summaryrefslogtreecommitdiff
path: root/users/lib/warden
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2013-03-05 13:35:05 +0100
committerAzul <azul@leap.se>2013-03-05 13:35:05 +0100
commit27c16ccceffa1d8eaaf02612cf29a60bfe6ced01 (patch)
tree1df9d9900872cf2e97d5c27b4175816eff5cbf80 /users/lib/warden
parent733426aa3992dafaf1c58ede7e74018057a01148 (diff)
parent87c306ea212c01ecc8f98009def5971fc4d5af11 (diff)
Merge branch 'master' into feature/limit_user_leak
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
Diffstat (limited to 'users/lib/warden')
-rw-r--r--users/lib/warden/strategies/secure_remote_password.rb7
1 files changed, 5 insertions, 2 deletions
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
index 5032914..f1b1a57 100644
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ b/users/lib/warden/strategies/secure_remote_password.rb
@@ -25,14 +25,17 @@ module Warden
end
def validate!
- client = session[:handshake].authenticate(params['client_auth'].hex)
- if client
+ if client = validate
success!(User.find_by_login(client.username))
else
fail!({:login => "invalid_user_pass", :password => "invalid_user_pass"})
end
end
+ def validate
+ session[:handshake].authenticate(params['client_auth'].hex)
+ end
+
def initialize!
if user = User.find_by_login(id)
client = SRP::Client.new user.username,