Class: Pasaporte::Controllers::Signon

Inherits:
R
  • Object
show all
Includes:
Secure::CheckMethods
Defined in:
lib/pasaporte.rb

Overview

Show the login form and accept the input

Instance Method Summary collapse

Methods included from Secure::CheckMethods

#_redir_to_login_page!, #deny_throttled!, #profile_by_nickname, #require_login!, #require_plain!, #require_ssl!, #validate_token!

Instance Method Details

#get(nick = nil) ⇒ Object 



449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
 
# File 'lib/pasaporte.rb', line 449

def get(nick=nil)
  LOGGER.info "Entered signon, #{@env.HTTPS ? :HTTPS : :HTTP_plain }"
  deny_throttled!
  return redirect(DashPage, @state.nickname) if @state.nickname 
  if nick && @state.pending_openid
    humane = begin
      URI.parse(@state.pending_openid.trust_root).host
    rescue URI::InvalidURIError
      LOGGER.error "Failed to parse #{@state.pending_openid.trust_root}"
      @state.pending_openid.trust_root
    end
    show_message "Before authorizing with <b>#{humane}</b> you will need to login"
  end
  
  require_ssl!
  
  @nickname = nick;
  render :signon_form
end

#post(n = nil) ⇒ Object 



469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
 
# File 'lib/pasaporte.rb', line 469

def post(n=nil)
  
  begin
    deny_throttled!
  rescue Pasaporte::Secure::Throttled => th
    if @state.pending_openid
      buggeroff = @state.delete(:pending_openid).answer(false)
      send_openid_response(buggeroff); return
    end
    raise th
  end
  
  require_ssl!
  
  @nickname = @input. || n || (raise "No nickname to authenticate")
  
  # The throttling logic must be moved into throttles apparently
  
  # Start counting
  @state.failed_logins ||= 0
  
  # Validate token
  validate_token!
  
  # If the user reaches the failed login limit we ban him for a while and
  # tell the OpenID requesting party to go away
  if Pasaporte::AUTH.call(@nickname, input.pass, my_domain)
    LOGGER.info "#{@nickname} logged in, setting state"
    # TODO - Special case - if the login ultimately differs from the one entered
    # we need to take care of that and tell the OID consumer that we want to restart
    # from a different profile URL
    @state.nickname = @nickname
    @profile = profile_by_nickname(@nickname)
    
    # Recet the grace counter
    @state.failed_logins = 0
    
    # If we have a suspended OpenID procedure going on - continue
    redirect R((@state.pending_openid ? Openid : DashPage), @nickname); return
  else
    show_error "Oops.. cannot find you there"
    # Raise the grace counter
    @state.failed_logins += 1
    if @state.failed_logins >= MAX_FAILED_LOGIN_ATTEMPTS
      LOGGER.info("%s - failed %s times, taking action" %  
        [@nickname, MAX_FAILED_LOGIN_ATTEMPTS])
      punish_the_violator
    else
      @state.delete(:nickname)
      render :signon_form
    end
  end
end