Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

devise_ldap_norm

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

devise_ldap_norm

0.2.0
Rubygems

Version published: 10 years ago

Maintainers: 4

Created: 10 years ago

Source

Devise LDAP No ORM

Why this fork?

This is a fork of https://github.com/cschiewek/devise_ldap_authenticatable, to get away from the need to have an ActiveRecord backing.

Prerequisites

devise ~> 3.0.0 (which requires rails ~> 4.0)
net-ldap ~> 0.3.1

Usage

In the Gemfile for your application:

gem "devise_ldap_norm"

To get the latest version, pull directly from github instead of the gem:

gem "devise_ldap_norm", :git => "git://github.com/alde/devise_ldap_norm.git"

Setup

Run the rails generators for devise

(please check the devise documents for further instructions)

rails generate devise:install
rails generate devise MODEL_NAME

Run the rails generator for `devise_ldap_norm`

rails generate devise_ldap_norm:install [options]

This will install the ldap.yml, update the devise.rb initializer, and update your user model. There are some options you can pass to it:

Options:

[--user-model=USER_MODEL]  # Model to update
                           # Default: user
[--update-model]           # Update model to change from database_authenticatable to ldap_authenticatable
                           # Default: true
[--add-rescue]             # Update Application Controller with rescue_from for DeviseLdapAuthenticatable::LdapException
                           # Default: true
[--advanced]               # Add advanced config options to the devise initializer

Ensure the timeout of your session

Edit your config/initializers/session_store.rb to include an expiry:

Rails.application.config.session_store :cookie_store, key: '__app_session', :expire_after => Rails.application.config.devise.timeout_in

Protect from session hijacking

Add a before_action validation to ApplicationController:

Sample:

class ApplicationController < ActionController::Base

  before_action :validate_origin

  def validate_origin
    if current_user && current_user.remote_ip != request.remote_ip
        Rails.logger.warn("Remote IP for #{current_user.email} does not match session data.")
        session.destroy
    end
  end
end

Modify your user model

Since there is no longer a need for ActiveRecord, modify the User model.

Sample model:

class User
  include ActiveModel::Validations
  extend ActiveModel::Callbacks
  extend Devise::Models

  define_model_callbacks :validation

  devise :ldap_norm, :rememberable

  def initialize (id)
    @data = HashWithIndifferentAccess.new
    @id = id
  end

  def []=(key, value)
    @data[key] = value
  end

  def [](key)
    @data[key]
  end

  def remote_ip
    @data['remote_ip']
  end

  def email
    @data['email']
  end
end

Development guide

Devise LDAP Authenticatable uses a running OpenLDAP server to do automated acceptance tests. You'll need the executables slapd, ldapadd, and ldapmodify.

On OS X, this is available out of the box.

To start hacking on devise_ldap_norm, clone the github repository, start the test LDAP server, and run the rake test task:

git clone https://github.com/alde/devise_ldap_norm.git
cd devise_ldap_norm
bundle install

# in a separate console or backgrounded
./spec/ldap/run-server

bundle exec rake spec

References

Released under the MIT license

FAQs

What is devise_ldap_norm?

Is devise_ldap_norm well maintained?

Package last updated on 17 Mar 2015

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install