gatepass 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 6adfbc31cccc12d1786457c468667bcba579db0db4639aae68a01bb61a570e64
+  data.tar.gz: 5e456e23ddcda822bc391601c88fb0286184abc9f164de6ad2cf35e1765b912d
+SHA512:
+  metadata.gz: 10d45f2705514fbd230e72a336f13935e88d571b55d76431c1acedb942f47c34b84cb352c55c442842fe1df00d08641b21ac02444ded243149aba3a77f20e0c9
+  data.tar.gz: 200c1bf025039c8e889951d30afe355dc8b010087c8e66526d854ff38438887b6cb329ccefdb00f063baf4e3f5d4017346b45ba564160890ffc2b3e78a954304

data/README.md

@@ -0,0 +1,58 @@
+# Gatepass
+Short description and motivation.
+
+## Usage
+How to use my plugin.
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem "gatepass"
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install gatepass
+```
+
+Modify the application controller to include the Gatepass module and add the authentication check:
+```
+class ApplicationController < ActionController::Base
+  include Gatepass
+  before_action :check_authenticated
+end
+```
+
+TODO - Configuration parameters
+
+Create an initial user account with:
+```
+$ rails c
+u1 = Gatepass::User.new
+u1.username = 'nitin'
+u1.password = 'green'
+u1.auth_type = 'local'
+u1.save
+```
+
+Login with the above account, and access the user account management page at:
+http://localhost:3000/gatepass/users
+
+## Other Notes
+The User model has the fields: username:string auth_type:string password_digest:string username_mapping:string
+
+auth_type is `local` or `activedirectory`.
+
+Use a dummy password for activedirectory users.
+
+## Contributing
+Contribution directions go here.
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"

data/app/assets/config/gatepass_manifest.js

@@ -0,0 +1 @@
+//= link_directory ../stylesheets/gatepass .css

data/app/assets/stylesheets/gatepass/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/app/controllers/gatepass/application_controller.rb

@@ -0,0 +1,4 @@
+module Gatepass
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/controllers/gatepass/authentication_controller.rb

@@ -0,0 +1,68 @@
+module Gatepass
+  class AuthenticationController < ApplicationController
+    def login
+    end
+
+    def logout
+      session.delete :user
+      redirect_to  :action => :login
+    end
+
+    def authenticate
+      username = params[:username]
+      password = params[:password]
+
+      user = User.find_by(username: username)
+      if user.auth_type == 'local'
+        user_obj = user.authenticate(password)
+
+        if user_obj === false
+          redirect_to ({ controller: 'gatepass/authentication', action: 'login' })
+        else
+          session[:user] = user_obj
+          redirect_to main_app.root_url
+        end
+      elsif user.auth_type == 'activedirectory' # 'ldap'
+        require 'net/ldap'
+
+        server_address = Rails.application.config.ldap_server_hostname  # 'ad.nitinkatkam.mdbrecruit.net'
+        server_port = Rails.application.config.ldap_server_port
+        ca_certificate = Rails.application.config.ldap_ca_cert
+
+        ldap = Net::LDAP.new :host => server_address,
+                             :port => server_port,  # 636, # 389,
+                             :encryption => {
+                               method: :simple_tls,
+                               tls_options: {
+                                 ca_file: ca_certificate  # '/Users/nitin.katkam/Downloads/nitinkatkam-ad-ca.cer',
+                                 # verify_mode: OpenSSL::SSL::VERIFY_NONE
+                               }
+                             },
+                             :auth => {
+                               :method => :simple,
+                               :username => user.username_mapping,
+                               :password => password
+                             }
+
+        filter = Net::LDAP::Filter.eq("distinguishedname", user.username_mapping)
+        treebase = Rails.application.config.ldap_base  # "dc=nitinkatkam, dc=mdbrecruit, dc=net"
+
+        search_result_count = 0
+        ldap.search(:base => treebase, :filter => filter) do |entry|
+          search_result_count += 1
+          # puts "DN: #{entry.dn}" # CN=bindUser1,CN=Users,DC=nitinkatkam,DC=mdbrecruit,DC=net
+          # puts "memberOf: #{entry.memberof}" #["CN=peopleOfNitinKatkam,CN=Users,DC=nitinkatkam,DC=mdbrecruit,DC=net", "CN=Administrators,CN=Builtin,DC=nitinkatkam,DC=mdbrecruit,DC=net"]
+
+          if ldap.get_operation_result.code == 49 or search_result_count == 0
+            redirect_to({ controller: 'gatepass/authentication', action: 'login' })
+          elsif search_result_count == 1
+            session[:user] = user # entry  # user_obj
+            redirect_to main_app.root_url
+          else
+            redirect_to({ controller: 'gatepass/authentication', action: 'login' })
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/gatepass/users_controller.rb

