From 4a92bab4d8c231a17a14afc81c391f9a1f91c063 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 26 Feb 2013 11:42:19 +0100
Subject: api for sessions fixed

* now we return the user id on login
* allow a destroy request for logging out
* added test for api sessions controller
---
 users/lib/warden/strategies/secure_remote_password.rb | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'users/lib/warden')

diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
index 483336d..363e6a0 100644
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ b/users/lib/warden/strategies/secure_remote_password.rb
@@ -25,10 +25,15 @@ module Warden
       end
 
       def validate!
-        client = session[:handshake].authenticate(params['client_auth'].hex)
-        client ?
-          success!(User.find_by_login(client.username)) :
+        if client = validate
+          success!(User.find_by_login(client.username))
+        else
           fail!(:password => "wrong_password")
+        end
+      end
+
+      def validate
+        session[:handshake].authenticate(params['client_auth'].hex)
       end
 
       def initialize!
-- 
cgit v1.2.3