Project

leveret_auth

0.0
The project is in a healthy, maintained state
leveret_authkdan-mobile-software-ltd/leveret_authHomepageDocumentationSource CodeBug TrackerWiki
auth with different strategy
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
2,731
Stars
0
Forks
0
Watchers
3
 Releases
Current version
0.0.3
Total releases
3
First release
2023-01-03
Latest release
2023-11-29
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2023-01-31
Reverse Dependencies
0

 Dependencies

Runtime

devise
>= 4.8.1
net-ldap
~> 0.1
 Project Readme

Leveret Auth

Leveret Auth is an extension gem that provides various authentication strategies

Prerequisites

  • net-ldap >= 0.1
  • devise >= 4.8.1'

Installation

Add leveret_auth to your Rails application's Gemfile.

gem 'leveret_auth'

And then install the gem.

$ bundle install

Setup

  1. Run rails g leveret_auth:migration to generate the migration file, you may also need to adjust some settings yourself.

  2. You need configure the essential settings in initializer.

# config/initializer/leveret_auth.rb

LeveretAuth.configure do
  devise_for :users # Devise model name

  before_user_save do |user|
    ...
  end

  # Optional to add provider
  #

  # Way 1. configure by json 
  add_provider :ldap, file_path: 'config/ldap_config.json'

  # Way 2. configure by hash
  add_provider :ldap, host: 'localhost', port: '389'...
end
  1. Add auth_identitable to model, example.
# app/models/users.rb

devise :database_authenticatable, :registerable, :confirmable,
       ..., :auth_identitable

Usage

Dispatch the strategy by OAuth grant_type and provider, and it's design is base on the gem doorkeeper so that you can pass the params to auth_with_doorkeeper.

#config/initializer/doorkeeper.rb 裡用

resource_owner_from_credentials do
  # params: {
  #   client_id: client_secret,
  #   client_secret: client_secret,
  #   grant_type: "password",
  #   email: "test@gmail.com",
  #   password: "testtest"
  #   # provider: "ldap",
  # }

  # retrun member or nil
  LeveretAuth.auth_with_doorkeeper(params)
rescue LeveretAuth::Errors::ThirdPartyNotProvideEmail
  # Custom Error 
rescue LeveretAuth::Errors::StrategyNotFound
  # Custom Error
rescue LeveretAuth::Errors::InvalidCredential
  # Custom Error
end

Allowed Strategies

Name Grant Type Provider Permitted Attributes Description
LocalStrategy password N/A email & password database autherciate
LdapStrategy password ldap email & password ldap autherciate

Ldap Configuration

{
  "host":"localhost",
  "port":"7389",
  "base":"dc=example,dc=com",
  // optional
  "encryption": {
    "method": "simple_tls" // "simple_tls", "start_tls"
  },
  "auth":{
    "method": "simple",
    "username": "cn=admin,dc=example,dc=com",
    "password": "admin"
  },
  // Be sure to configure one of uid or filter
  "uid": "mail",
  // username will be replaced with email when searching
  "filter": "(&(uid=%{username})(memberOf=cn=myapp-users,ou=groups,dc=example,dc=com))"
}

Others