在使用LDAP/AD进行登录身份验证时,如果使用AD记录不存在一个用户行,如何创建一个用户行 [英] upon login authentication with LDAP/AD how do I create a user row if one is non existent using AD records
问题描述
目前,我的sessions_controller具有以下代码:
Currently I have this code for my sessions_controller:
class SessionsController < ApplicationController
def new
end
def create
username = params[:nome]
password = params[:password]
name = username
if AuthenticateUser.new(username, password).call
user = User.create_with(nome: name).find_or_create_by(nome: user)
session[:user_id] = user.id
redirect_to '/'
else
flash[:error] = "Erro! \nNúmero de Empregado e/ou password incorrecto(a)"
redirect_to '/login'
end
end
def destroy
session[:user_id] = nil
redirect_to '/index/new'
end
end
我要做的是检查我是否使用LDAP
登录的用户(如database
What I want to do is to check if the user that I'm logging in with the LDAP
(as shown in my previous question) has a field in my users
table and if not to automatically create one with the username and attributing it an automatically user_id
that Rails does and getting a field from the LDAP
and putting it in my SQLSERVER DB
, the problem is when I log in with my account It just redirects me to '/' (root) without any error notices and without creating a new row on my database
我正在使用SqlServer Management Studio
,并且我的用户表具有以下字段:id NumeroEmpregado nome created_at updated_at
I'm using SqlServer Management Studio
and my users table has the following fields: id NumeroEmpregado nome created_at updated_at
我想使NumeroEmpregado
从LDAP
自动给出(LDAP中的属性为title
).稍后我会担心,我希望nome
成为以下形式的username
:
I want to make NumeroEmpregado
to be automatically given from the LDAP
(attribute in LDAP is title
). I'll worry with that later, and I want nome
to be the username
given in the form:
<%= form_tag '/login' do %>
<div class="form-group">
<div class="text">
Número de Empregado: <br>
<%= text_field_tag :nome %><br>
Password: <br>
<%= password_field_tag :password %><br>
</div>
</div>
<%= submit_tag "Submit", class: "button" %>
<% end %>
- 我该怎么做/我的代码中有什么错误?
推荐答案
更新AuthenticaeUser
看起来像这样:
class AuthenticateUser
def self.call(*args)
new(*args).call
end
def initialize(username, password)
@username = "#{username}@company.com"
@password = password
end
def call
search_title_if_valid_user
end
private
def search_title_if_valid_user
ldap = Net::LDAP.new(
host: server_ip_address,
port: 389,
base: "DC=corp,DC=com", # change for your company values
auth: { method: :simple, username: @username, password: @password }
)
ldap.search(attributes: ["title"]) if ldap.bind
end
end
然后像下面这样在您的控制器中使用它:
Then use it in your controller like this:
class SessionsController < ApplicationController
def new
end
def create
username = params[:nome]
password = params[:password]
title = AuthenticateUser.call(username, password)
if title
user = User.create_with(nome: username).find_or_create_by(NumeroEmpregado: title)
session[:user_id] = user.id
redirect_to '/'
else
flash[:error] = "Erro! \nNúmero de Empregado e/ou password incorrecto(a)"
redirect_to '/login'
end
end
def destroy
session[:user_id] = nil
redirect_to '/index/new'
end
end
这假定NumeroEmpregado
值存储在LDAP服务器的title
属性中.
This assumes that NumeroEmpregado
value is stored in the title
attribute within your LDAP server.
这篇关于在使用LDAP/AD进行登录身份验证时,如果使用AD记录不存在一个用户行,如何创建一个用户行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!