summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
m---------users/app/assets/javascripts/srp0
-rw-r--r--users/app/controllers/sessions_controller.rb7
-rw-r--r--users/config/initializers/warden.rb8
3 files changed, 9 insertions, 6 deletions
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
-Subproject 23350b54ec2723e1b2e333626567c9fe9d1e264
+Subproject 3bf101bc1ef3b5a58fe2f1e2a2e7a681f6de6c0
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 7b7799c..06d55eb 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -3,14 +3,17 @@ class SessionsController < ApplicationController
skip_before_filter :verify_authenticity_token
def new
+ if warden.winning_strategy
+ @errors = warden.winning_strategy.message
+ end
end
def create
- env['warden'].authenticate!
+ authenticate!
end
def update
- env['warden'].authenticate!
+ authenticate!
end
def destroy
diff --git a/users/config/initializers/warden.rb b/users/config/initializers/warden.rb
index 98dd99c..82753ec 100644
--- a/users/config/initializers/warden.rb
+++ b/users/config/initializers/warden.rb
@@ -1,10 +1,10 @@
Rails.configuration.middleware.use RailsWarden::Manager do |config|
config.default_strategies :secure_remote_password
config.failure_app = SessionsController
- config.default_scope = :user
- config.scope_defaults :user, :action => :new
end
+RailsWarden.unauthenticated_action = :new
+
# Setup Session Serialization
class Warden::SessionSerializer
def serialize(record)
@@ -44,7 +44,7 @@ Warden::Strategies.add(:secure_remote_password) do
def validate!
srp_session = session.delete(:handshake)
user = srp_session.authenticate(params['client_auth'].hex)
- user.nil? ? fail!("Could not log in") : success!(user)
+ user ? success!(user) : fail!(:password => "Could not log in")
end
def initialize!
@@ -52,7 +52,7 @@ Warden::Strategies.add(:secure_remote_password) do
session[:handshake] = user.initialize_auth(params['A'].hex)
custom! json_response(session[:handshake])
rescue RECORD_NOT_FOUND
- fail! "User not found!"
+ fail! :login => "User not found!"
end
def json_response(object)