设计无视自定义策略 [英] Devise ignoring custom strategy
问题描述
我有Rails 3 RC运行 Devise 安装。我已经定义了一个自定义策略来尝试使用Kerberos进行身份验证。
module Devise
module Strategies
class Curb< Devise :: Strategies :: Base
def有效?
params [:username] || params [:password]
end
def authenticate!
#廉价调试
放PARAMS:#{params}
如果check_kerb_auth(params [:username],params [:password])
#create user帐户,如果没有
u = User.find(:first,:conditions => {:username => params [:username]})|| User.create({:username => login})
success!(u)
else
fail!(无法登录)
end
def check_kerb_auth(username,password)
require'krb5_auth'
include Krb5Auth
如果username.blank返回false?或password.blank?
开始
kerberos = Krb5.new
返回kerberos.get_init_creds_password(用户名,密码)
拯救Krb5Auth :: Krb5 ::异常
return false
end
end
end
end
end
我有Devise Warden 配置设置如下:
config.warden do | manager |
manager.strategies.add(:curb,Devise :: Strategies :: Curb)
manager.default_strategies:curb
end
我的日志中没有错误。一切似乎都可以正常工作。如果我添加了一些put语句的廉价调试,似乎反映出:curb策略是默认的。以下是登录尝试的一组日志记录:
=>启动WEBrick
=> Rails 3.0.0.rc应用程序从开发于http://0.0.0.0:3000
=>调用-d来分离
=> Ctrl-C关闭服务器
[2010-08-17 10:50:35] INFO WEBrick 1.3.1
[2010-08-17 10:50:35] INFO ruby 1.8.7(2010 -01-10)[x86_64-linux]
[2010-08-17 10:50:40] INFO WEBrick :: HTTPServer#start:pid = 12717 port = 3000
开始POST/ users / login为127.0.0.1在Tue Aug 17 10:50:43 -0400 2010
处理由Devise :: SessionsController#创建为HTML
参数:{提交 ="login,authenticity_token=>afZF6ho96p47dc9LQFwwNN5PqnRpl7x + 1J7V3MiKgTE =,_snowman="\342\230\203,user=> {remember_me=> ;1,username=>hernan43,password=>[FILTERED]}}
完成0ms
处理由Devise :: SessionsController#new作为HTML
参数:{commit=>登录,authenticity_token=>afZF6ho96p47dc9LQFwwNN5PqnRpl7x + 1J7V3MiKgTE =,_snowman=>\342\230\203 => {remember_me=>1,username=>hernan43,password=>[FILTERED]}}
渲染设计/ links.erb(1.2ms)
布局/应用程序中的渲染设计/ sessions / new.html.erb(8.2ms)
在124ms内完成200 OK(视图:11.7ms | ActiveRecord:1.3ms)
kerberos代码在同一台机器上的其他东西中工作。我有一种期待它会出现一堆错误,如果有一个问题,但我什么也没有。有没有好的方法来调试Devise / Warden?
如果有人遇到这个问题,我认为问题是:
根据警戒策略:
有效?
有效?方法作为战略的守卫者。声明有效的可选项是可选的方法,如果您没有声明,该策略将始终运行。如果你确实声明了这个策略,那么只有#valid?评估为真。
上述策略是推测如果有用户名或密码参数,则用户正在尝试登录。如果只有其中一个,那么User.authenticate调用将失败,但仍然是所需的(有效的)策略。
所以你有效的方法:
def valid?
params [:username] || params [:password]
end
它返回false,所以认证!永远不会被调用。 params 是一个嵌套哈希值,所以应该是 params [:user] [:username] 而不是 params [:username] 。
将有效的方法更改为:
def有效?
params [:user]&& (params [:user] [:username] || params [:user] [:password])
end
将返回true并导致调用 authenticate!方法。
This is just plain weird.
I've got Rails 3 RC running with Devise installed. I've defined a custom strategy to try and use Kerberos for authentication.
module Devise
module Strategies
class Kerb < Devise::Strategies::Base
def valid?
params[:username] || params[:password]
end
def authenticate!
# cheap debugging
puts "PARAMS: #{params}"
if check_kerb_auth(params[:username], params[:password])
# create user account if none exists
u = User.find(:first, :conditions => { :username => params[:username] }) || User.create({ :username => login })
success!(u)
else
fail!("Could not log in")
end
end
def check_kerb_auth(username, password)
require 'krb5_auth'
include Krb5Auth
return false if username.blank? or password.blank?
begin
kerberos = Krb5.new
return kerberos.get_init_creds_password(username, password)
rescue Krb5Auth::Krb5::Exception
return false
end
end
end
end
end
I have the Devise Warden configuration setup as follows:
config.warden do |manager|
manager.strategies.add(:kerb, Devise::Strategies::Kerb)
manager.default_strategies :kerb
end
I get no errors in my log. Everything seems to work ok. If I add "cheap debugging" aka a bunch of puts statements, it seems to reflect that the :kerb strategy is the default. Here is a sample set of logs from a login attempt:
=> Booting WEBrick
=> Rails 3.0.0.rc application starting in development on http://0.0.0.0:3000
=> Call with -d to detach
=> Ctrl-C to shutdown server
[2010-08-17 10:50:35] INFO WEBrick 1.3.1
[2010-08-17 10:50:35] INFO ruby 1.8.7 (2010-01-10) [x86_64-linux]
[2010-08-17 10:50:40] INFO WEBrick::HTTPServer#start: pid=12717 port=3000
Started POST "/users/login" for 127.0.0.1 at Tue Aug 17 10:50:43 -0400 2010
Processing by Devise::SessionsController#create as HTML
Parameters: {"commit"=>"Login", "authenticity_token"=>"afZF6ho96p47dc9LQFwwNN5PqnRpl7x+1J7V3MiKgTE=", "_snowman"=>"\342\230\203", "user"=>{"remember_me"=>"1", "username"=>"hernan43", "password"=>"[FILTERED]"}}
Completed in 0ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"commit"=>"Login", "authenticity_token"=>"afZF6ho96p47dc9LQFwwNN5PqnRpl7x+1J7V3MiKgTE=", "_snowman"=>"\342\230\203", "user"=>{"remember_me"=>"1", "username"=>"hernan43", "password"=>"[FILTERED]"}}
Rendered devise/shared/_links.erb (1.2ms)
Rendered devise/sessions/new.html.erb within layouts/application (8.2ms)
Completed 200 OK in 124ms (Views: 11.7ms | ActiveRecord: 1.3ms)
The kerberos code works in other things on the same machine. I was sort of expecting it to show a bunch of errors if there was a problem but I am getting nothing. Is there a good way to debug Devise/Warden?
In case someone else comes across this, here's what I believe the problem is:
According to Warden Strategies:
valid?
The valid? method acts as a guard for the strategy. It’s optional to declare a valid? method, and if you don’t declare it, the strategy will always be run. If you do declare it though, the strategy will only be tried if #valid? evaluates to true.
The strategy above is reasoning that if there’s either a ‘username’ or a ‘password’ param, then the user is trying to login. If there’s only one of them, then the ‘User.authenticate’ call will fail, but it was still the desired (valid) strategy.
So your valid method:
def valid?
params[:username] || params[:password]
end
It's returning false, so the authenticate! is never called. params is a nested hash, so it should be params[:user][:username] instead of params[:username].
Changing your valid method to:
def valid?
params[:user] && (params[:user][:username] || params[:user][:password])
end
will return true and cause the authenticate! method to be called.
这篇关于设计无视自定义策略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
