Module: Devise::Models::PamAuthenticatable

Defined in:

lib/devise_pam_authenticatable/model.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #get_pam_name ⇒ Object
• #get_service ⇒ Object
• #get_suffix ⇒ Object
• #pam_on_filled_pw(_attributes) ⇒ Object
• #pam_setup(attributes) ⇒ Object
• #password_required? ⇒ Boolean
• #valid_pam_authentication?(pw) ⇒ Boolean

  Checks if a resource is valid upon authentication.

Instance Method Details

#get_pam_name ⇒ Object

# File 'lib/devise_pam_authenticatable/model.rb', line 35

def get_pam_name
  return self[::Devise.usernamefield] if ::Devise.usernamefield && self[::Devise.usernamefield]
  suffix = get_suffix
  return nil unless suffix && ::Devise.emailfield
  email = "#{self[::Devise.emailfield]}\n"
  pos = email.index("@#{suffix}\n")
  return nil unless pos
  email.slice(0, pos)
end

#get_service ⇒ Object

# File 'lib/devise_pam_authenticatable/model.rb', line 7

def get_service
  return self.class.pam_service if self.class.instance_variable_defined?('@pam_service')
  ::Devise.pam_default_service
end

#get_suffix ⇒ Object

# File 'lib/devise_pam_authenticatable/model.rb', line 12

def get_suffix
  return self.class.pam_suffix if self.class.instance_variable_defined?('@pam_suffix')
  ::Devise.pam_default_suffix
end

#pam_on_filled_pw(_attributes) ⇒ Object

# File 'lib/devise_pam_authenticatable/model.rb', line 17

def pam_on_filled_pw(_attributes)
  # use blank password as discriminator between traditional login and pam login?
  # to disable login with pam return nil elsewise return a (different?) user object
  # as default assume there is no conflict and return user object
  self
end

#pam_setup(attributes) ⇒ Object

# File 'lib/devise_pam_authenticatable/model.rb', line 24

def pam_setup(attributes)
  return unless ::Devise.emailfield && ::Devise.usernamefield
  self[::Devise.emailfield] = Rpam2.getenv(get_service, get_pam_name, attributes[:password], 'email', false)
  self[::Devise.emailfield] = attributes[::Devise.emailfield] if self[::Devise.emailfield].nil?
  self[::Devise.emailfield] = "#{self[::Devise.usernamefield]}@#{get_suffix}" if self[::Devise.emailfield].nil? && get_suffix
end

#password_required? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise_pam_authenticatable/model.rb', line 31

def password_required?
  false
end

#valid_pam_authentication?(pw) ⇒ Boolean

Checks if a resource is valid upon authentication.

Returns:

• (Boolean)

# File 'lib/devise_pam_authenticatable/model.rb', line 46

def valid_pam_authentication?(pw)
  return nil unless get_pam_name
  Rpam2.auth(get_service, get_pam_name, pw)
end