summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2012-11-26 12:15:54 +0100
committerAzul <azul@leap.se>2012-11-26 12:15:54 +0100
commitcdda8f095d49cdda94c3527ecb92cb15c300327b (patch)
treeab07f2e702b5f5eee9638ef751669f88298faad2 /users
parent595518684b9c4364f96c97a84cc481b5ae0da981 (diff)
fixed login error message on wrong username
Diffstat (limited to 'users')
-rw-r--r--users/lib/warden/strategies/secure_remote_password.rb11
-rw-r--r--users/test/integration/api/account_flow_test.rb3
2 files changed, 8 insertions, 6 deletions
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
index 953e2e9..594e27e 100644
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ b/users/lib/warden/strategies/secure_remote_password.rb
@@ -30,11 +30,12 @@ module Warden
end
def initialize!
- user = User.find_by_login(id)
- session[:handshake] = user.initialize_auth(params['A'].hex)
- custom! json_response(session[:handshake])
- rescue RECORD_NOT_FOUND
- fail! :login => "user_not_found"
+ if user = User.find_by_login(id)
+ session[:handshake] = user.initialize_auth(params['A'].hex)
+ custom! json_response(session[:handshake])
+ else
+ fail! :login => "user_not_found"
+ end
end
def json_response(object)
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 4135485..add12fe 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -65,8 +65,8 @@ class AccountFlowTest < ActiveSupport::TestCase
test "signup and wrong password login attempt" do
srp = SRP::Client.new(@login, "wrong password")
server_auth = srp.authenticate(self)
+ assert_json_error :password => "wrong password"
assert !last_response.successful?
- assert_equal "wrong password", server_auth["errors"]['password']
assert_nil server_auth["M2"]
end
@@ -76,6 +76,7 @@ class AccountFlowTest < ActiveSupport::TestCase
assert_raises RECORD_NOT_FOUND do
server_auth = srp.authenticate(self)
end
+ assert_json_error :login => "could not be found"
assert !last_response.successful?
assert_nil server_auth
end