Refactor Gitlab::Auth
This commit is contained in:
parent
9028999c93
commit
3707cc119b
|
@ -187,22 +187,6 @@ class User < ActiveRecord::Base
|
|||
end
|
||||
end
|
||||
|
||||
def create_from_omniauth(auth, ldap = false)
|
||||
gitlab_auth.create_from_omniauth(auth, ldap)
|
||||
end
|
||||
|
||||
def find_or_new_for_omniauth(auth)
|
||||
gitlab_auth.find_or_new_for_omniauth(auth)
|
||||
end
|
||||
|
||||
def find_for_ldap_auth(auth, signed_in_resource = nil)
|
||||
gitlab_auth.find_for_ldap_auth(auth, signed_in_resource)
|
||||
end
|
||||
|
||||
def gitlab_auth
|
||||
Gitlab::Auth.new
|
||||
end
|
||||
|
||||
def search query
|
||||
where("name LIKE :query OR email LIKE :query OR username LIKE :query", query: "%#{query}%")
|
||||
end
|
||||
|
|
|
@ -7,61 +7,12 @@ module Gitlab
|
|||
# Second chance - try LDAP authentication
|
||||
return nil unless ldap_conf.enabled
|
||||
|
||||
ldap_auth(login, password)
|
||||
Gitlab::LDAP::User.authenticate(login, password)
|
||||
else
|
||||
user if user.valid_password?(password)
|
||||
end
|
||||
end
|
||||
|
||||
def create_from_omniauth(auth, ldap = false)
|
||||
provider = auth.provider
|
||||
uid = auth.info.uid || auth.uid
|
||||
uid = uid.to_s.force_encoding("utf-8")
|
||||
name = auth.info.name.to_s.force_encoding("utf-8")
|
||||
email = auth.info.email.to_s.downcase unless auth.info.email.nil?
|
||||
|
||||
ldap_prefix = ldap ? '(LDAP) ' : ''
|
||||
raise OmniAuth::Error, "#{ldap_prefix}#{provider} does not provide an email"\
|
||||
" address" if auth.info.email.blank?
|
||||
|
||||
log.info "#{ldap_prefix}Creating user from #{provider} login"\
|
||||
" {uid => #{uid}, name => #{name}, email => #{email}}"
|
||||
password = Devise.friendly_token[0, 8].downcase
|
||||
@user = User.new({
|
||||
extern_uid: uid,
|
||||
provider: provider,
|
||||
name: name,
|
||||
username: email.match(/^[^@]*/)[0],
|
||||
email: email,
|
||||
password: password,
|
||||
password_confirmation: password,
|
||||
}, as: :admin).with_defaults
|
||||
@user.save!
|
||||
|
||||
if Gitlab.config.omniauth['block_auto_created_users'] && !ldap
|
||||
@user.block
|
||||
end
|
||||
|
||||
@user
|
||||
end
|
||||
|
||||
def find_or_new_for_omniauth(auth)
|
||||
provider, uid = auth.provider, auth.uid
|
||||
email = auth.info.email.downcase unless auth.info.email.nil?
|
||||
|
||||
if @user = User.find_by_provider_and_extern_uid(provider, uid)
|
||||
@user
|
||||
elsif @user = User.find_by_email(email)
|
||||
@user.update_attributes(extern_uid: uid, provider: provider)
|
||||
@user
|
||||
else
|
||||
if Gitlab.config.omniauth['allow_single_sign_on']
|
||||
@user = create_from_omniauth(auth)
|
||||
@user
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def log
|
||||
Gitlab::AppLogger
|
||||
end
|
||||
|
@ -69,9 +20,5 @@ module Gitlab
|
|||
def ldap_conf
|
||||
@ldap_conf ||= Gitlab.config.ldap
|
||||
end
|
||||
|
||||
def ldap_auth(login, password)
|
||||
Gitlab::LDAP::User.auth(login, password)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue