ref: refs/heads/master
commit 60fa4d5d9eae496ffda8cb5c48182302c3038a87
Author: Klaus Kämpf
Date: Tue Jul 7 15:00:06 2009 +0200
Code cleanup and rubyfication
---
webservice/app/models/account.rb | 47 ++++++++++++++-----------------------
1 files changed, 18 insertions(+), 29 deletions(-)
diff --git a/webservice/app/models/account.rb b/webservice/app/models/account.rb
index b681e4a..9b82af3 100644
--- a/webservice/app/models/account.rb
+++ b/webservice/app/models/account.rb
@@ -1,3 +1,6 @@
+# generated by technoweenie's restful-authentication:
+# http://github.com/technoweenie/restful-authentication/tree/master
+
require 'rubygems'
require 'session'
@@ -25,40 +28,26 @@ class Account < ActiveRecord::Base
cmd = "/sbin/unix2_chkpwd rpam " + login
se = Session.new
result, err = se.execute cmd, :stdin => passwd
- if (se.get_status == 0)
- return true
- else
- return false
- end
+ return (se.get_status == 0)
end
# Authenticates a user by their login name and unencrypted password. Returns the user or nil.
def self.authenticate(login, passwd)
- granted = false
- begin
- granted = false
- if authpam(login,passwd) == true or #much more faster
- unix2_chkpwd(login,passwd) #slowly but need no more additional PAM rights
- granted = true
- end
- rescue #caused by authpam
- if unix2_chkpwd(login,passwd) #slowly but need no more additional PAM rights
- granted = true
- end
- end
- if granted
- acc = find_by_login(login)
- if !acc
- acc = Account.new
- acc.login = login
- end
- @password = passwd
- acc.password = passwd
- acc.save
- return acc
- else
- return nil
+ # try rPAM first
+ granted = authpam(login, passwd) rescue false #much more faster
+ # then chkpwd second
+ granted = unix2_chkpwd(login, passwd) unless granted #slowly but need no more additional PAM rights
+ return nil unless granted
+ # find/create the correspoding account record
+ acc = find_by_login(login)
+ unless acc
+ acc = Account.new
+ acc.login = login
end
+ @password = passwd
+ acc.password = passwd # Uh, oh, this saves a cleartext password ?!
+ acc.save
+ return acc
end
# Encrypts some data with the salt.
--
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org