在使用LDAP/AD进行登录身份验证时，如果使用AD记录不存在一个用户行，如何创建一个用户行 [英] upon login authentication with LDAP/AD how do I create a user row if one is non existent using AD records

问题描述

目前，我的sessions_controller具有以下代码:

Currently I have this code for my sessions_controller:

class SessionsController < ApplicationController
  def new
  end

  def create
    username = params[:nome]
    password = params[:password]
    name     = username 

    if AuthenticateUser.new(username, password).call
      user = User.create_with(nome: name).find_or_create_by(nome: user)
      session[:user_id] = user.id
      redirect_to '/'
    else
      flash[:error] = "Erro!              \nNúmero de Empregado e/ou password incorrecto(a)"
      redirect_to '/login'
     end
  end

  def destroy
    session[:user_id] = nil
    redirect_to '/index/new'
  end
end

我要做的是检查我是否使用LDAP登录的用户(如database

What I want to do is to check if the user that I'm logging in with the LDAP (as shown in my previous question) has a field in my users table and if not to automatically create one with the username and attributing it an automatically user_id that Rails does and getting a field from the LDAP and putting it in my SQLSERVER DB, the problem is when I log in with my account It just redirects me to '/' (root) without any error notices and without creating a new row on my database

我正在使用SqlServer Management Studio，并且我的用户表具有以下字段:id NumeroEmpregado nome created_at updated_at

I'm using SqlServer Management Studio and my users table has the following fields: id NumeroEmpregado nome created_at updated_at

我想使NumeroEmpregado从LDAP自动给出(LDAP中的属性为title).稍后我会担心，我希望nome成为以下形式的username:

I want to make NumeroEmpregado to be automatically given from the LDAP (attribute in LDAP is title). I'll worry with that later, and I want nome to be the username given in the form:

 <%= form_tag '/login' do %>
  <div class="form-group">
    <div class="text">
      Número de Empregado: <br> 
      <%= text_field_tag :nome %><br>
      Password: <br>
      <%= password_field_tag :password %><br>
    </div>
  </div>
  <%= submit_tag "Submit", class: "button" %>
<% end %>

• 我该怎么做/我的代码中有什么错误?

推荐答案

更新AuthenticaeUser看起来像这样:

class AuthenticateUser
  def self.call(*args)
    new(*args).call
  end

  def initialize(username, password)
    @username = "#{username}@company.com"
    @password = password
  end

  def call
    search_title_if_valid_user
  end

  private
  def search_title_if_valid_user
    ldap = Net::LDAP.new(
      host: server_ip_address,
      port: 389,
      base: "DC=corp,DC=com",   # change for your company values
      auth: { method: :simple, username: @username, password: @password }
    )

    ldap.search(attributes: ["title"]) if ldap.bind
  end
end

然后像下面这样在您的控制器中使用它:

Then use it in your controller like this:

class SessionsController < ApplicationController
  def new
  end

  def create
    username = params[:nome]
    password = params[:password]

    title = AuthenticateUser.call(username, password)

    if title
      user = User.create_with(nome: username).find_or_create_by(NumeroEmpregado: title)
      session[:user_id] = user.id
      redirect_to '/'
    else
      flash[:error] = "Erro!              \nNúmero de Empregado e/ou password incorrecto(a)"
      redirect_to '/login'
     end
  end

  def destroy
    session[:user_id] = nil
    redirect_to '/index/new'
  end
end

这假定NumeroEmpregado值存储在LDAP服务器的title属性中.

This assumes that NumeroEmpregado value is stored in the title attribute within your LDAP server.

这篇关于在使用LDAP/AD进行登录身份验证时，如果使用AD记录不存在一个用户行，如何创建一个用户行的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！