diff options
| -rwxr-xr-x | test/setup_couch.sh | 2 | ||||
| -rw-r--r-- | users/leap_web_users.gemspec | 2 | ||||
| -rw-r--r-- | users/lib/warden/strategies/secure_remote_password.rb | 10 | ||||
| -rw-r--r-- | users/test/integration/api/account_flow_test.rb | 8 |
4 files changed, 13 insertions, 9 deletions
diff --git a/test/setup_couch.sh b/test/setup_couch.sh index 39e264f..0502c12 100755 --- a/test/setup_couch.sh +++ b/test/setup_couch.sh @@ -1,6 +1,8 @@ #!/bin/bash HOST="http://localhost:5984" +echo "couch version :" +curl -X GET $HOST echo "creating user :" curl -HContent-Type:application/json -XPUT $HOST/_users/org.couchdb.user:me --data-binary '{"_id": "org.couchdb.user:me","name": "me","roles": [],"type": "user","password": "pwd"}' echo "creating databases :" diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec index 013b44a..2f4b10c 100644 --- a/users/leap_web_users.gemspec +++ b/users/leap_web_users.gemspec @@ -17,6 +17,6 @@ Gem::Specification.new do |s| s.add_dependency "leap_web_core", LeapWeb::VERSION - s.add_dependency "ruby-srp", "~> 0.1.6" + s.add_dependency "ruby-srp", "~> 0.1.7" s.add_dependency "rails_warden" end diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb index 2dcd706..a97e795 100644 --- a/users/lib/warden/strategies/secure_remote_password.rb +++ b/users/lib/warden/strategies/secure_remote_password.rb @@ -28,6 +28,9 @@ module Warden if client = validate success!(User.find_by_login(client.username)) else + Rails.logger.warn "Login attempt failed." + Rails.logger.debug debug_info + Rails.logger.debug "Received: #{params['client_auth']}" fail!(:base => "invalid_user_pass") end end @@ -58,6 +61,13 @@ module Warden def id params["id"] || params["login"] end + + protected + + def debug_info + JSON.pretty_generate(session[:handshake].internal_state) + end + end end Warden::Strategies.add :secure_remote_password, diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index d4360de..f5cb0b1 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -55,14 +55,6 @@ class AccountFlowTest < RackTest assert server_auth["M2"] end - test "duplicate login does not break things" do - server_auth = @srp.authenticate(self) - server_auth = @srp.authenticate(self) - assert last_response.successful? - assert_nil server_auth["errors"] - assert server_auth["M2"] - end - test "signup and wrong password login attempt" do srp = SRP::Client.new @login, :password => "wrong password" server_auth = srp.authenticate(self) |