diff options
author | David Yip <yipdw@member.fsf.org> | 2018-03-02 21:46:44 -0600 |
---|---|---|
committer | David Yip <yipdw@member.fsf.org> | 2018-03-02 21:46:44 -0600 |
commit | 1b8fcd4df52c8d715f89180faea8205310f197ae (patch) | |
tree | 705b8b59bafdd26cb96983e2da0104e8b7308ea7 /lib/devise | |
parent | ee00da01d2e4cc455b92f1f4a7c9142c73048433 (diff) | |
parent | ecf06d7e821a4b8f4585f1b6f0e39c595ed047ce (diff) |
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts: README.md app/controllers/follower_accounts_controller.rb app/controllers/following_accounts_controller.rb app/serializers/rest/instance_serializer.rb app/views/stream_entries/_simple_status.html.haml config/locales/simple_form.ja.yml
Diffstat (limited to 'lib/devise')
-rw-r--r-- | lib/devise/ldap_authenticatable.rb | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/lib/devise/ldap_authenticatable.rb b/lib/devise/ldap_authenticatable.rb new file mode 100644 index 000000000..531abdbbe --- /dev/null +++ b/lib/devise/ldap_authenticatable.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: true + +if ENV['LDAP_ENABLED'] == 'true' + require 'net/ldap' + require 'devise/strategies/authenticatable' + + module Devise + module Strategies + class LdapAuthenticatable < Authenticatable + def authenticate! + if params[:user] + ldap = Net::LDAP.new( + host: Devise.ldap_host, + port: Devise.ldap_port, + base: Devise.ldap_base, + encryption: { + method: Devise.ldap_method, + tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS, + }, + auth: { + method: :simple, + username: Devise.ldap_bind_dn, + password: Devise.ldap_password, + }, + connect_timeout: 10 + ) + + if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password)) + user = User.ldap_get_user(user_info.first) + success!(user) + else + return fail(:invalid_login) + end + end + end + + def email + params[:user][:email] + end + + def password + params[:user][:password] + end + end + end + end + + Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable) +end |