summaryrefslogtreecommitdiff
path: root/users/lib/warden
diff options
context:
space:
mode:
Diffstat (limited to 'users/lib/warden')
-rw-r--r--users/lib/warden/session_serializer.rb13
-rw-r--r--users/lib/warden/strategies/secure_remote_password.rb81
2 files changed, 0 insertions, 94 deletions
diff --git a/users/lib/warden/session_serializer.rb b/users/lib/warden/session_serializer.rb
deleted file mode 100644
index 81d7076..0000000
--- a/users/lib/warden/session_serializer.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-module Warden
- # Setup Session Serialization
- class SessionSerializer
- def serialize(record)
- [record.class.name, record.id]
- end
-
- def deserialize(keys)
- klass, id = keys
- klass.constantize.find(id)
- end
- end
-end
diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
deleted file mode 100644
index 2c334c6..0000000
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ /dev/null
@@ -1,81 +0,0 @@
-module Warden
- module Strategies
- class SecureRemotePassword < Warden::Strategies::Base
-
- def valid?
- handshake? || authentication?
- end
-
- def authenticate!
- if authentication?
- validate!
- else # handshake
- initialize!
- end
- end
-
- protected
-
- def handshake?
- params['A'] && params['login']
- end
-
- def authentication?
- params['client_auth'] && session[:handshake]
- end
-
- def validate!
- if client = validate
- success!(User.find_by_login(client.username))
- else
- Rails.logger.warn "Login attempt failed."
- Rails.logger.debug debug_info
- Rails.logger.debug "Received: #{params['client_auth']}"
- session.delete(:handshake)
- fail!(:base => "invalid_user_pass")
- end
- end
-
- def validate
- session[:handshake].authenticate(params['client_auth'])
- end
-
- def initialize!
- if user = User.find_by_login(id)
- client = SRP::Client.new user.username,
- :verifier => user.verifier,
- :salt => user.salt
- session[:handshake] = SRP::Session.new(client, params['A'])
- custom! json_response(session[:handshake])
- else
- fail! :base => 'invalid_user_pass'
- end
- rescue SRP::InvalidEphemeral
- fail!(:base => "invalid_ephemeral")
- end
-
- def json_response(object)
- [ 200,
- {"Content-Type" => "application/json; charset=utf-8"},
- [object.to_json]
- ]
- end
-
- def id
- params["id"] || params["login"]
- end
-
- protected
-
- def debug_info
- JSON.pretty_generate(session[:handshake].internal_state)
- end
-
- end
- end
- Warden::Strategies.add :secure_remote_password,
- Warden::Strategies::SecureRemotePassword
-
-end
-
-