3 files changed, 48 insertions, 0 deletions

diff --git a/users/app/controllers/.gitkeep b/users/app/controllers/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/controllers/.gitkeep
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
new file mode 100644
index 0000000..e68d798
--- /dev/null
+++ b/users/app/controllers/sessions_controller.rb
@@ -0,0 +1,30 @@
+class SessionsController < ApplicationController
+
+  skip_before_filter :verify_authenticity_token
+
+  def new
+  end
+
+  def create
+    @user = User.find_by_param(params[:login])
+    session[:handshake] = @user.initialize_auth(params['A'].hex)
+    render :json => { :B => session[:handshake].bb.to_s(16) }
+  rescue RECORD_NOT_FOUND
+    render :json => {:errors => {:login => ["unknown user"]}}
+  end
+
+  def update
+    @user = User.find_by_param(params[:id])
+    @server_auth = @user.authenticate!(params[:client_auth].hex, session.delete(:handshake))
+    session[:user_id] = @user.id
+    render :json => {:M2 => @server_auth}
+  rescue WRONG_PASSWORD
+    session[:handshake] = nil
+    render :json => {:errors => {"password" => ["wrong password"]}}
+  end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_path
+  end
+end
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
new file mode 100644
index 0000000..82d2eac
--- /dev/null
+++ b/users/app/controllers/users_controller.rb
@@ -0,0 +1,18 @@
+class UsersController < ApplicationController
+
+  skip_before_filter :verify_authenticity_token
+
+  respond_to :json, :html
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.create!(params[:user])
+    respond_with(@user, :location => root_url, :notice => "Signed up!")
+  rescue VALIDATION_FAILED => e
+    @user = e.document
+    respond_with(@user, :location => new_user_path)
+  end
+end