Permalink
Browse files

Ignore invalid credential fields, dont raise an exception

  • Loading branch information...
1 parent 832b7f0 commit 4d428027b20a7b472292cbfaa96fed01e594ce07 @binarylogic committed Oct 29, 2008
Showing with 11 additions and 4 deletions.
  1. +4 −0 CHANGELOG.rdoc
  2. +1 −1 README.rdoc
  3. +6 −3 lib/authgasm/session/base.rb
View
@@ -1,3 +1,7 @@
+== 0.10.3 released 2008-10-29
+
+* Instead of raising an error when extra fields are passed in credentials=, just ignore them.
+
== 0.10.2 released 2008-10-24
* Added in stretches to the default Sha512 encryption algorithm.
View
@@ -256,7 +256,7 @@ I recently had an app where you could log in as a user and also log in as an emp
=== Too presumptuous
-A lot of them forced me to name my password column as "this", or the key of my cookie had to be "this". They were a little too presumptuous. I am probably overly picky, but little details like that should be configurable. This also make it very hard to implement into an existing app.
+A lot of them forced me to name my password column as "this", or the key of my cookie had to be "this". They were a little too presumptuous. I am probably overly picky, but little details like that should be configurable. This also made it very hard to implement into an existing app.
Copyright (c) 2008 Ben Johnson of [Binary Logic](http://www.binarylogic.com), released under the MIT license
@@ -131,11 +131,14 @@ def credentials
{login_field => send(login_field), password_field => "<Protected>"}
end
- # Lets you set your loging and password via a hash format.
+ # Lets you set your loging and password via a hash format. This is "params" safe. It only allows for 3 keys: your login field name, password field name, and remember me.
def credentials=(values)
return if values.blank? || !values.is_a?(Hash)
- raise(ArgumentError, "Only 2 credentials are allowed: #{login_field} and #{password_field}") if (values.keys - [login_field.to_sym, login_field.to_s, password_field.to_sym, password_field.to_s]).size > 0
- values.each { |field, value| send("#{field}=", value) }
+ values.symbolize_keys!
+ [login_field.to_sym, password_field.to_sym, :remember_me].each do |field|
+ next unless values.key?(field)
+ send("#{field}=", values[field])
+ end
end
# Resets everything, your errors, record, cookies, and session. Basically "logs out" a user.

0 comments on commit 4d42802

Please sign in to comment.