我的RoR应用程序上有ldap连接，但是现在如何检查登录用户?

本文介绍了我的RoR应用程序上有ldap连接，但是现在如何检查登录用户?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在开发Ruby on Rails Web应用程序，并且尝试使用LDAP身份验证来验证我的用户，我已经建立了连接并可以连接到LDAP，但是现在找不到任何在线示例或文档，介绍如何编写代码以根据我的Ruby on Rails

I'm developing an Ruby on Rails webapp and I'm trying to use LDAP authentication to authenticate my users, I have the connection set up and working to the LDAP, but now I can't find any examples or documentation online on how to write code to authenticate users against my LDAP on Ruby on Rails

我正在使用:Ruby v2.2和Rails v5.0.3，而我用来连接ldap的宝石是gem 'net-ldap', '~> 0.16.0'

I'm using: Ruby v2.2 and Rails v5.0.3 and the gem I'm using to connect to ldap is gem 'net-ldap', '~> 0.16.0'

这是我目前的登录表单，正在使用sqlserver DB进行身份验证，但是我希望它针对我的LDAP DB进行身份验证:

This is my login form at the moment, authenticating with a sqlserver DB, but I want it to authenticate against my LDAP DB :

class SessionsController < ApplicationController

  def new
  end


  def create
    user = User.find_by_NumeroEmpregado(params[:NumeroEmpregado])

    if user && user.authenticate(params[:password])

      session[:user_id] = user.id
      redirect_to '/'
    else
     flash[:error] = "Erro!              \nNúmero de Empregado e/ou password incorrecto(a)"
     redirect_to '/login'
     end
  end

  def destroy
    session[:user_id] = nil
    redirect_to '/index/new'
  end

end

users_controller.rb

class UsersController < ApplicationController

  def new
  end

  def create
    user = User.new(user_params)
    if user.save
      session[:user_id] = user.id
      redirect_to '/'
    else
    flash[:error] = "Erro!           \nNenhum dos campos pode ser deixado em branco"
    redirect_to '/signup'

    end
  end

private
  def user_params
    params.require(:user).permit(:NumeroEmpregado, :nome, :password, :password_confirmation)
  end
end

如何重新格式化此代码以使用我的LDAP DB进行身份验证?

How can I reformulate this code into authenticating with my LDAP DB?

推荐答案

您可以创建处理该过程的服务:

You could create a service that handles that process:

app/services/authenticate_user.rb

class AuthenticateUser
  def initialize(user, password)
    @user = user
    @password = password
  end

  def call
    user_is_valid?
  end

  private
  def user_is_valid?
    ldap = Net::LDAP.new
    ldap.host = your_server_ip_address
    ldap.port = 389
    ldap.auth(@user, @password)
    ldap.bind
  end
end

然后在您的控制器中使用它:

Then use it in your controller:

class SessionsController < ApplicationController
  def new
  end

  def create
    username = params[:NumeroEmpregado]
    password = params[:password]
    name     = "Some Name"      # Change "Some Name" to set the correct name  

    if AuthenticateUser.new(username, password).call
      user = User.create_with(nome: name).find_or_create_by(NumeroEmpregado: username)
      session[:user_id] = user.id
      redirect_to '/'
    else
      flash[:error] = "Erro!              \nNúmero de Empregado e/ou password incorrecto(a)"
      redirect_to '/login'
     end
  end

  def destroy
    session[:user_id] = nil
    redirect_to '/index/new'
  end
end

提供有效的user和password时

AuthenticateUser.new(user, password).call将返回true，否则将返回false.

AuthenticateUser.new(user, password).call will return true when valid user and password are provided, and will return false otherwise.

这是仅涵盖LDAP身份验证的基本示例，您将需要对其进行调整以适应特定需求，包括异常处理.

This is a basic example covering only the LDAP authentication, you will need to adapt it for your specific needs, including exception handling.

这篇关于我的RoR应用程序上有ldap连接，但是现在如何检查登录用户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！