From 62c48c5a14ea0c1221216c3e40eb82ef594f2771 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 2 Apr 2013 14:20:55 +0200
Subject: send salt on Session#create without srp ephemeral A

---
 users/app/controllers/v1/sessions_controller.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'users/app')

diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 0551ca9..9365d76 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -13,7 +13,12 @@ module V1
 
     def create
       logout if logged_in?
-      authenticate!
+      if params['A']
+        authenticate!
+      else
+        @user = User.find_by_login(params['login'])
+        render :json => {salt: @user.salt}
+      end
     end
 
     def update
-- 
cgit v1.2.3


From d781dbdd61d1d24ec4828859a28815b55310154d Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 2 Apr 2013 16:56:11 +0200
Subject: send more meaningful error message on completely failed login attempt

---
 .../controllers/controller_extension/authentication.rb   | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'users/app')

diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index f2184d9..f0a6564 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -8,13 +8,27 @@ module ControllerExtension::Authentication
   end
 
   def authentication_errors
-    return unless errors = warden.winning_strategy.try(:message)
+    return unless attempted_login?
+    errors = get_warden_errors
     errors.inject({}) do |translated,err|
       translated[err.first] = I18n.t(err.last)
       translated
     end
   end
 
+  def get_warden_errors
+    if strategy = warden.winning_strategy
+      strategy.message
+    else
+      { login: :all_strategies_failed }
+    end
+  end
+
+  def attempted_login?
+    request.env['warden.options'] &&
+      request.env['warden.options'][:attempted_path]
+  end
+
   def logged_in?
     !!current_user
   end
-- 
cgit v1.2.3


From 654ab25fa4659119d5ddaa9ae116fce69a386ab1 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Wed, 3 Apr 2013 11:22:16 +0200
Subject: make sure user tests also run when run from users subdir

* The APP_CONFIG needs to be initialized in core so that is required from other engines
* paths for load_views need to be relative to the model - not to rails root.
---
 users/app/models/user.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'users/app')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index c9b367f..62c5054 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -47,7 +47,8 @@ class User < CouchRest::Model::Base
   timestamps!
 
   design do
-    load_views(Rails.root.join('users', 'app', 'designs', 'user'))
+    own_path = Pathname.new(File.dirname(__FILE__))
+    load_views(own_path.join('..', 'designs', 'user'))
     view :by_login
     view :by_created_at
   end
-- 
cgit v1.2.3