From 5764daae090227bf4c5967900b708392c967be47 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 1 May 2014 10:45:57 +0200
Subject: hash token with sha512 against timing attacs #3398

---
 app/controllers/controller_extension/token_authentication.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'app/controllers/controller_extension')

diff --git a/app/controllers/controller_extension/token_authentication.rb b/app/controllers/controller_extension/token_authentication.rb
index 6e0a6ce..b0ed624 100644
--- a/app/controllers/controller_extension/token_authentication.rb
+++ b/app/controllers/controller_extension/token_authentication.rb
@@ -2,8 +2,8 @@ module ControllerExtension::TokenAuthentication
   extend ActiveSupport::Concern
 
   def token
-    @token ||= authenticate_with_http_token do |token_id, options|
-      Token.find(token_id)
+    @token ||= authenticate_with_http_token do |token, options|
+      Token.find_by_token(token)
     end
   end
 
-- 
cgit v1.2.3