diff options
| author | David Yip <yipdw@member.fsf.org> | 2018-03-02 21:46:44 -0600 |
|---|---|---|
| committer | David Yip <yipdw@member.fsf.org> | 2018-03-02 21:46:44 -0600 |
| commit | 1b8fcd4df52c8d715f89180faea8205310f197ae (patch) | |
| tree | 705b8b59bafdd26cb96983e2da0104e8b7308ea7 /app/models/user.rb | |
| parent | ee00da01d2e4cc455b92f1f4a7c9142c73048433 (diff) | |
| parent | ecf06d7e821a4b8f4585f1b6f0e39c595ed047ce (diff) | |
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts: README.md app/controllers/follower_accounts_controller.rb app/controllers/following_accounts_controller.rb app/serializers/rest/instance_serializer.rb app/views/stream_entries/_simple_status.html.haml config/locales/simple_form.ja.yml
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 197799294..b3e5f9352 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -44,7 +44,7 @@ class User < ApplicationRecord ACTIVE_DURATION = 14.days devise :two_factor_authenticatable, - otp_secret_encryption_key: ENV['OTP_SECRET'] + otp_secret_encryption_key: ENV.fetch('OTP_SECRET') devise :two_factor_backupable, otp_number_of_backup_codes: 10 @@ -52,7 +52,6 @@ class User < ApplicationRecord devise :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable - devise :pam_authenticatable if Devise.pam_authentication devise :omniauthable belongs_to :account, inverse_of: :user @@ -117,6 +116,12 @@ class User < ApplicationRecord acc.destroy! unless save end + def ldap_setup(_attributes) + self.confirmed_at = Time.now.utc + self.admin = false + save! + end + def confirmed? confirmed_at.present? end @@ -247,17 +252,17 @@ class User < ApplicationRecord end def password_required? - return false if Devise.pam_authentication + return false if Devise.pam_authentication || Devise.ldap_authentication super end def send_reset_password_instructions - return false if encrypted_password.blank? && Devise.pam_authentication + return false if encrypted_password.blank? && (Devise.pam_authentication || Devise.ldap_authentication) super end def reset_password!(new_password, new_password_confirmation) - return false if encrypted_password.blank? && Devise.pam_authentication + return false if encrypted_password.blank? && (Devise.pam_authentication || Devise.ldap_authentication) super end @@ -280,6 +285,17 @@ class User < ApplicationRecord end end + def self.ldap_get_user(attributes = {}) + resource = joins(:account).find_by(accounts: { username: attributes[Devise.ldap_uid.to_sym].first }) + + if resource.blank? + resource = new(email: attributes[:mail].first, account_attributes: { username: attributes[Devise.ldap_uid.to_sym].first }) + resource.ldap_setup(attributes) + end + + resource + end + def self.authenticate_with_pam(attributes = {}) return nil unless Devise.pam_authentication super |