diff options
author | Azul <azul@leap.se> | 2012-11-09 16:45:54 +0100 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-11-09 16:45:54 +0100 |
commit | 5b300b554682c232c0955bdb0dd3d8263dde901e (patch) | |
tree | e27fe040bfaba5840730f466d4c6f90213759d5e /users/lib/warden | |
parent | 63c5b2cafdefbd9b13297faa57ee2f18a5c07bf5 (diff) |
seperated the warden classes from the initializer
also commented the sessions controller test a bit and fixed it
Diffstat (limited to 'users/lib/warden')
-rw-r--r-- | users/lib/warden/session_serializer.rb | 13 | ||||
-rw-r--r-- | users/lib/warden/strategies/secure_remote_password.rb | 57 |
2 files changed, 70 insertions, 0 deletions
diff --git a/users/lib/warden/session_serializer.rb b/users/lib/warden/session_serializer.rb new file mode 100644 index 0000000..81d7076 --- /dev/null +++ b/users/lib/warden/session_serializer.rb @@ -0,0 +1,13 @@ +module Warden + # Setup Session Serialization + class SessionSerializer + def serialize(record) + [record.class.name, record.id] + end + + def deserialize(keys) + klass, id = keys + klass.constantize.find(id) + end + end +end diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb new file mode 100644 index 0000000..8266e2d --- /dev/null +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -0,0 +1,57 @@ +module Warden + module Strategies + class SecureRemotePassword < Warden::Strategies::Base + + def valid? + handshake? || authentication? + end + + def authenticate! + if authentication? + validate! + else # handshake + initialize! + end + end + + protected + + def handshake? + params['A'] && params['login'] + end + + def authentication? + params['client_auth'] && session[:handshake] + end + + def validate! + user = session[:handshake].authenticate(params['client_auth'].hex) + user ? success!(user) : fail!(:password => "Could not log in") + end + + def initialize! + user = User.find_by_param(id) + session[:handshake] = user.initialize_auth(params['A'].hex) + custom! json_response(session[:handshake]) + rescue RECORD_NOT_FOUND + fail! :login => "User not found!" + end + + def json_response(object) + [ 200, + {"Content-Type" => "application/json; charset=utf-8"}, + [object.to_json] + ] + end + + def id + params["id"] || params["login"] + end + end + end + Warden::Strategies.add :secure_remote_password, + Warden::Strategies::SecureRemotePassword + +end + + |