diff options
-rw-r--r-- | Gemfile.lock | 4 | ||||
-rw-r--r-- | users/app/controllers/sessions_controller.rb | 2 | ||||
-rw-r--r-- | users/config/initializers/warden.rb | 35 | ||||
-rw-r--r-- | users/leap_web_users.gemspec | 2 | ||||
-rw-r--r-- | users/lib/leap_web_users/engine.rb | 2 |
5 files changed, 31 insertions, 14 deletions
diff --git a/Gemfile.lock b/Gemfile.lock index 5b1fbf6..a9ca432 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -19,8 +19,8 @@ PATH specs: leap_web_users (0.1.0) leap_web_core (= 0.1.0) + rails_warden ruby-srp (~> 0.1.3) - warden GEM remote: https://rubygems.org/ @@ -120,6 +120,8 @@ GEM activesupport (= 3.2.8) bundler (~> 1.0) railties (= 3.2.8) + rails_warden (0.5.7) + warden (>= 1.0.0) railties (3.2.8) actionpack (= 3.2.8) activesupport (= 3.2.8) diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 3872866..7b7799c 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -6,12 +6,10 @@ class SessionsController < ApplicationController end def create - debugger env['warden'].authenticate! end def update - debugger env['warden'].authenticate! end diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb index bb7dc13..98dd99c 100644 --- a/users/config/initializers/warden.rb +++ b/users/config/initializers/warden.rb @@ -1,6 +1,8 @@ -Rails.configuration.middleware.use Warden::Manager do |manager| - manager.default_strategies :secure_remote_password - manager.failure_app = SessionsController +Rails.configuration.middleware.use RailsWarden::Manager do |config| + config.default_strategies :secure_remote_password + config.failure_app = SessionsController + config.default_scope = :user + config.scope_defaults :user, :action => :new end # Setup Session Serialization @@ -18,31 +20,46 @@ end Warden::Strategies.add(:secure_remote_password) do def valid? - id && ( params['A'] || params['client_auth'] ) + handshake? || authentication? end def authenticate! - if params['client_auth'] && session[:handshake] + if authentication? validate! - else + else # handshake initialize! end end protected + def handshake? + params['A'] && params['login'] + end + + def authentication? + params['client_auth'] && session[:handshake] + end + def validate! srp_session = session.delete(:handshake) user = srp_session.authenticate(params['client_auth'].hex) - user.nil? ? fail!("Could not log in") : success!(u) + user.nil? ? fail!("Could not log in") : success!(user) end def initialize! user = User.find_by_param(id) session[:handshake] = user.initialize_auth(params['A'].hex) - custom! [200, {}, [session[:handshake].to_json]] + custom! json_response(session[:handshake]) rescue RECORD_NOT_FOUND - fail! "User not found" + fail! "User not found!" + end + + def json_response(object) + [ 200, + {"Content-Type" => "application/json; charset=utf-8"}, + [object.to_json] + ] end def id diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec index 477265e..053f8dc 100644 --- a/users/leap_web_users.gemspec +++ b/users/leap_web_users.gemspec @@ -18,5 +18,5 @@ Gem::Specification.new do |s| s.add_dependency "leap_web_core", LeapWeb::VERSION s.add_dependency "ruby-srp", "~> 0.1.3" - s.add_dependency "warden" + s.add_dependency "rails_warden" end diff --git a/users/lib/leap_web_users/engine.rb b/users/lib/leap_web_users/engine.rb index 25c110e..42ca072 100644 --- a/users/lib/leap_web_users/engine.rb +++ b/users/lib/leap_web_users/engine.rb @@ -1,7 +1,7 @@ # thou shall require all your dependencies in an engine. require "leap_web_core" require "leap_web_core/ui_dependencies" -require "warden" +require "rails_warden" require "ruby-srp" module LeapWebUsers |