@@ -0,0 +1,60 @@
+module Gatepass
+  class UsersController < ApplicationController
+    before_action :set_user, only: %i[ show edit update destroy ]
+
+    # GET /users
+    def index
+      @users = User.all
+    end
+
+    # GET /users/1
+    def show
+    end
+
+    # GET /users/new
+    def new
+      @user = User.new
+    end
+
+    # GET /users/1/edit
+    def edit
+    end
+
+    # POST /users
+    def create
+      @user = User.new(user_params)
+
+      if @user.save
+        redirect_to @user, notice: "User was successfully created."
+      else
+        render :new, status: :unprocessable_entity
+      end
+    end
+
+    # PATCH/PUT /users/1
+    def update
+      if @user.update(user_params)
+        redirect_to @user, notice: "User was successfully updated."
+      else
+        render :edit, status: :unprocessable_entity
+      end
+    end
+
+    # DELETE /users/1
+    def destroy
+      @user.destroy
+      redirect_to users_url, notice: "User was successfully destroyed.", status: :see_other
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+      def set_user
+        @user = User.find(params[:id])
+      end
+
+      # Only allow a list of trusted parameters through.
+      def user_params
+        params.require(:user).permit(:username, :auth_type, :password_digest, :username_mapping)
+      end
+  end
+end

data/app/helpers/gatepass/application_helper.rb

@@ -0,0 +1,4 @@
+module Gatepass
+  module ApplicationHelper
+  end
+end

data/app/helpers/gatepass/authentication_helper.rb

@@ -0,0 +1,4 @@
+module Gatepass
+  module AuthenticationHelper
+  end
+end

data/app/helpers/gatepass/users_helper.rb

@@ -0,0 +1,4 @@
+module Gatepass
+  module UsersHelper
+  end
+end

data/app/jobs/gatepass/application_job.rb

@@ -0,0 +1,4 @@
+module Gatepass
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/gatepass/application_mailer.rb

@@ -0,0 +1,6 @@
+module Gatepass
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/models/gatepass/application_record.rb

@@ -0,0 +1,5 @@
+module Gatepass
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/models/gatepass/user.rb

@@ -0,0 +1,5 @@
+module Gatepass
+  class User < ApplicationRecord
+    has_secure_password
+  end
+end

data/app/views/gatepass/authentication/authenticate.html.erb

@@ -0,0 +1,2 @@
+<h1>Authentication#authenticate</h1>
+<p>Find me in app/views/authentication/authenticate.html.erb</p>

data/app/views/gatepass/authentication/login.html.erb

@@ -0,0 +1,13 @@
+<h1>Authentication#login</h1>
+
+<%= form_with url: { action: :authenticate } do |form| %>
+  <%= form.label :username %>
+  <%= form.text_field :username %>
+  <br />
+
+  <%= form.label :password %>
+  <%= form.password_field :password %>
+  <br />
+
+  <%= form.submit 'Login' %>
+<% end %>

data/app/views/gatepass/authentication/logout.html.erb

@@ -0,0 +1,2 @@
+<h1>Authentication#logout</h1>
+<p>Find me in app/views/gatepass/authentication/logout.html.erb</p>

data/app/views/gatepass/users/_form.html.erb

@@ -0,0 +1,37 @@
+<%= form_with(model: user) do |form| %>
+  <% if user.errors.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(user.errors.count, "error") %> prohibited this user from being saved:</h2>
+
+      <ul>
+        <% user.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div>
+    <%= form.label :username, style: "display: block" %>
+    <%= form.text_field :username %>
+  </div>
+
+  <div>
+    <%= form.label :auth_type, style: "display: block" %>
+    <%= form.text_field :auth_type %>
+  </div>
+
+  <div>
+    <%= form.label :password_digest, style: "display: block" %>
+    <%= form.text_field :password_digest %>
+  </div>
+
+  <div>
+    <%= form.label :username_mapping, style: "display: block" %>
+    <%= form.text_field :username_mapping %>
+  </div>
+
+  <div>
+    <%= form.submit %>
+  </div>
+<% end %>

data/app/views/gatepass/users/_user.html.erb

@@ -0,0 +1,22 @@
+<div id="<%= dom_id user %>">
+  <p>
+    <strong>Username:</strong>
+    <%= user.username %>
+  </p>
+
+  <p>
+    <strong>Auth type:</strong>
+    <%= user.auth_type %>
+  </p>
+
+  <p>
+    <strong>Password digest:</strong>
+    <%= user.password_digest %>
+  </p>
+
+  <p>
+    <strong>Username mapping:</strong>
+    <%= user.username_mapping %>
+  </p>
+
+</div>

data/app/views/gatepass/users/edit.html.erb

@@ -0,0 +1,10 @@
+<h1>Editing user</h1>
+
+<%= render "form", user: @user %>
+
+<br>
+
+<div>
+  <%= link_to "Show this user", @user %> |
+  <%= link_to "Back to users", users_path %>
+</div>

