Fix exception when username is not known.

author Tom Hughes <tom@compton.nu>

Tue, 14 Aug 2007 23:38:52 +0000 (23:38 +0000)

committer Tom Hughes <tom@compton.nu>

Tue, 14 Aug 2007 23:38:52 +0000 (23:38 +0000)
author Tom Hughes <tom@compton.nu>
Tue, 14 Aug 2007 23:38:52 +0000 (23:38 +0000)
committer Tom Hughes <tom@compton.nu>
Tue, 14 Aug 2007 23:38:52 +0000 (23:38 +0000)
diff --git a/app/models/user.rb b/app/models/user.rb

index ec4c2f788bad93a37133d9815f3ea2136fd456b3..3fdebbf618110749a588078e32d3c73dfe2d9faa 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -33,7 +33,7 @@ class User < ActiveRecord::Base
    def self.authenticate(options)
      if options[:username] and options[:password]
        user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]])
-      user = nil unless user.pass_crypt == OSM::encrypt_password(options[:password], user.pass_salt)
+      user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
      elsif options[:token]
        token = UserToken.find(:first, :include => :user, :conditions => ["user_tokens.token = ?", options[:token]])
        user = token.user if token
author	Tom Hughes <tom@compton.nu>
	Tue, 14 Aug 2007 23:38:52 +0000 (23:38 +0000)
committer	Tom Hughes <tom@compton.nu>
	Tue, 14 Aug 2007 23:38:52 +0000 (23:38 +0000)