Skip to content

Commit

Permalink
Merge pull request #1379 from bgeuken/cleanup_login
Browse files Browse the repository at this point in the history 
Cleanup login
  • Loading branch information
@adrianschroeter
adrianschroeter committed Nov 18, 2015
2 parents 24226c3 + 8f6089c commit a00b304
Show file tree
Hide file tree
Showing 5 changed files with 54 additions and 6 deletions.
7 changes: 3 additions & 4 deletions src/api/app/controllers/webui/user_controller.rb
View file
Expand Up @@ -36,18 +36,17 @@ def do_login

case mode
when :on
user = User.find_by(login: request.env['HTTP_X_USERNAME'])
user = User.authenticate(request.env['HTTP_X_USERNAME'])
when :basic, :off
user = User.find_with_credentials(params[:username], params[:password])
user = User.authenticate(params[:username], params[:password])
end

if user.nil? || (user.state == User::STATES['ichainrequest'] || user.state == User::STATES['unconfirmed'])
unless user
redirect_to(user_login_path, error: 'Authentication failed')
return
end

logger.debug "USER found: #{user.login}"
User.current = user

session[:login] = User.current.login
session[:password] = params[:password]
Expand Down
15 changes: 15 additions & 0 deletions src/api/app/models/user.rb
View file
Expand Up @@ -369,6 +369,21 @@ def nobody_login
'_nobody_'
end

def authenticate(user_login, password = nil)
if password.nil?
user = User.find_by(login: user_login)
else
user = User.find_with_credentials(user_login, password)
end

# User account is not confirmed yet
if [STATES['ichainrequest'], STATES['unconfirmed']].include?(user.try(:state))
return
end

User.current = user
end

def get_default_admin
admin = CONFIG['default_admin'] || 'Admin'
user = find_by_login(admin)
Expand Down
13 changes: 13 additions & 0 deletions src/api/test/fixtures/users.yml
View file
Expand Up @@ -281,3 +281,16 @@ user6:
password_salt: Vibb8QsN4I
password_crypted: osEJSjdDGtlBY
state: 2
unconfirmed_user:
created_at: 2012-01-16 13:36:00.000000000 Z
updated_at: 2012-01-16 13:36:00.000000000 Z
last_logged_in_at: 2012-01-16 13:36:00.000000000 Z
login_failure_count: 0
login: unconfirmed_user
email: test@example.com
realname: ''
password: df9a257e5a7c1af44987f695369adc44
password_hash_type: md5
password_salt: Vibb8QsN4I
password_crypted: osEJSjdDGtlBY
state: 1
3 changes: 1 addition & 2 deletions src/api/test/test_helper.rb
View file
Expand Up @@ -396,8 +396,7 @@ def basic_auth
end

def prepare_request_with_user(user, passwd)
re = 'Basic ' + Base64.encode64(user + ':' + passwd)
@@auth = re
@@auth = 'Basic ' + Base64.encode64(user + ':' + passwd)
end

# will provide a user without special permissions
Expand Down
22 changes: 22 additions & 0 deletions src/api/test/unit/user_test.rb
View file
Expand Up @@ -9,6 +9,28 @@ def setup
@user = User.find_by_login('Iggy')
end

def test_login
user = User.authenticate("tom")
assert_equal User.find_by(login: "tom"), user
assert_equal User.find_by(login: "tom"), User.current

user = User.authenticate("tom", "thunder")
assert_equal User.find_by(login: "tom"), user
assert_equal User.find_by(login: "tom"), User.current

user = User.authenticate("tom", "wrong_pw")
assert_equal nil, user
assert_equal nil, User.current

user = User.authenticate("nonexistant")
assert_equal nil, user
assert_equal nil, User.current

user = User.authenticate("unconfirmed_user")
assert_equal nil, user
assert_equal nil, User.current
end

def test_create_home_project
User.create(login: 'moises', email: 'moises@home.com', password: '123456')
assert Project.find_by(name: 'home:moises')
Expand Down

0 comments on commit a00b304

Please sign in to comment.