LDAP done

2012-01-28 16:23:17 +03:00 · 2012-01-28 16:23:17 +03:00 · d6a0b8f428
parent d885f24f7b
commit d6a0b8f428
6 changed files with 37 additions and 24 deletions
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@ -0,0 +1,13 @@
+class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+ 
+  def ldap
+    # We only find ourselves here if the authentication to LDAP was successful.
+    omniauth = request.env["omniauth.auth"]["extra"]["raw_info"]
+    @user = User.find_for_ldap_auth(omniauth)
+    if @user.persisted?
+      @user.remember_me = true
+    end
+    sign_in_and_redirect @user
+  end
+
+end
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@ -1,22 +0,0 @@
-class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
- 
-  def ldap
-    # We only find ourselves here if the authentication to LDAP was successful.
-    ldap = request.env["omniauth.auth"]["extra"]["raw_info"]
-    username = ldap.sAMAccountName[0].to_s
-    email = ldap.proxyaddresses[0][5..-1].to_s
- 
-    if @user = User.find_by_email(email)
-        sign_in_and_redirect root_path
-    else
-      password = User.generate_random_password
-        @user = User.create(:name => username,
-                            :email => email,
-                            :password => password,
-                            :password_confirmation => password
-                           )
-        sign_in_and_redirect @user
-    end
-  end
-
-end
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -93,4 +93,8 @@ module ApplicationHelper
  def help_layout
    controller.controller_name == "help" 
  end
+
+  def ldap_enable?
+    Devise.omniauth_providers.include?(:ldap)
+  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -66,6 +66,22 @@ class User < ActiveRecord::Base
  def self.generate_random_password
    (0...8).map{ ('a'..'z').to_a[rand(26)] }.join
  end 
+
+  def self.find_for_ldap_auth(omniauth)
+    username = omniauth.sAMAccountName[0]
+    email = omniauth.userprincipalname[0]
+    
+    if @user = User.find_by_email(email)
+      @user
+    else
+      password = generate_random_password
+      @user = User.create(:name => username,
+        :email => email,
+        :password => password,
+        :password_confirmation => password
+      )
+    end
+  end
 end
 # == Schema Information
 #
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@ -9,5 +9,7 @@
  <br/>
  <%= f.submit "Sign in", :class => "grey-button" %>
  <div class="right"> <%= render :partial => "devise/shared/links" %></div>
-  <%= user_omniauth_authorize_path(:ldap)%>
+  <% if ldap_enable? -%>
+    <p><%= link_to "via LDAP", user_omniauth_authorize_path(:ldap)%></p>
+  <% end -%>
 <% end %>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -39,7 +39,7 @@ Gitlab::Application.routes.draw do
  resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index]
  resources :keys

-  devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
+  devise_for :users, :controllers => { :omniauth_callbacks => :omniauth_callbacks }

  resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do
    member do