summaryrefslogtreecommitdiff
path: root/users/lib/warden/strategies/secure_remote_password.rb
diff options
context:
space:
mode:
Diffstat (limited to 'users/lib/warden/strategies/secure_remote_password.rb')
-rw-r--r--users/lib/warden/strategies/secure_remote_password.rb11
1 files changed, 8 insertions, 3 deletions
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
index 594e27e..483336d 100644
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ b/users/lib/warden/strategies/secure_remote_password.rb
@@ -25,13 +25,18 @@ module Warden
end
def validate!
- user = session[:handshake].authenticate(params['client_auth'].hex)
- user ? success!(user) : fail!(:password => "wrong_password")
+ client = session[:handshake].authenticate(params['client_auth'].hex)
+ client ?
+ success!(User.find_by_login(client.username)) :
+ fail!(:password => "wrong_password")
end
def initialize!
if user = User.find_by_login(id)
- session[:handshake] = user.initialize_auth(params['A'].hex)
+ client = SRP::Client.new user.username,
+ :verifier => user.verifier,
+ :salt => user.salt
+ session[:handshake] = SRP::Session.new(client, params['A'].hex)
custom! json_response(session[:handshake])
else
fail! :login => "user_not_found"
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 03:35:14 +0000