From 118d9ab5c9f4d7a82b7cf24774ef12d3c221f8ef Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 5 Oct 2012 13:59:39 +0200
Subject: moving to ruby_srp 0.1.0, works with python srp

---
 users/app/controllers/sessions_controller.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'users/app/controllers/sessions_controller.rb')

diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 7852e5c..b8043f5 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -15,11 +15,13 @@ class SessionsController < ApplicationController
   end
 
   def update
+    # TODO: validate the id belongs to the session
     @user = User.find_by_param(params[:id])
-    @server_auth = @user.authenticate!(params[:client_auth].hex, session.delete(:handshake))
+    @srp_session = session.delete(:handshake)
+    @server_auth = @srp_session.authenticate!(params[:client_auth].hex)
     session[:user_id] = @user.id
     User.current = @user #?
-    render :json => {:M2 => @server_auth}
+    render :json => {:M2 => "%064x" % @server_auth}
   rescue WRONG_PASSWORD
     session[:handshake] = nil
     render :json => {:errors => {"password" => ["wrong password"]}}
-- 
cgit v1.2.3