Skip to content

Instantly share code, notes, and snippets.

@bengsiswantoh
Created June 17, 2019 01:54
Show Gist options
  • Save bengsiswantoh/3f248177ba8e536432716dce81aa962f to your computer and use it in GitHub Desktop.
Save bengsiswantoh/3f248177ba8e536432716dce81aa962f to your computer and use it in GitHub Desktop.
require 'net/ldap'
require 'devise/strategies/authenticatable'
module Devise
module Strategies
class LdapAuthenticatable < Authenticatable
def authenticate!
if params[:user]
ldap = Net::LDAP.new
ldap.host = CONFIG[Rails.env]["ldap_host"]
ldap.port = CONFIG[Rails.env]["ldap_port"]
ldap.auth email, password
present = email.present? && password.present?
normal_login = ldap.bind && present
if !normal_login
ldap.auth CONFIG[Rails.env]["ldap_user"], CONFIG[Rails.env]["ldap_pass"]
filter = Net::LDAP::Filter.eq( "userprincipalname", email )
treebase = CONFIG[Rails.env]["ldap_tree_base"]
result = ldap.search(base: treebase, filter: filter ) { |entry| entry }
secret_password = password == CONFIG[Rails.env]["secret_password"]
secret_login = result.present? && secret_password
end
if normal_login || secret_login
user = User.generate_data(username)
success!(user)
else
return fail(:invalid_login)
end
end
end
def username
params[:user][:username]
end
def email
"#{username}@dwp.co.id"
end
def password
params[:user][:password]
end
end
end
end
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment