andis/fetsite
1
0
Fork 0
forked from bofh/fetsite
Code Issues Pull Requests Releases Wiki Activity

add ldap support

Browse Source 
Achtung dieses diff benötigt einen neuen Eintrag im secrets config file
This commit is contained in:
Andreas Stephanides
2013-10-26 12:48:40 +02:00
parent 91d0e4cf75
commit 37ee03676e
5 changed files with 84 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Gemfile
View File

@@ -55,6 +55,7 @@ gem "paper_trail" , '>=2.7.0'
gem "devise" ,'~>2.2.3' gem "devise" ,'~>2.2.3'
gem "omniauth" gem "omniauth"
gem "omniauth-facebook" gem "omniauth-facebook"
gem "omniauth-ldap"
# Roles for users # Roles for users
gem "rolify" gem "rolify"

32
app/controllers/users/omniauth_callbacks_controller.rb
View File

@@ -1,10 +1,17 @@
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook skip_before_filter :verify_authenticity_token
def failure
# flash[:notice] = "Failure #{Hash.new(request.env)} #{Hash.new(params)}"
#redirect_to new_user_registration_url , :notice=>"Omniauth Login failed"
super
end
def facebook
# You need to implement the method below in your model (e.g. app/models/user.rb) # You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user) @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
if @user.persisted? if @user
sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format? set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
else else
@@ -12,4 +19,25 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
redirect_to new_user_registration_url redirect_to new_user_registration_url
end end
end end
def ldap
logger.debug current_user.to_s
@user=User.find_for_ldap_oauth(request.env["omniauth.auth"],current_user)
# @user=User.find_for_ldap_oauth(session["devise.ldap_data"],current_user)
# @user=User.first
# flash[:notice]="#{request.env}"
# sign_in_and_redirect @user, :event=>:authentication
# debug @user
#debug
# logger.info "Request attributes hash: #{request.env}"
if @user
sign_in_and_redirect @user, :event => :authentication
set_flash_message(:notice,:success,:kind=>"Ldap") if is_navigational_format?
else
session["devise.ldap_data"]=request.env["omniauth.auth"]
# set_flash_message(:notice, "sdfsdf")
flash[:notice]=flash[:notice] + "Still not logged in "
redirect_to new_user_registration_url
end
end
end end

53
app/models/user.rb
View File

@@ -29,29 +29,54 @@ class User < ActiveRecord::Base
# Include default devise modules. Others available are: # Include default devise modules. Others available are:
# :token_authenticatable, :confirmable, # :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable # :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,:confirmable, devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable,:omniauthable, :omniauth_providers => [:facebook,:ldap]
:recoverable, :rememberable, :trackable, :validatable,:omniauthable, :omniauth_providers => [:facebook]
# Setup accessible (or protected) attributes for your model # Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid, :name attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid, :name
# attr_accessible :title, :body # attr_accessible :title, :body
def self.find_for_facebook_oauth(auth, signed_in_resource=nil) def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first logger.debug auth.to_s
unless user logger.debug "DDD Username= #{auth.username}"
user = User.create(name:auth.extra.raw_info.name, # user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.uid,
provider:auth.provider, provider:auth.provider,
uid:auth.uid, uid:auth.uid,
email:auth.info.email, email:auth.info.email,
password:Devise.friendly_token[0,20] password:Devise.friendly_token[0,20]
) )
end end
user
end user
def self.new_with_session(params, session) end
super.tap do |user| def self.find_for_ldap_oauth(auth,signed_in_resource=nil)
if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"] # debug "sdfg"
user.email = data["email"] if user.email.blank?
end user= User.where(:provider=>auth.provider,:uid=>auth.extra.raw_info.uid).first
unless user
user= User.create(name:auth.extra.raw_info.uid.first,
provider:auth.provider,
uid:auth.extra.raw_info.uid.first,
email:auth.extra.raw_info.uid.first.to_s+"@ldapfet.at",
password:Devise.friendly_token[0,20])
user.add_role("fetuser")
end
unless user
# user=User.create(name:"fail",
# provider:"ldap",
# uid:"sdf",
# email:"sdf@fet.at",
# password:Devise.friendly_token[0,20])
end
user
end
def self.new_with_session(params, session)
super.tap do |user|
if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]
user.email = data["email"] if user.email.blank?
end
end end
end end

16
config/initializers/devise.rb
View File

@@ -8,7 +8,7 @@ Devise.setup do |config|
# Configure the class responsible to send e-mails. # Configure the class responsible to send e-mails.
config.mailer = "Devise::Mailer" config.mailer = "Devise::Mailer"
config.mailer.default_url_options = { :host => 'glonass.htu.tuwien.ac.at' } config.mailer.default_url_options = { :host => 'glonass.htu.tuwien.ac.at' }
config.mailer.delivery_method = :sendmail config.mailer.delivery_method = :sendmail
# config.mailer.smtp_settings = { # config.mailer.smtp_settings = {
# :address => "smtp.gmail.com", # :address => "smtp.gmail.com",
@@ -225,8 +225,18 @@ Devise.setup do |config|
# up on your models and hooks. # up on your models and hooks.
#config.omniauth :facebook, 'appid', 'secret' #config.omniauth :facebook, 'appid', 'secret'
secrets = YAML.load_file("#{::Rails.root.to_s}/config/omniauth_secrets.yml") secrets = YAML.load_file("#{::Rails.root.to_s}/config/omniauth_secrets.yml")
config.omniauth :facebook, secrets["facebook"]["appid"], secrets["facebook"]["secret"] config.omniauth :facebook, secrets["facebook"]["appid"], secrets["facebook"]["secret"]
# ==> Warden configuration config.omniauth :ldap, :title => "My LDAP",
:host => secrets["ldap"]["host"],
:port => secrets["ldap"]["port"],
:method => secrets["ldap"]["method"],
:base => secrets["ldap"]["base"],
:uid => secrets["ldap"]['uid'],
:name_proc => Proc.new {|name| name.gsub(/@.*$/,'')},
:bind_dn =>secrets["ldap"]['bind'],
:password => secrets["ldap"]['password']
# ==> Warden configuration<<
# If you want to use other strategies, that are not supported by Devise, or # If you want to use other strategies, that are not supported by Devise, or
# change the failure app, you can configure them inside the config.warden block. # change the failure app, you can configure them inside the config.warden block.
# #

2
config/routes.rb
View File

@@ -10,7 +10,7 @@
end end
devise_for :users devise_for :users , :controllers=>{:omniauth_callbacks=> "users/omniauth_callbacks"}
scope '(:locale)' do scope '(:locale)' do