devise_pam_authenticatable2 7.0.0 → 8.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/devise_pam_authenticatable2.gemspec +2 -2
- data/lib/devise_pam_authenticatable/model.rb +30 -31
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ed80e89e22bcab5812a8e0988be73284e18e13c3298e29b8d32c1fc93896dde9
|
4
|
+
data.tar.gz: a53fb17c6844fad88d17d97f17d57962f680855ce6855821528ecb928332280d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 606e8b5a00a4334aecb25e1d224f3baf225af7466baac49d35ea10b946ba778da95d0a8b3788b1b2e0e818c2504490c0bd9d8d65ec395509fd3628fd9461e220
|
7
|
+
data.tar.gz: cb6f8d03645e2a1e055be4fa5bccbd082656c2a8d3846c0e7aad9f5d93b7d8d6f08270f0feb5a555271d67121d4739aa4272559cbb04fa55c09ff1532a67f378
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
8.0.0
|
@@ -2,11 +2,11 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: devise_pam_authenticatable2
|
5
|
+
# stub: devise_pam_authenticatable2 8.0.0 ruby lib
|
6
6
|
|
7
7
|
Gem::Specification.new do |s|
|
8
8
|
s.name = "devise_pam_authenticatable2".freeze
|
9
|
-
s.version = "
|
9
|
+
s.version = "8.0.0"
|
10
10
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
|
12
12
|
s.require_paths = ["lib".freeze]
|
@@ -4,21 +4,28 @@ module Devise
|
|
4
4
|
module Models
|
5
5
|
module PamAuthenticatable
|
6
6
|
|
7
|
-
def
|
7
|
+
def find_pam_service
|
8
8
|
return self.class.pam_service if self.class.instance_variable_defined?('@pam_service')
|
9
9
|
::Devise.pam_default_service
|
10
10
|
end
|
11
11
|
|
12
|
-
def
|
12
|
+
def find_pam_suffix
|
13
13
|
return self.class.pam_suffix if self.class.instance_variable_defined?('@pam_suffix')
|
14
14
|
::Devise.pam_default_suffix
|
15
15
|
end
|
16
16
|
|
17
|
-
def
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
17
|
+
def pam_get_name
|
18
|
+
return self[::Devise.usernamefield] if ::Devise.usernamefield && self[::Devise.usernamefield]
|
19
|
+
return nil unless ::Devise.emailfield && (suffix = find_pam_suffix)
|
20
|
+
email = "#{self[::Devise.emailfield]}\n"
|
21
|
+
pos = email.index("@#{suffix}\n")
|
22
|
+
return nil unless pos
|
23
|
+
email.slice(0, pos)
|
24
|
+
end
|
25
|
+
|
26
|
+
def is_pam_account?
|
27
|
+
return false unless pam_get_name
|
28
|
+
Rpam2.account(find_pam_service, pam_get_name)
|
22
29
|
end
|
23
30
|
|
24
31
|
def pam_conflict?
|
@@ -27,31 +34,24 @@ module Devise
|
|
27
34
|
resource.respond_to?('password') && resource.password.present? && is_pam_account?
|
28
35
|
end
|
29
36
|
|
30
|
-
def
|
31
|
-
|
32
|
-
|
37
|
+
def pam_conflict(_attributes)
|
38
|
+
# solve conflict between other and pam related user accounts
|
39
|
+
# to disable login with pam return nil elsewise return a (different?) user object
|
40
|
+
# as default assume the conflict ok and return user object unchanged
|
41
|
+
self
|
33
42
|
end
|
34
43
|
|
35
44
|
def pam_setup(attributes)
|
36
45
|
return unless ::Devise.emailfield && ::Devise.usernamefield
|
37
|
-
self[::Devise.emailfield] = Rpam2.getenv(
|
46
|
+
self[::Devise.emailfield] = Rpam2.getenv(find_pam_service, pam_get_name, attributes[:password], 'email', false)
|
38
47
|
self[::Devise.emailfield] = attributes[::Devise.emailfield] if self[::Devise.emailfield].nil?
|
39
|
-
self[::Devise.emailfield] = "#{self[::Devise.usernamefield]}@#{
|
40
|
-
end
|
41
|
-
|
42
|
-
def get_pam_name
|
43
|
-
return self[::Devise.usernamefield] if ::Devise.usernamefield && self[::Devise.usernamefield]
|
44
|
-
return nil unless ::Devise.emailfield && (suffix = get_pam_suffix)
|
45
|
-
email = "#{self[::Devise.emailfield]}\n"
|
46
|
-
pos = email.index("@#{suffix}\n")
|
47
|
-
return nil unless pos
|
48
|
-
email.slice(0, pos)
|
48
|
+
self[::Devise.emailfield] = "#{self[::Devise.usernamefield]}@#{find_pam_suffix}" if self[::Devise.emailfield].nil? && find_pam_suffix
|
49
49
|
end
|
50
50
|
|
51
51
|
# Checks if a resource is valid upon authentication.
|
52
|
-
def
|
53
|
-
return nil unless
|
54
|
-
Rpam2.auth(
|
52
|
+
def pam_authentication(pw)
|
53
|
+
return nil unless pam_get_name
|
54
|
+
Rpam2.auth(find_pam_service, pam_get_name, pw)
|
55
55
|
end
|
56
56
|
|
57
57
|
module ClassMethods
|
@@ -62,12 +62,11 @@ module Devise
|
|
62
62
|
resource = find_by(::Devise.usernamefield => attributes[:username])
|
63
63
|
|
64
64
|
if resource.blank?
|
65
|
-
resource = new
|
66
|
-
resource[::Devise.usernamefield] = attributes[:username]
|
65
|
+
resource = new(::Devise.usernamefield => attributes[:username])
|
67
66
|
end
|
68
|
-
|
67
|
+
resource
|
69
68
|
elsif ::Devise.emailfield && attributes[:email]
|
70
|
-
if ::Devise.check_at_sign && ::Devise.usernamefield && attributes[:email].index('@')
|
69
|
+
if ::Devise.check_at_sign && ::Devise.usernamefield && !attributes[:email].index('@')
|
71
70
|
resource = find_by(::Devise.usernamefield => attributes[:email])
|
72
71
|
else
|
73
72
|
resource = find_by(::Devise.emailfield => attributes[:email])
|
@@ -75,14 +74,14 @@ module Devise
|
|
75
74
|
|
76
75
|
if resource.blank?
|
77
76
|
resource = new
|
78
|
-
if ::Devise.check_at_sign && ::Devise.usernamefield && attributes[:email].index('@')
|
77
|
+
if ::Devise.check_at_sign && ::Devise.usernamefield && !attributes[:email].index('@')
|
79
78
|
# use email as username
|
80
79
|
resource[::Devise.usernamefield] = attributes[:email]
|
81
80
|
else
|
82
81
|
resource[::Devise.emailfield] = attributes[:email]
|
83
82
|
end
|
84
83
|
end
|
85
|
-
|
84
|
+
resource
|
86
85
|
end
|
87
86
|
end
|
88
87
|
|
@@ -94,7 +93,7 @@ module Devise
|
|
94
93
|
# potential conflict detected
|
95
94
|
resource = resource.pam_conflict(attributes) if resource.pam_conflict?
|
96
95
|
|
97
|
-
return nil unless resource && resource.try(:
|
96
|
+
return nil unless resource && resource.try(:pam_authentication, attributes[:password])
|
98
97
|
if resource.new_record?
|
99
98
|
resource.pam_setup(attributes)
|
100
99
|
resource.save!
|