diff --git a/plugins/stoa/controllers/stoa_plugin_controller.rb b/plugins/stoa/controllers/stoa_plugin_controller.rb index ffb1d8a..eede9b2 100644 --- a/plugins/stoa/controllers/stoa_plugin_controller.rb +++ b/plugins/stoa/controllers/stoa_plugin_controller.rb @@ -3,7 +3,13 @@ class StoaPluginController < PublicController def authenticate if request.ssl? && request.post? - user = User.authenticate(params[:login], params[:password], environment) + if params[:login].blank? + person = Person.find_by_usp_id(params[:usp_id]) + login = person ? person.user.login : nil + else + login = params[:login] + end + user = User.authenticate(login, params[:password], environment) if user result = { :username => user.login, diff --git a/plugins/stoa/test/functional/stoa_plugin_controller_test.rb b/plugins/stoa/test/functional/stoa_plugin_controller_test.rb index 18ce095..4fa0288 100644 --- a/plugins/stoa/test/functional/stoa_plugin_controller_test.rb +++ b/plugins/stoa/test/functional/stoa_plugin_controller_test.rb @@ -90,6 +90,23 @@ class StoaPluginControllerTest < ActionController::TestCase assert !json_response['exists'] end + should 'authenticate with usp_id' do + @request.stubs(:ssl?).returns(true) + post :authenticate, :usp_id => user.person.usp_id.to_s, :password => '123456' + + assert_nil json_response['error'] + assert_equal user.login, json_response['username'] + end + + should 'not crash if usp_id is invalid' do + @request.stubs(:ssl?).returns(true) + assert_nothing_raised do + post :authenticate, :usp_id => 12321123, :password => '123456' + end + assert_not_nil json_response['error'] + assert_match /user/,json_response['error'] + end + private def json_response -- libgit2 0.21.2