trabajo-afectivo/lib/auth.rb

# Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/

class Auth
  include ApplicationLib

=begin

checks if a given user can login. Checks for
 - valid user
 - active state
 - max failed logins

  result = Auth.can_login?(user)

returns

  result = true | false

=end

  def self.can_login?(user)
    return false if !user.is_a?(User)
    return false if !user.active?

    return true if !user.max_login_failed?

    Rails.logger.info "Max login failed reached for user #{user.login}."

    false
  end

=begin

checks if a given user and password match against multiple auth backends
 - valid user
 - active state
 - max failed logins

  result = Auth.valid?(user, password)

returns

  result = true | false

=end

  def self.valid?(user, password)
    # try to login against configure auth backends
    backends.any? do |config|
      next if !backend_validates?(
        config:   config,
        user:     user,
        password: password,
      )

      Rails.logger.info "Authentication against #{config[:adapter]} for user #{user.login} ok."

      # remember last login date
      user.update_last_login

      true
    end
  end

=begin

returns a list of all Auth backend configurations

  result = Auth.backends

returns

  result = [
    {
      adapter: 'Auth::Internal',
    },
    {
      adapter: 'Auth::Developer',
    },
    ...
  ]

=end

  def self.backends

    # use std. auth backends
    config = [
      {
        adapter: 'Auth::Internal',
      },
      {
        adapter: 'Auth::Developer',
      },
    ]

    # added configured backends
    Setting.where(area: 'Security::Authentication').each do |setting|
      next if setting.state_current[:value].blank?

      config.push setting.state_current[:value]
    end

    config
  end

  def self.backend_validates?(config:, user:, password:)
    return false if !config[:adapter]

    instance = config[:adapter].constantize.new(config)

    instance.valid?(user, password)
  end
  private_class_method :backend_validates?
end
Updated copyright. 2016-10-19 03:11:36 +00:00			`# Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Moved to dedicated provider backend modules. 2014-05-03 12:34:36 +00:00			`class Auth`
			`include ApplicationLib`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
			`=begin`

Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`checks if a given user can login. Checks for`
			`- valid user`
			`- active state`
			`- max failed logins`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`result = Auth.can_login?(user)`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
			`returns`

Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`result = true \| false`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
			`=end`

Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`def self.can_login?(user)`
			`return false if !user.is_a?(User)`
			`return false if !user.active?`

			`return true if !user.max_login_failed?`
Updated rubocop to latest version (0.59.2) and applied required changes. 2018-10-09 06:17:41 +00:00
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`Rails.logger.info "Max login failed reached for user #{user.login}."`

			`false`
			`end`

			`=begin`

			`checks if a given user and password match against multiple auth backends`
			`- valid user`
			`- active state`
			`- max failed logins`

			`result = Auth.valid?(user, password)`

			`returns`

			`result = true \| false`

			`=end`

			`def self.valid?(user, password)`
			`# try to login against configure auth backends`
			`backends.any? do \|config\|`
			`next if !backend_validates?(`
			`config: config,`
			`user: user,`
			`password: password,`
			`)`

			`Rails.logger.info "Authentication against #{config[:adapter]} for user #{user.login} ok."`

			`# remember last login date`
			`user.update_last_login`

			`true`
			`end`
			`end`

			`=begin`

			`returns a list of all Auth backend configurations`

			`result = Auth.backends`

			`returns`

			`result = [`
			`{`
			`adapter: 'Auth::Internal',`
			`},`
			`{`
			`adapter: 'Auth::Developer',`
			`},`
			`...`
			`]`

			`=end`

			`def self.backends`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
			`# use std. auth backends`
			`config = [`
			`{`
Corrected with rubocop cop 'Style/HashSyntax'. 2015-04-27 13:42:53 +00:00			`adapter: 'Auth::Internal',`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00			`},`
			`{`
Corrected with rubocop cop 'Style/HashSyntax'. 2015-04-27 13:42:53 +00:00			`adapter: 'Auth::Developer',`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00			`},`
			`]`

			`# added configured backends`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`Setting.where(area: 'Security::Authentication').each do \|setting\|`
			`next if setting.state_current[:value].blank?`
Updated rubocop to latest version (0.59.2) and applied required changes. 2018-10-09 06:17:41 +00:00
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`config.push setting.state_current[:value]`
			`end`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`config`
			`end`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`def self.backend_validates?(config:, user:, password:)`
			`return false if !config[:adapter]`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Refactoring: Migrated Kernel.const_get to Rails .constantize. 2019-01-06 18:41:29 +00:00			`instance = config[:adapter].constantize.new(config)`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`instance.valid?(user, password)`
Fixed return value of Auth.check. 2015-05-01 07:48:10 +00:00			`end`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`private_class_method :backend_validates?`
Rewrite of Auth and SSO module layer. 2013-08-17 21:48:01 +00:00			`end`