diff options
m--------- | users/app/assets/javascripts/srp | 0 | ||||
-rw-r--r-- | users/app/controllers/sessions_controller.rb | 7 | ||||
-rw-r--r-- | users/config/initializers/warden.rb | 8 |
3 files changed, 9 insertions, 6 deletions
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp -Subproject 23350b54ec2723e1b2e333626567c9fe9d1e264 +Subproject 3bf101bc1ef3b5a58fe2f1e2a2e7a681f6de6c0 diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 7b7799c..06d55eb 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -3,14 +3,17 @@ class SessionsController < ApplicationController skip_before_filter :verify_authenticity_token def new + if warden.winning_strategy + @errors = warden.winning_strategy.message + end end def create - env['warden'].authenticate! + authenticate! end def update - env['warden'].authenticate! + authenticate! end def destroy diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb index 98dd99c..82753ec 100644 --- a/users/config/initializers/warden.rb +++ b/users/config/initializers/warden.rb @@ -1,10 +1,10 @@ Rails.configuration.middleware.use RailsWarden::Manager do |config| config.default_strategies :secure_remote_password config.failure_app = SessionsController - config.default_scope = :user - config.scope_defaults :user, :action => :new end +RailsWarden.unauthenticated_action = :new + # Setup Session Serialization class Warden::SessionSerializer def serialize(record) @@ -44,7 +44,7 @@ Warden::Strategies.add(:secure_remote_password) do def validate! srp_session = session.delete(:handshake) user = srp_session.authenticate(params['client_auth'].hex) - user.nil? ? fail!("Could not log in") : success!(user) + user ? success!(user) : fail!(:password => "Could not log in") end def initialize! @@ -52,7 +52,7 @@ Warden::Strategies.add(:secure_remote_password) do session[:handshake] = user.initialize_auth(params['A'].hex) custom! json_response(session[:handshake]) rescue RECORD_NOT_FOUND - fail! "User not found!" + fail! :login => "User not found!" end def json_response(object) |