Rails with ActiveDirectory/Devise login with email or username (using devise_ldap_authenticatable gem)
Last active
August 22, 2018 00:02
-
-
Save vicvans20/2db0876ab9941116d027fd690763a7f0 to your computer and use it in GitHub Desktop.
Rails with ActiveDirectory/Devise login with email or username (using devise_ldap_authenticatable gem)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def configure_permitted_parameters | |
devise_parameter_sanitizer.permit(:sign_up) do |user_params| | |
user_params.permit(:ad_username, :first_name, :last_name, :email, :password, :password_confirmation) | |
end | |
devise_parameter_sanitizer.permit(:sign_in) do |user_params| | |
user_params.permit(:loginer, :first_name, :last_name, :email, :password, :password_confirmation) | |
end | |
devise_parameter_sanitizer.permit(:account_update) do |user_params| | |
user_params.permit(:ad_username, :first_name, :last_name, :email, :password, :password_confirmation, :current_password, :job) | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Devise.setup do |config| | |
# ... | |
config.authentication_keys = [ :loginer ] | |
# ... | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- views/devise/sessions/new.html.erb --> | |
<!-- ... --> | |
<div class="field"> | |
<div class="ui left icon input"> | |
<i class="user icon"></i> | |
<%= f.input :loginer, required: false, placeholder: 'email@dnp.com.ni', autofocus: true, label: false, wrapper: false, class: '' %> | |
</div> | |
</div> | |
<div class="field"> | |
<div class="ui left icon input"> | |
<i class="lock icon"></i> | |
<%= f.input :password, required: false, label: false, wrapper: false %> | |
</div> | |
</div> | |
<!-- ... --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class User < ApplicationRecord | |
attr_accessor :loginer # Virtual attribute for email or username login | |
validates :ad_username, uniqueness: { case_sensitive: false } | |
validates_format_of :ad_username, with: /^[a-zA-Z0-9_\.]*$/, :multiline => true | |
# Override ldap method | |
def self.find_for_ldap_authentication(attributes) | |
# Attributes should contain loginer and password values | |
auth_key = :loginer # always | |
return nil unless attributes[auth_key].present? | |
Rails.logger.debug "Loginer is present" | |
loginer = attributes[auth_key] # value for username or email | |
resource = where("lower(ad_username) = :value OR lower(email) = :value", value: loginer.downcase).first # find by email or username | |
# If BLANK create new user object to log in with AD | |
if resource.blank? | |
Rails.logger.debug "No resource" | |
resource = new | |
resource[:ad_username] = loginer | |
resource.password = attributes[:password] | |
end | |
# If new record run callback ldap_before_save and save object. | |
if ::Devise.ldap_create_user && resource.new_record? && resource.valid_ldap_authentication?(attributes[:password]) | |
Rails.logger.debug "NEW resource" | |
resource.ldap_before_save if resource.respond_to?(:ldap_before_save) | |
resource.save! | |
end | |
# Return object of user | |
resource | |
end | |
# Override LDAP method. Set ldap devise login attribute to :ad_username. | |
# If signing in with email, the resource found should have a ad_username as well | |
def login_with | |
@login_with ||= :ad_username | |
self[@login_with] | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment