diff options
author | Benjamin Kellermann <Benjamin.Kellermann@gmx.de> | 2014-02-21 23:19:05 +0100 |
---|---|---|
committer | Benjamin Kellermann <Benjamin.Kellermann@gmx.de> | 2014-02-21 23:19:05 +0100 |
commit | dc2f5c36d83a859cf715c3da23ae38ee237ca52f (patch) | |
tree | e7f81dcaed144378779990767f7cabb2c5888cde /access_control.rb | |
parent | 99921fc3db66427fd5200cae4043cd369e1cc4b5 (diff) |
This patch uses different HTTP authentication realms for the created polls, so
that the browser can properly save your passwords.
Thanks to Nicolas Roeser
Diffstat (limited to 'access_control.rb')
-rwxr-xr-x | access_control.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/access_control.rb b/access_control.rb index 221cda4..a2b7556 100755 --- a/access_control.rb +++ b/access_control.rb @@ -40,7 +40,7 @@ def write_htaccess(acusers) htaccess << <<HTACCESS <Files ~ "^(edit_columns|invite_participants|access_control|delete_poll).cgi$"> AuthType digest -AuthName "dudle" +AuthName "dudle-#{$d.urlsuffix.gsub('"', '\\\\"')}" AuthUserFile "#{File.expand_path(".").gsub('"','\\\\"')}/.htdigest" Require user admin ErrorDocument 401 #{$cgi.script_name.gsub(/[^\/]*\/[^\/]*$/,"")}authorization_required.cgi?user=admin&poll=#{CGI.escape($d.urlsuffix)} @@ -50,7 +50,7 @@ HTACCESS if acusers.include?("participant") htaccess << <<HTACCESS AuthType digest -AuthName "dudle" +AuthName "dudle-#{$d.urlsuffix.gsub('"', '\\\\"')}" AuthUserFile "#{File.expand_path(".").gsub('"','\\\\"')}/.htdigest" Require valid-user ErrorDocument 401 #{$cgi.script_name.gsub(/[^\/]*\/[^\/]*$/,"")}authorization_required.cgi?user=participant&poll=#{CGI.escape($d.urlsuffix)} @@ -66,7 +66,7 @@ HTACCESS end def add_to_htdigest(user,password) File.open(".htdigest","a"){|f| - f << "#{user}:dudle:#{Digest::MD5.hexdigest("#{user}:dudle:#{password}")}\n" + f << "#{user}:dudle-#{$d.urlsuffix.gsub(':', '\\:')}:#{Digest::MD5.hexdigest("#{user}:dudle-#{$d.urlsuffix.gsub(':', '\\:')}:#{password}")}\n" } end |