kolan/obsolete.ChilliProject
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Prevent LDAP authentication with empty password related problems.

Browse Source 
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1231 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2008-03-12 17:56:19 +00:00
parent a9c972fbb3
commit 3a75b6771f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/user.rb
View File

@ -83,6 +83,8 @@ class User < ActiveRecord::Base
# Returns the user that matches provided login and password, or nil # Returns the user that matches provided login and password, or nil
def self.try_to_login(login, password) def self.try_to_login(login, password)
# Make sure no one can sign in with an empty password
return nil if password.to_s.empty?
user = find(:first, :conditions => ["login=?", login]) user = find(:first, :conditions => ["login=?", login])
if user if user
# user is already in local database # user is already in local database