data/app/views/gatepass/users/index.html.erb

@@ -0,0 +1,14 @@
+<p style="color: green"><%= notice %></p>
+
+<h1>Users</h1>
+
+<div id="users">
+  <% @users.each do |user| %>
+    <%= render user %>
+    <p>
+      <%= link_to "Show this user", user %>
+    </p>
+  <% end %>
+</div>
+
+<%= link_to "New user", new_user_path %>

data/app/views/gatepass/users/new.html.erb

@@ -0,0 +1,9 @@
+<h1>New user</h1>
+
+<%= render "form", user: @user %>
+
+<br>
+
+<div>
+  <%= link_to "Back to users", users_path %>
+</div>

data/app/views/gatepass/users/show.html.erb

@@ -0,0 +1,10 @@
+<p style="color: green"><%= notice %></p>
+
+<%= render @user %>
+
+<div>
+  <%= link_to "Edit this user", edit_user_path(@user) %> |
+  <%= link_to "Back to users", users_path %>
+
+  <%= button_to "Destroy this user", @user, method: :delete %>
+</div>

data/app/views/layouts/gatepass/application.html.erb

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Gatepass</title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <%= stylesheet_link_tag    "gatepass/application", media: "all" %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/config/initializers/assets.rb

@@ -0,0 +1 @@
+Rails.application.config.assets.precompile += %w( gatepass/application.css gatepass/application.js )

data/config/routes.rb

@@ -0,0 +1,6 @@
+Gatepass::Engine.routes.draw do
+  get 'authentication/login'
+  get 'authentication/logout'
+  post 'authentication/authenticate'
+  resources :users
+end

data/db/migrate/20230726110030_create_gatepass_users.rb

@@ -0,0 +1,12 @@
+class CreateGatepassUsers < ActiveRecord::Migration[7.0]
+  def change
+    create_table :gatepass_users do |t|
+      t.string :username
+      t.string :auth_type
+      t.string :password_digest
+      t.string :username_mapping
+
+      t.timestamps
+    end
+  end
+end

data/lib/gatepass/engine.rb

@@ -0,0 +1,5 @@
+module Gatepass
+  class Engine < ::Rails::Engine
+    isolate_namespace Gatepass
+  end
+end

data/lib/gatepass/version.rb

@@ -0,0 +1,3 @@
+module Gatepass
+  VERSION = "0.1.0"
+end

data/lib/gatepass.rb

@@ -0,0 +1,10 @@
+require "gatepass/version"
+require "gatepass/engine"
+
+module Gatepass
+  def check_authenticated
+    if session[:user].nil?
+      redirect_to user_auth.authentication_login_path ({ :controller => 'gatepass/authentication', :action => :login })
+    end
+  end
+end

data/lib/tasks/gatepass_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :gatepass do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,102 @@
+--- !ruby/object:Gem::Specification
+name: gatepass
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Nitin Reddy
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-07-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.0.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.0.6
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.1.19
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.1.19
+description: This Rails plugin enables you to authenticate users against the local
+  database as well as against an ActiveDirectory server
+email:
+- 82951937+nitredd@users.noreply.github.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- Rakefile
+- app/assets/config/gatepass_manifest.js
+- app/assets/stylesheets/gatepass/application.css
+- app/controllers/gatepass/application_controller.rb
+- app/controllers/gatepass/authentication_controller.rb
+- app/controllers/gatepass/users_controller.rb
+- app/helpers/gatepass/application_helper.rb
+- app/helpers/gatepass/authentication_helper.rb
+- app/helpers/gatepass/users_helper.rb
+- app/jobs/gatepass/application_job.rb
+- app/mailers/gatepass/application_mailer.rb
+- app/models/gatepass/application_record.rb
+- app/models/gatepass/user.rb
+- app/views/gatepass/authentication/authenticate.html.erb
+- app/views/gatepass/authentication/login.html.erb
+- app/views/gatepass/authentication/logout.html.erb
+- app/views/gatepass/users/_form.html.erb
+- app/views/gatepass/users/_user.html.erb
+- app/views/gatepass/users/edit.html.erb
+- app/views/gatepass/users/index.html.erb
+- app/views/gatepass/users/new.html.erb
+- app/views/gatepass/users/show.html.erb
+- app/views/layouts/gatepass/application.html.erb
+- config/initializers/assets.rb
+- config/routes.rb
+- db/migrate/20230726110030_create_gatepass_users.rb
+- lib/gatepass.rb
+- lib/gatepass/engine.rb
+- lib/gatepass/version.rb
+- lib/tasks/gatepass_tasks.rake
+homepage:
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.10
+signing_key:
+specification_version: 4
+summary: An ActiveDirectory and local user authentication plugin for Rails
+test_files: []