Commit d6a0b8f4 authored by vsizov's avatar vsizov

LDAP done

parent d885f24f
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def ldap
# We only find ourselves here if the authentication to LDAP was successful.
omniauth = request.env["omniauth.auth"]["extra"]["raw_info"]
@user = User.find_for_ldap_auth(omniauth)
if @user.persisted?
@user.remember_me = true
end
sign_in_and_redirect @user
end
end
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def ldap
# We only find ourselves here if the authentication to LDAP was successful.
ldap = request.env["omniauth.auth"]["extra"]["raw_info"]
username = ldap.sAMAccountName[0].to_s
email = ldap.proxyaddresses[0][5..-1].to_s
if @user = User.find_by_email(email)
sign_in_and_redirect root_path
else
password = User.generate_random_password
@user = User.create(:name => username,
:email => email,
:password => password,
:password_confirmation => password
)
sign_in_and_redirect @user
end
end
end
...@@ -93,4 +93,8 @@ module ApplicationHelper ...@@ -93,4 +93,8 @@ module ApplicationHelper
def help_layout def help_layout
controller.controller_name == "help" controller.controller_name == "help"
end end
def ldap_enable?
Devise.omniauth_providers.include?(:ldap)
end
end end
...@@ -66,6 +66,22 @@ class User < ActiveRecord::Base ...@@ -66,6 +66,22 @@ class User < ActiveRecord::Base
def self.generate_random_password def self.generate_random_password
(0...8).map{ ('a'..'z').to_a[rand(26)] }.join (0...8).map{ ('a'..'z').to_a[rand(26)] }.join
end end
def self.find_for_ldap_auth(omniauth)
username = omniauth.sAMAccountName[0]
email = omniauth.userprincipalname[0]
if @user = User.find_by_email(email)
@user
else
password = generate_random_password
@user = User.create(:name => username,
:email => email,
:password => password,
:password_confirmation => password
)
end
end
end end
# == Schema Information # == Schema Information
# #
......
...@@ -9,5 +9,7 @@ ...@@ -9,5 +9,7 @@
<br/> <br/>
<%= f.submit "Sign in", :class => "grey-button" %> <%= f.submit "Sign in", :class => "grey-button" %>
<div class="right"> <%= render :partial => "devise/shared/links" %></div> <div class="right"> <%= render :partial => "devise/shared/links" %></div>
<%= user_omniauth_authorize_path(:ldap)%> <% if ldap_enable? -%>
<p><%= link_to "via LDAP", user_omniauth_authorize_path(:ldap)%></p>
<% end -%>
<% end %> <% end %>
...@@ -39,7 +39,7 @@ Gitlab::Application.routes.draw do ...@@ -39,7 +39,7 @@ Gitlab::Application.routes.draw do
resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index] resources :projects, :constraints => { :id => /[^\/]+/ }, :only => [:new, :create, :index]
resources :keys resources :keys
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" } devise_for :users, :controllers => { :omniauth_callbacks => :omniauth_callbacks }
resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do resources :projects, :constraints => { :id => /[^\/]+/ }, :except => [:new, :create, :index], :path => "/" do
member do member do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment