From 62c48c5a14ea0c1221216c3e40eb82ef594f2771 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 2 Apr 2013 14:20:55 +0200
Subject: send salt on Session#create without srp ephemeral A

---
 users/app/controllers/v1/sessions_controller.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'users/app/controllers/v1/sessions_controller.rb')

diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 0551ca9..9365d76 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -13,7 +13,12 @@ module V1
 
     def create
       logout if logged_in?
-      authenticate!
+      if params['A']
+        authenticate!
+      else
+        @user = User.find_by_login(params['login'])
+        render :json => {salt: @user.salt}
+      end
     end
 
     def update
-- 
cgit v1.2.3