问题描述
我正在开发Ruby on Rails
Web应用程序,并且尝试使用LDAP
身份验证来验证我的用户,我已经建立了连接并可以连接到LDAP
,但是现在找不到任何在线示例或文档,介绍如何编写代码以根据我的Ruby on Rails
I'm developing an Ruby on Rails
webapp and I'm trying to use LDAP
authentication to authenticate my users, I have the connection set up and working to the LDAP
, but now I can't find any examples or documentation online on how to write code to authenticate users against my LDAP
on Ruby on Rails
我正在使用:Ruby v2.2
和Rails v5.0.3
,而我用来连接ldap的宝石是gem 'net-ldap', '~> 0.16.0'
I'm using: Ruby v2.2
and Rails v5.0.3
and the gem I'm using to connect to ldap is gem 'net-ldap', '~> 0.16.0'
这是我目前的登录表单,正在使用sqlserver DB
进行身份验证,但是我希望它针对我的LDAP DB
进行身份验证:
This is my login form at the moment, authenticating with a sqlserver DB
, but I want it to authenticate against my LDAP DB
:
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_NumeroEmpregado(params[:NumeroEmpregado])
if user && user.authenticate(params[:password])
session[:user_id] = user.id
redirect_to '/'
else
flash[:error] = "Erro! \nNúmero de Empregado e/ou password incorrecto(a)"
redirect_to '/login'
end
end
def destroy
session[:user_id] = nil
redirect_to '/index/new'
end
end
users_controller.rb
users_controller.rb
class UsersController < ApplicationController
def new
end
def create
user = User.new(user_params)
if user.save
session[:user_id] = user.id
redirect_to '/'
else
flash[:error] = "Erro! \nNenhum dos campos pode ser deixado em branco"
redirect_to '/signup'
end
end
private
def user_params
params.require(:user).permit(:NumeroEmpregado, :nome, :password, :password_confirmation)
end
end
- 如何重新格式化此代码以使用我的
LDAP DB
进行身份验证? - How can I reformulate this code into authenticating with my
LDAP DB
?
推荐答案
您可以创建处理该过程的服务:
You could create a service that handles that process:
app/services/authenticate_user.rb
app/services/authenticate_user.rb
class AuthenticateUser
def initialize(user, password)
@user = user
@password = password
end
def call
user_is_valid?
end
private
def user_is_valid?
ldap = Net::LDAP.new
ldap.host = your_server_ip_address
ldap.port = 389
ldap.auth(@user, @password)
ldap.bind
end
end
然后在您的控制器中使用它:
Then use it in your controller:
class SessionsController < ApplicationController
def new
end
def create
username = params[:NumeroEmpregado]
password = params[:password]
name = "Some Name" # Change "Some Name" to set the correct name
if AuthenticateUser.new(username, password).call
user = User.create_with(nome: name).find_or_create_by(NumeroEmpregado: username)
session[:user_id] = user.id
redirect_to '/'
else
flash[:error] = "Erro! \nNúmero de Empregado e/ou password incorrecto(a)"
redirect_to '/login'
end
end
def destroy
session[:user_id] = nil
redirect_to '/index/new'
end
end
提供有效的user
和password
时
AuthenticateUser.new(user, password).call
将返回true
,否则将返回false
.
AuthenticateUser.new(user, password).call
will return true
when valid user
and password
are provided, and will return false
otherwise.
这是仅涵盖LDAP身份验证的基本示例,您将需要对其进行调整以适应特定需求,包括异常处理.
This is a basic example covering only the LDAP authentication, you will need to adapt it for your specific needs, including exception handling.
这篇关于我的RoR应用程序上有ldap连接,但是现在如何检查登录用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!