summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/app/controllers/sessions_controller.rb6
-rw-r--r--users/leap_web_users.gemspec2
2 files changed, 4 insertions, 4 deletions
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index b8043f5..284c0e2 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -9,7 +9,7 @@ class SessionsController < ApplicationController
@user = User.find_by_param(params[:login])
session[:handshake] = @user.initialize_auth(params['A'].hex)
User.current = @user #?
- render :json => { :B => session[:handshake].bb.to_s(16), :salt => @user.password_salt }
+ render :json => session[:handshake]
rescue RECORD_NOT_FOUND
render :json => {:errors => {:login => ["unknown user"]}}
end
@@ -18,10 +18,10 @@ class SessionsController < ApplicationController
# TODO: validate the id belongs to the session
@user = User.find_by_param(params[:id])
@srp_session = session.delete(:handshake)
- @server_auth = @srp_session.authenticate!(params[:client_auth].hex)
+ @srp_session.authenticate!(params[:client_auth].hex)
session[:user_id] = @user.id
User.current = @user #?
- render :json => {:M2 => "%064x" % @server_auth}
+ render :json => @srp_session
rescue WRONG_PASSWORD
session[:handshake] = nil
render :json => {:errors => {"password" => ["wrong password"]}}
diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec
index 2bbb0b8..90aa4df 100644
--- a/users/leap_web_users.gemspec
+++ b/users/leap_web_users.gemspec
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
s.add_dependency "rails", "~> 3.2.8"
s.add_dependency "leap_web_core", "~> 0.0.1"
s.add_dependency "couchrest_session_store", "~> 0.0.1"
- s.add_dependency "ruby-srp", "~> 0.1.0"
+ s.add_dependency "ruby-srp", "~> 0.1.1"
LeapWebCore::Dependencies.add_ui_gems_to_spec(s)