Sha256: 7e79aa95a9906c544ac2c1b041438e6dab52b247947d1f3715b17c1babc8ea25
Contents?: true
Size: 1007 Bytes
Versions: 3
Compression:
Stored size: 1007 Bytes
Contents
class UserTasks < Volt::TaskHandler
# Login a user, takes a login and password. Login can be either a username or an e-mail
# based on Volt.config.public.auth.use_username
def login(login, password)
query = {User.login_field => login}
return store._users.find(query).then do |users|
user = users.first
if user
match_pass = BCrypt::Password.new(user._hashed_password)
if match_pass == password
raise "app_secret is not configured" unless Volt.config.app_secret
# TODO: returning here should be possible, but causes some issues
# Salt the user id with the app_secret so the end user can't tamper with the cookie
signature = BCrypt::Password.create("#{Volt.config.app_secret}::#{user._id}")
# Return user_id:hash on user id
next "#{user._id}:#{signature}"
else
raise "Password did not match"
end
else
raise "User could not be found"
end
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| volt-0.8.22 | app/volt/tasks/user_tasks.rb |
| volt-0.8.22.beta2 | app/volt/tasks/user_tasks.rb |
| volt-0.8.22.beta1 | app/volt/tasks/user_tasks.rb |