From 671095e030babc67255e8bd789eb221adf34c8aa Mon Sep 17 00:00:00 2001
From: Ken Johnson <cktricky@Kens-MacBook-Pro.local>
Date: Tue, 21 May 2013 00:58:11 -0400
Subject: [PATCH] added a vuln for broken auth and session mgmt, issue #2

---
 app/controllers/sessions_controller.rb      |  9 ++++++++-
 app/models/user.rb                          | 10 ++++++++--
 app/views/layouts/application.html.erb      |  1 +
 app/views/layouts/shared/_messages.html.erb | 18 ++++++++++++++++++
 4 files changed, 35 insertions(+), 3 deletions(-)
 create mode 100644 app/views/layouts/shared/_messages.html.erb

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index fa014dc..91de7ea 100755
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -7,13 +7,20 @@ class SessionsController < ApplicationController
   end
   
   def create
-      user = User.authenticate(params[:email], params[:password])
+     
+      begin
+        user = User.authenticate(params[:email], params[:password])
+      rescue Exception => e
+      end
+      
       if user
         session[:id] = user.id if User.where(:id => user.id).exists?
         redirect_to home_dashboard_index_path
       else
+        flash[:error] = e.message
         render "new"
       end
+      
   end
   
   def destroy
diff --git a/app/models/user.rb b/app/models/user.rb
index 7178fa8..43c9a75 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -13,8 +13,14 @@ class User < ActiveRecord::Base
        auth = nil
        user = find_by_email(email)
        # I heard something about hashing, dunno, why bother really. Nobody will get access to my stuff!
-       if user && user.password == password
-        auth = user
+       if user
+         if user.password == password
+           auth = user
+         else
+          raise "Incorrect Password!"
+         end 
+       else
+          raise "#{email} doesn't exist!"
        end
        return auth
   end
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 366c7b5..c5fc8bb 100755
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -26,6 +26,7 @@
 <% end %>
 <div class="container-fluid">
 	<div class="dashboard-wrapper">
+		<%= render "layouts/shared/messages" %>
 		<%= yield %>
 	</div>
 </div>	
diff --git a/app/views/layouts/shared/_messages.html.erb b/app/views/layouts/shared/_messages.html.erb
new file mode 100644
index 0000000..c648022
--- /dev/null
+++ b/app/views/layouts/shared/_messages.html.erb
@@ -0,0 +1,18 @@
+<% flash.each do |name, msg| %>
+	<% if name == :error %> 
+		<div class="alert alert-error">
+			<a class="close" data-dismiss="alert" href="#">×</a>
+  				<%= content_tag :div, msg, :id => "flash_notice" %>
+		</div>
+	<% elsif name == :success %>
+		<div class="alert alert-success">
+			<a class="close" data-dismiss="alert" href="#">×</a>
+  				<%= content_tag :div, msg, :id => "flash_notice" %>
+		</div>
+	<% elsif name == :info %>
+		<div class="alert alert-info">
+			<a class="close" data-dismiss="alert" href="#">×</a>
+				<%= content_tag :div, msg, :id => "flash_notice" %>
+		</div>
+	<% end %>
+<% end %>
\ No newline at end of file