From: Jan Provaznik <jprovazn(a)redhat.com>
---
aeolus-conductor.spec.in | 1 -
src/Gemfile | 1 -
src/app/controllers/application_controller.rb | 14 +-------
src/app/controllers/user_sessions_controller.rb | 39 +++++++++++++----------
src/app/models/user.rb | 4 ++
src/config/initializers/warden.rb | 38 ++++++++++++++++++++++
6 files changed, 66 insertions(+), 31 deletions(-)
create mode 100644 src/config/initializers/warden.rb
diff --git a/aeolus-conductor.spec.in b/aeolus-conductor.spec.in
index 4067194..2252935 100644
--- a/aeolus-conductor.spec.in
+++ b/aeolus-conductor.spec.in
@@ -24,7 +24,6 @@ Requires: rubygem(haml) >= 3.1
Requires: rubygem(nokogiri) >= 1.4.0
Requires: rubygem(will_paginate) >= 3.0
Requires: rubygem(parseconfig)
-Requires: rubygem(authlogic) >= 3.0.2
Requires: rubygem(deltacloud-client) >= 0.0.9.8
Requires: rubygem(compass) >= 0.10.2
Requires: rubygem(compass-960-plugin)
diff --git a/src/Gemfile b/src/Gemfile
index 1d8917e..59d68c8 100644
--- a/src/Gemfile
+++ b/src/Gemfile
@@ -4,7 +4,6 @@ gem 'rails', ' >= 3.0.7'
gem 'sqlite3', :require => 'sqlite3'
-gem 'authlogic'
gem 'deltacloud-client', :require => 'deltacloud'
gem 'sass'
gem 'haml'
diff --git a/src/app/controllers/application_controller.rb
b/src/app/controllers/application_controller.rb
index 77b694d..d2773aa 100644
--- a/src/app/controllers/application_controller.rb
+++ b/src/app/controllers/application_controller.rb
@@ -25,7 +25,7 @@ require 'viewstate.rb'
class ApplicationController < ActionController::Base
# FIXME: not sure what we're doing aobut service layer w/ deltacloud
include ApplicationService
- helper_method :current_user_session, :current_user, :filter_view?
+ helper_method :current_user, :filter_view?
before_filter :read_breadcrumbs
def top_section; end
@@ -168,16 +168,6 @@ class ApplicationController < ActionController::Base
return hash
end
- def current_user_session
- return @current_user_session unless @current_user_session.nil?
- @current_user_session = UserSession.find
- end
-
- def current_user
- return @current_user unless @current_user.nil?
- @current_user = current_user_session && current_user_session.user
- end
-
def require_user
return if current_user
respond_to do |format|
@@ -192,7 +182,7 @@ class ApplicationController < ActionController::Base
end
def require_no_user
- return unless current_user
+ return true unless current_user
store_location
flash[:notice] = "You must be logged out to access this page"
redirect_to account_url
diff --git a/src/app/controllers/user_sessions_controller.rb
b/src/app/controllers/user_sessions_controller.rb
index 8ade923..4b4afca 100644
--- a/src/app/controllers/user_sessions_controller.rb
+++ b/src/app/controllers/user_sessions_controller.rb
@@ -29,30 +29,35 @@ class UserSessionsController < ApplicationController
end
def create
- @user_session = UserSession.new(params[:user_session])
- if @user_session.save
- session[:javascript_enabled] = request.xhr?
- respond_to do |format|
- format.html do
- flash[:notice] = "Login successful!"
- redirect_back_or_default root_url
- end
- format.js { render :status => 201, :text => root_url }
+ authenticate!
+ session[:javascript_enabled] = request.xhr?
+ respond_to do |format|
+ format.html do
+ flash[:notice] = "Login successful!"
+ redirect_back_or_default root_url
end
- else
- respond_to do |format|
- format.html do
- flash.now[:warning] = "Login failed: The Username and Password you entered
do not match"
- render :action => :new
- end
- format.js { render :status=> 401, :text => "Login failed: The Username
and Password you entered do not match" }
+ format.js { render :status => 201, :text => root_url }
+ end
+ end
+
+ def unauthenticated
+ Rails.logger.warn "Request is unauthenticated for #{request.remote_ip}"
+
+ respond_to do |format|
+ format.html do
+ @user_session = UserSession.new(params[:user_session])
+ flash[:warning] = "Login failed: The Username and Password you entered do
not match"
+ render :action => :new
end
+ format.js { render :status=> 401, :text => "Login failed: The Username
and Password you entered do not match" }
end
+
+ return false
end
def destroy
- current_user_session.destroy
clear_breadcrumbs
+ logout
flash[:notice] = "Logout successful!"
redirect_back_or_default login_url
end
diff --git a/src/app/models/user.rb b/src/app/models/user.rb
index 709fe51..506d965 100644
--- a/src/app/models/user.rb
+++ b/src/app/models/user.rb
@@ -69,4 +69,8 @@ class User < ActiveRecord::Base
def name
"#{first_name} #{last_name}"
end
+
+ def self.authenticate(username, password)
+ User.first(:conditions => {:login => username})
+ end
end
diff --git a/src/config/initializers/warden.rb b/src/config/initializers/warden.rb
new file mode 100644
index 0000000..1539be3
--- /dev/null
+++ b/src/config/initializers/warden.rb
@@ -0,0 +1,38 @@
+Rails.configuration.middleware.use RailsWarden::Manager do |config|
+ config.failure_app = UserSessionsController
+ config.default_scope = :user
+
+ # all UI requests are handled in the default scope
+ config.scope_defaults(
+ :user,
+ #:strategies => [AppConfig.warden.to_sym],
+ :strategies => [:database],
+ :store => true,
+ :action => 'unauthenticated'
+ )
+end
+
+class Warden::SessionSerializer
+ def serialize(user)
+ raise ArgumentError, "Cannot serialize invalid user object: #{user}" if not
user.is_a? User and user.id.is_a? Integer
+ user.id
+ end
+
+ def deserialize(id)
+ raise ArgumentError, "Cannot deserialize non-integer id: #{id}" unless
id.is_a? Integer
+ User.find(id) rescue nil
+ end
+end
+
+# authenticate against database
+Warden::Strategies.add(:database) do
+ def valid?
+ params[:user_session] && params[:user_session][:login] &&
params[:user_session][:password]
+ end
+
+ def authenticate!
+ Rails.logger.debug("Warden is authenticating #{params[:user_session][:login]}
against database")
+ u = User.authenticate(params[:user_session][:login],
params[:user_session][:password])
+ u ? success!(u) : fail!("Username or password is not correct - could not log
in")
+ end
+end
--
1.7.6