Contents

require 'digest/sha1'
require 'omniauth/core'

module OmniAuth
  module Strategies
    class Password
      include OmniAuth::Strategy
      
      def initialize(app, secret = 'changethisappsecret', options = {}, &block)
        @options = options
        @secret = secret
        super(app, :password, &block)
      end

      attr_reader :secret
      
      def request_phase
        return fail!(:missing_information) unless request[:identifier] && request[:password]
        return fail!(:password_mismatch) if request[:password_confirmation] && request[:password_confirmation] != '' && request[:password] != request[:password_confirmation]
        env['REQUEST_METHOD'] = 'GET'
        env['PATH_INFO'] = request.path + '/callback'
        env['omniauth.auth'] = auth_hash(encrypt(request[:identifier], request[:password]))
        call_app!
      end
      
      def auth_hash(crypted_password)
        OmniAuth::Utils.deep_merge(super(), {
          'uid' => crypted_password,
          'user_info' => {
            @options[:identifier_key] => request[:identifier]
          }
        })
      end
      
      def callback_phase
        call_app!
      end
      
      def encrypt(identifier, password)
        Digest::SHA1.hexdigest([identifier, password, secret].join('::'))
      end
    end
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
oa-core-0.2.0.beta2	lib/omniauth/strategies/password.rb
oa-core-0.2.0.beta1	lib/omniauth/strategies/password.rb