diff options
| author | Azul <azul@leap.se> | 2012-12-07 08:28:23 +0100 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2012-12-07 08:28:23 +0100 |
| commit | 1ec55c4f562a4fdd57c50077ff286ef08e9978a1 (patch) | |
| tree | 16203d2ca4f32e24d38fef6062aa9534cecb3bfe /users/lib/warden | |
| parent | effa6b0f84cfe954cc9dd73f592663b743b0d857 (diff) | |
| parent | a3dce077881c7e97090e5e560b1fb004952d5b23 (diff) | |
Merge branch 'develop'
Diffstat (limited to 'users/lib/warden')
| -rw-r--r-- | users/lib/warden/session_serializer.rb | 13 | ||||
| -rw-r--r-- | users/lib/warden/strategies/secure_remote_password.rb | 58 |
2 files changed, 71 insertions, 0 deletions
diff --git a/users/lib/warden/session_serializer.rb b/users/lib/warden/session_serializer.rb new file mode 100644 index 0000000..81d7076 --- /dev/null +++ b/users/lib/warden/session_serializer.rb @@ -0,0 +1,13 @@ +module Warden + # Setup Session Serialization + class SessionSerializer + def serialize(record) + [record.class.name, record.id] + end + + def deserialize(keys) + klass, id = keys + klass.constantize.find(id) + end + end +end diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb new file mode 100644 index 0000000..594e27e --- /dev/null +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -0,0 +1,58 @@ +module Warden + module Strategies + class SecureRemotePassword < Warden::Strategies::Base + + def valid? + handshake? || authentication? + end + + def authenticate! + if authentication? + validate! + else # handshake + initialize! + end + end + + protected + + def handshake? + params['A'] && params['login'] + end + + def authentication? + params['client_auth'] && session[:handshake] + end + + def validate! + user = session[:handshake].authenticate(params['client_auth'].hex) + user ? success!(user) : fail!(:password => "wrong_password") + end + + def initialize! + if user = User.find_by_login(id) + session[:handshake] = user.initialize_auth(params['A'].hex) + custom! json_response(session[:handshake]) + else + fail! :login => "user_not_found" + end + end + + def json_response(object) + [ 200, + {"Content-Type" => "application/json; charset=utf-8"}, + [object.to_json] + ] + end + + def id + params["id"] || params["login"] + end + end + end + Warden::Strategies.add :secure_remote_password, + Warden::Strategies::SecureRemotePassword + +end + + |