From 1f0a671c5c6202afaa2ff384089b47b5eb918654 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Thu, 24 Jan 2013 09:19:00 +0100
Subject: [PATCH] Moved to User.authenticate() for http basic auth.

---
 app/controllers/application_controller.rb | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 2b1c92494..885571d88 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -69,14 +69,15 @@ class ApplicationController < ActionController::Base
 #    puts params.inspect
 
     # check http basic auth
-    authenticate_with_http_basic do |user, password|
+    authenticate_with_http_basic do |username, password|
       puts 'http basic auth check'
-      userdata = User.lookup( :login => user )
+      userdata = User.lookup( :login => username )
       message = ''
       if !userdata
         message = 'authentication failed, user'
       else
-        if password != userdata.password
+        success = User.authenticate( username, password )
+        if !success
           message = 'authentication failed, pw'
         end
       end