deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

LDAP done

Browse source
This commit is contained in:
vsizov 2012-01-28 16:23:17 +03:00
parent d885f24f7b
commit d6a0b8f428
6 changed files with 37 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
app/controllers/omniauth_callbacks_controller.rb Normal file
View file

@ -0,0 +1,13 @@
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def ldap
# We only find ourselves here if the authentication to LDAP was successful.
omniauth = request.env["omniauth.auth"]["extra"]["raw_info"]
@user = User.find_for_ldap_auth(omniauth)
if @user.persisted?
@user.remember_me = true
end
sign_in_and_redirect @user
end
end

22
app/controllers/users/omniauth_callbacks_controller.rb
View file

@ -1,22 +0,0 @@
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def ldap
# We only find ourselves here if the authentication to LDAP was successful.
ldap = request.env["omniauth.auth"]["extra"]["raw_info"]
username = ldap.sAMAccountName[0].to_s
email = ldap.proxyaddresses[0][5..-1].to_s
if @user = User.find_by_email(email)
sign_in_and_redirect root_path
else
password = User.generate_random_password
@user = User.create(:name => username,
:email => email,
:password => password,
:password_confirmation => password
)
sign_in_and_redirect @user
end
end
end

4
app/helpers/application_helper.rb
View file

@ -93,4 +93,8 @@ module ApplicationHelper
def help_layout def help_layout
controller.controller_name == "help" controller.controller_name == "help"
end end
def ldap_enable?
Devise.omniauth_providers.include?(:ldap)
end
end end

16
app/models/user.rb
View file

@ -66,6 +66,22 @@ class User < ActiveRecord::Base
def self.generate_random_password def self.generate_random_password
(0...8).map{ ('a'..'z').to_a[rand(26)] }.join (0...8).map{ ('a'..'z').to_a[rand(26)] }.join
end end
def self.find_for_ldap_auth(omniauth)
username = omniauth.sAMAccountName[0]
email = omniauth.userprincipalname[0]
if @user = User.find_by_email(email)
@user
else
password = generate_random_password
@user = User.create(:name => username,
:email => email,
:password => password,
:password_confirmation => password
)
end
end
end end
# == Schema Information # == Schema Information
# #

4
app/views/devise/sessions/new.html.erb
View file

@ -9,5 +9,7 @@
<br/> <br/>
<%= f.submit "Sign in", :class => "grey-button" %> <%= f.submit "Sign in", :class => "grey-button" %>
<div class="right"> <%= render :partial => "devise/shared/links" %></div> <div class="right"> <%= render :partial => "devise/shared/links" %></div>
<%= user_omniauth_authorize_path(:ldap)%> <% if ldap_enable? -%>
<p><%= link_to "via LDAP", user_omniauth_authorize_path(:ldap)%></p>
<% end -%>
<% end %> <% end %>

2
config/routes.rb
View file

@ -39,7 +39,7 @@ Gitlab::Application.routes.draw do
resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index] resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index]
resources :keys resources :keys
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" } devise_for :users, :controllers => { :omniauth_callbacks => :omniauth_callbacks }
resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do
member do member do