController < ApplicationController skip_before_filter :verify_authenticity_token def new + @errors = authentication_error end def create - @user = User.find_by_param(params[:login]) - session[:handshake] = @user.initialize_auth(params['A'].hex) - render :json => session[:handshake] - rescue RECORD_NOT_FOUND - render :json => {:errors => {:login => ["unknown user"]}} + authenticate! end def update - @srp_session = session.delete(:handshake) - @user = @srp_session.authenticate!(params[:client_auth].hex) - session[:user_id] = @user.id - render :json => @srp_session - rescue WRONG_PASSWORD - session[:handshake] = nil - render :json => {:errors => {"password" => ["wrong password"]}} + authenticate! + render :json => session.delete(:handshake) end def destroy - session[:user_id] = nil + logout redirect_to root_path end end diff --git a/users/app/views/sessions/new.json.erb b/users/app/views/sessions/new.json.erb new file mode 100644 index 0000000..36154b8 --- /dev/null +++ b/users/app/views/sessions/new.json.erb @@ -0,0 +1,3 @@ +{ +"errors": <%= raw @errors.to_json %> +} |