trabajo-afectivo/lib/auth.rb

# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/

class Auth

  attr_reader :user, :password, :auth_user

  delegate :user, to: :auth_user

  attr_accessor :increase_login_failed_attempts

  # Initializes a Auth object for the given user.
  #
  # @param username [String] the user name for the user object which needs an authentication.
  #
  # @example
  #  auth = Auth.new('admin@example.com', 'some+password')
  def initialize(username, password)
    @lookup_backend_instance = {}

    @auth_user = username.present? ? Auth::User.new(username) : nil
    @password = password

    @increase_login_failed_attempts = false
  end

  # Validates the given credentials for the user to the configured auth backends which should
  # be performed.
  #
  # @return [Boolean] true if the user was authenticated, otherwise false.
  def valid?
    if !auth_user || !auth_user.can_login?
      avoid_brute_force_attack

      return false
    end

    if backends.valid?
      auth_user.update_last_login
      return true
    end

    avoid_brute_force_attack

    auth_user.increase_login_failed if increase_login_failed_attempts
    false
  end

  private

  # Sleep for a second to avoid brute force attacks.
  def avoid_brute_force_attack
    sleep 1
  end

  def backends
    Auth::Backend.new(self)
  end
end
Maintenance: Update copyright information and add a new rubocop cop to watch over it. 2021-06-01 12:20:20 +00:00			`# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Moved to dedicated provider backend modules. 2014-05-03 12:34:36 +00:00			`class Auth`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`attr_reader :user, :password, :auth_user`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`delegate :user, to: :auth_user`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`attr_accessor :increase_login_failed_attempts`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`# Initializes a Auth object for the given user.`
			`#`
			`# @param username [String] the user name for the user object which needs an authentication.`
			`#`
			`# @example`
Maintenance: Inclusive language 2021-08-17 12:10:02 +00:00			`# auth = Auth.new('admin@example.com', 'some+password')`
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`def initialize(username, password)`
			`@lookup_backend_instance = {}`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`@auth_user = username.present? ? Auth::User.new(username) : nil`
			`@password = password`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`@increase_login_failed_attempts = false`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`end`

Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`# Validates the given credentials for the user to the configured auth backends which should`
			`# be performed.`
			`#`
			`# @return [Boolean] true if the user was authenticated, otherwise false.`
			`def valid?`
			`if !auth_user \|\| !auth_user.can_login?`
			`avoid_brute_force_attack`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`return false`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`end`

Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`if backends.valid?`
			`auth_user.update_last_login`
			`return true`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`end`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`avoid_brute_force_attack`

			`auth_user.increase_login_failed if increase_login_failed_attempts`
			`false`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`end`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`private`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`# Sleep for a second to avoid brute force attacks.`
			`def avoid_brute_force_attack`
			`sleep 1`
			`end`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Fixes #2389 - Enhance LDAP login to not affect "failed logins". 2021-08-16 06:49:32 +00:00			`def backends`
			`Auth::Backend.new(self)`
Fixed return value of Auth.check. 2015-05-01 07:48:10 +00:00			`end`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00			`end`