Class: Gatepass::AuthenticationController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Gatepass::AuthenticationController

Defined in:

app/controllers/gatepass/authentication_controller.rb

Overview

Provides the login/logout functionality

Instance Method Summary

• #authenticate ⇒ Object

  Process the POST from the login form.

• #login ⇒ Object

  Display the login form.

• #logout ⇒ Object

  Remove the user from the session and redirect to the login form.

Instance Method Details

#authenticate ⇒ Object

Process the POST from the login form

# File 'app/controllers/gatepass/authentication_controller.rb', line 15

def authenticate
  username = params[:username]
  password = params[:password]

  user = User.find_by(username: username)
  if user.auth_type == 'local'
    user_obj = user.authenticate(password)

    if user_obj === false
      redirect_to ({ controller: 'gatepass/authentication', action: 'login' })
    else
      session[:user] = user
      redirect_to main_app.root_url
    end
  elsif user.auth_type == 'activedirectory' # 'ldap'
    require 'net/ldap'

    server_address = Rails.application.config.ldap_server_hostname
    server_port = Rails.application.config.ldap_server_port
    ca_certificate = Rails.application.config.ldap_ca_cert

    ldap = Net::LDAP.new :host => server_address,
                         :port => server_port,  # 636, # 389,
                         :encryption => {
                           method: :simple_tls,
                           tls_options: {
                             ca_file: ca_certificate
                             # verify_mode: OpenSSL::SSL::VERIFY_NONE
                           }
                         },
                         :auth => {
                           :method => :simple,
                           :username => user.username_mapping,
                           :password => password
                         }

    filter = Net::LDAP::Filter.eq("distinguishedname", user.username_mapping)
    treebase = Rails.application.config.ldap_base

    search_result_count = 0
    ldap.search(:base => treebase, :filter => filter) do |entry|
      search_result_count += 1

      if ldap.get_operation_result.code == 49 or search_result_count == 0
        redirect_to({ controller: 'gatepass/authentication', action: 'login' })
      elsif search_result_count == 1
        session[:user] = user # entry
        session[:user_ldap_info] = entry
        redirect_to main_app.root_url
      else
        redirect_to({ controller: 'gatepass/authentication', action: 'login' })
      end
    end
  end
end

#login ⇒ Object

Display the login form

# File 'app/controllers/gatepass/authentication_controller.rb', line 5

def login
end

#logout ⇒ Object

Remove the user from the session and redirect to the login form

# File 'app/controllers/gatepass/authentication_controller.rb', line 9

def logout
  session.delete :user
  redirect_to  :action => :login
end