diff options
author | Azul <azul@leap.se> | 2012-11-12 19:16:55 +0100 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-11-12 19:16:55 +0100 |
commit | c886cc17b6f37ddd556e70fe2d76a3ea28db52bf (patch) | |
tree | e27fe040bfaba5840730f466d4c6f90213759d5e /users/lib/warden/strategies | |
parent | ca2e1b9f379ccba068ad0ebb852d855f1639cd3a (diff) | |
parent | 5b300b554682c232c0955bdb0dd3d8263dde901e (diff) |
Merge branch 'feature-warden-srp' into develop
Diffstat (limited to 'users/lib/warden/strategies')
-rw-r--r-- | users/lib/warden/strategies/secure_remote_password.rb | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb new file mode 100644 index 0000000..8266e2d --- /dev/null +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -0,0 +1,57 @@ +module Warden + module Strategies + class SecureRemotePassword < Warden::Strategies::Base + + def valid? + handshake? || authentication? + end + + def authenticate! + if authentication? + validate! + else # handshake + initialize! + end + end + + protected + + def handshake? + params['A'] && params['login'] + end + + def authentication? + params['client_auth'] && session[:handshake] + end + + def validate! + user = session[:handshake].authenticate(params['client_auth'].hex) + user ? success!(user) : fail!(:password => "Could not log in") + end + + def initialize! + user = User.find_by_param(id) + session[:handshake] = user.initialize_auth(params['A'].hex) + custom! json_response(session[:handshake]) + rescue RECORD_NOT_FOUND + fail! :login => "User not found!" + end + + def json_response(object) + [ 200, + {"Content-Type" => "application/json; charset=utf-8"}, + [object.to_json] + ] + end + + def id + params["id"] || params["login"] + end + end + end + Warden::Strategies.add :secure_remote_password, + Warden::Strategies::SecureRemotePassword + +end + + |