Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-06 05:25:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

(refs #78)LDAP authentication is completed? (not tested yet)

Browse Source
This commit is contained in:
takezoe
2013-08-16 11:46:16 +09:00
parent 582df3239f
commit 231fd268df
1 changed files with 48 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/main/scala/app/SignInController.scala
View File

@@ -3,6 +3,8 @@ package app
import service._ import service._
import util.StringUtil._ import util.StringUtil._
import jp.sf.amateras.scalatra.forms._ import jp.sf.amateras.scalatra.forms._
import util.LDAPUtil
import service.SystemSettingsService.SystemSettings
class SignInController extends SignInControllerBase with SystemSettingsService with AccountService class SignInController extends SignInControllerBase with SystemSettingsService with AccountService
@@ -24,19 +26,11 @@ trait SignInControllerBase extends ControllerBase { self: SystemSettingsService
} }
post("/signin", form){ form => post("/signin", form){ form =>
getAccountByUserName(form.userName).collect { val settings = loadSystemSettings()
case account if(!account.isGroupAccount && account.password == sha1(form.password)) => { settings.authType match {
session.setAttribute("LOGIN_ACCOUNT", account) case "LDAP" => ldapAuthentication(form, settings)
updateLastLoginDate(account.userName) case _ => defaultAuthentication(form)
}
session.get("REDIRECT").map { redirectUrl =>
session.removeAttribute("REDIRECT")
redirect(redirectUrl.asInstanceOf[String])
}.getOrElse {
redirect("/")
}
}
} getOrElse redirect("/signin")
} }
get("/signout"){ get("/signout"){
@@ -44,4 +38,45 @@ trait SignInControllerBase extends ControllerBase { self: SystemSettingsService
redirect("/") redirect("/")
} }
/**
* Authenticate by internal database.
*/
private def defaultAuthentication(form: SignInForm) = {
getAccountByUserName(form.userName).collect {
case account if(!account.isGroupAccount && account.password == sha1(form.password)) => signin(account)
} getOrElse redirect("/signin")
}
/**
* Authenticate by LDAP.
*/
private def ldapAuthentication(form: SignInForm, settings: SystemSettings) = {
LDAPUtil.authenticate(settings.ldap.get, form.userName, form.password) match {
case Right(mailAddress) => {
// Create or update account by LDAP information
getAccountByUserName(form.userName) match {
case Some(x) => updateAccount(x.copy(mailAddress = mailAddress))
case None => createAccount(form.userName, "", mailAddress, false, None)
}
signin(getAccountByUserName(form.userName).get)
}
case Left(errorMessage) => defaultAuthentication(form)
}
}
/**
* Set account information into HttpSession and redirect.
*/
private def signin(account: model.Account) = {
session.setAttribute("LOGIN_ACCOUNT", account)
updateLastLoginDate(account.userName)
session.get("REDIRECT").map { redirectUrl =>
session.removeAttribute("REDIRECT")
redirect(redirectUrl.asInstanceOf[String])
}.getOrElse {
redirect("/")
}
}
} }