summaryrefslogtreecommitdiff
path: root/users/config
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2012-10-30 12:32:10 +0100
committerAzul <azul@leap.se>2012-10-30 12:32:10 +0100
commit194e924cb7c36eafa01b68c74774505e170e47ac (patch)
treed6f655010c2cc25b31e1b95b2cef78c962f9c84f /users/config
parent3ba2e664a26e96a93c8640b57241af6386db361e (diff)
adding in warden with a basic strategy
currently failing because we are not setting the content-type header.
Diffstat (limited to 'users/config')
-rw-r--r--users/config/initializers/warden.rb52
1 files changed, 52 insertions, 0 deletions
diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb
new file mode 100644
index 0000000..bb7dc13
--- /dev/null
+++ b/users/config/initializers/warden.rb
@@ -0,0 +1,52 @@
+Rails.configuration.middleware.use Warden::Manager do |manager|
+ manager.default_strategies :secure_remote_password
+ manager.failure_app = SessionsController
+end
+
+# Setup Session Serialization
+class Warden::SessionSerializer
+ def serialize(record)
+ [record.class.name, record.id]
+ end
+
+ def deserialize(keys)
+ klass, id = keys
+ klass.find(id)
+ end
+end
+
+Warden::Strategies.add(:secure_remote_password) do
+
+ def valid?
+ id && ( params['A'] || params['client_auth'] )
+ end
+
+ def authenticate!
+ if params['client_auth'] && session[:handshake]
+ validate!
+ else
+ initialize!
+ end
+ end
+
+ protected
+
+ def validate!
+ srp_session = session.delete(:handshake)
+ user = srp_session.authenticate(params['client_auth'].hex)
+ user.nil? ? fail!("Could not log in") : success!(u)
+ end
+
+ def initialize!
+ user = User.find_by_param(id)
+ session[:handshake] = user.initialize_auth(params['A'].hex)
+ custom! [200, {}, [session[:handshake].to_json]]
+ rescue RECORD_NOT_FOUND
+ fail! "User not found"
+ end
+
+ def id
+ params["id"] || params["login"]
+ end
+end
+