Commit 71abf704 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets
Browse files

Move ldap auth to LDAP::User. Removed unused code

parent 6bf117c6
......@@ -66,23 +66,12 @@ def log
Gitlab::AppLogger
end
def ldap_auth(login, password)
# Check user against LDAP backend if user is not authenticated
# Only check with valid login and password to prevent anonymous bind results
return nil unless ldap_conf.enabled && !login.blank? && !password.blank?
ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)
ldap_user = ldap.bind_as(
filter: Net::LDAP::Filter.eq(ldap.uid, login),
size: 1,
password: password
)
User.find_by_extern_uid_and_provider(ldap_user.dn, 'ldap') if ldap_user
end
def ldap_conf
@ldap_conf ||= Gitlab.config.ldap
end
def ldap_auth(login, password)
Gitlab::LDAP::User.auth(login, password)
end
end
end
require 'omniauth-ldap'
module Grack
module LDAP
def ldap_auth(login, password)
# Check user against LDAP backend if user is not authenticated
# Only check with valid login and password to prevent anonymous bind results
return nil unless ldap_conf.enabled && !login.blank? && !password.blank?
ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)
ldap_user = ldap.bind_as(
filter: Net::LDAP::Filter.eq(ldap.uid, login),
size: 1,
password: password
)
User.find_by_extern_uid_and_provider(ldap_user.dn, 'ldap') if ldap_user
end
def ldap_conf
@ldap_conf ||= Gitlab.config.ldap
end
end
end
......@@ -9,7 +9,7 @@ class User
class << self
def find(uid, email)
# Look for user with ldap provider and same uid
user = model.ldap.where(extern_uid: uid).last
user = find_by_uid(uid)
return user if user
# Look for user with same emails
......@@ -61,6 +61,25 @@ def find_or_create(auth)
user
end
def find_by_uid(uid)
model.ldap.where(extern_uid: uid).last
end
def auth(login, password)
# Check user against LDAP backend if user is not authenticated
# Only check with valid login and password to prevent anonymous bind results
return nil unless ldap_conf.enabled && login.present? && password.present?
ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)
ldap_user = ldap.bind_as(
filter: Net::LDAP::Filter.eq(ldap.uid, login),
size: 1,
password: password
)
find_by_uid(ldap_user.dn) if ldap_user
end
private
def uid(auth)
......@@ -86,6 +105,10 @@ def raise_error(message)
def model
::User
end
def ldap_conf
Gitlab.config.ldap
end
end
end
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment