api for sessions fixed

* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
author: Azul <azul@leap.se> 2013-02-26 11:42:19 +0100
committer: Azul <azul@leap.se> 2013-02-26 11:45:56 +0100
commit: 4a92bab4d8c231a17a14afc81c391f9a1f91c063 (patch)
tree: b877619594eac3ef37abc25df2586e0f9f6fe1f9 /users/lib/warden/strategies
parent: 389ddf51ef854c6cfa9541c717c857a8563766e4 (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
index 483336d..363e6a0 100644
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ b/users/lib/warden/strategies/secure_remote_password.rb
@@ -25,10 +25,15 @@ module Warden
       end
 
       def validate!
-        client = session[:handshake].authenticate(params['client_auth'].hex)
-        client ?
-          success!(User.find_by_login(client.username)) :
+        if client = validate
+          success!(User.find_by_login(client.username))
+        else
           fail!(:password => "wrong_password")
+        end
+      end
+
+      def validate
+        session[:handshake].authenticate(params['client_auth'].hex)
       end
 
       def initialize!
author	Azul <azul@leap.se>	2013-02-26 11:42:19 +0100
committer	Azul <azul@leap.se>	2013-02-26 11:45:56 +0100
commit	4a92bab4d8c231a17a14afc81c391f9a1f91c063 (patch)
tree	b877619594eac3ef37abc25df2586e0f9f6fe1f9 /users/lib/warden/strategies
parent	389ddf51ef854c6cfa9541c717c857a8563766e4 (diff)