first set of changes

Author: Curtis Schiewek

MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2010 [name of plugin creator]
+Copyright (c) 2010 Curtis Schiewek
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
@@ -17,4 +17,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Rakefile

@@ -13,10 +13,10 @@ Rake::TestTask.new(:test) do |t|
   t.verbose = true
 end
 
-desc 'Generate documentation for the devise_imapable plugin.'
+desc 'Generate documentation for the devise_ldap_authenticatable plugin.'
 Rake::RDocTask.new(:rdoc) do |rdoc|
   rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'DeviseImapable'
+  rdoc.title    = 'DeviseLDAPAuthenticatable'
   rdoc.options << '--line-numbers' << '--inline-source'
   rdoc.rdoc_files.include('README')
   rdoc.rdoc_files.include('lib/**/*.rb')
@@ -26,13 +26,14 @@ end
 begin
   require 'jeweler'
   Jeweler::Tasks.new do |gemspec|
-    gemspec.name = "devise_imapable"
-    gemspec.summary = "Devise Imap authentication module"
-    gemspec.description = "For when you don't have access to LDAP"
-    gemspec.email = "josh.kalderimis@gmail.com"
-    gemspec.homepage = "http://github.com/joshk/devise_imapable"
-    gemspec.authors = ["Josh Kalderimis"]
+    gemspec.name = "devise_ldap_authenticatable"
+    gemspec.summary = "Devise LDAP authentication module"
+    gemspec.description = "LDAP module for Devise"
+    gemspec.email = "curtis.schiewek@gmail.com"
+    gemspec.homepage = "http://github.com/cschiewek/devise_ldap_authenticatable"
+    gemspec.authors = ["Curtis Schiewek"]
     gemspec.add_runtime_dependency "devise", "> 1.0.4"
+    gemspec.add_runtime_dependency "net-ldap", "> 0.1.1"
   end
   Jeweler::GemcutterTasks.new
 rescue LoadError

VERSION

@@ -1 +1 @@
-0.5.1
+0.1.0

devise_ldap_authenticatable.gemspec

@@ -0,0 +1,48 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{devise_ldap_authenticatable}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Curtis Schiewek"]
+  s.date = %q{2010-04-14}
+  s.description = %q{LDAP module for Devise}
+  s.email = %q{[email protected]}
+  s.extra_rdoc_files = [
+    "README.md"
+  ]
+  s.files = [
+    "MIT-LICENSE",
+     "README.md",
+     "Rakefile",
+     "VERSION",
+     "devise_ldap_authenticatable.gemspec",
+     "lib/devise_ldap_authenticatable.rb",
+     "lib/devise_ldap_authenticatable/ldap_adapter.rb",
+     "lib/devise_ldap_authenticatable/model.rb",
+     "lib/devise_ldap_authenticatable/routes.rb",
+     "lib/devise_ldap_authenticatable/schema.rb",
+     "lib/devise_ldap_authenticatable/strategy.rb",
+     "rails/init.rb",
+     "test/devise_ldap_authenticatable_test.rb",
+     "test/test_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/cschiewek/devise_ldap_authenticatable}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Devise LDAP authentication module}
+  s.test_files = [
+    "test/devise_ldap_authenticatable_test.rb",
+     "test/test_helper.rb"
+  ]
+
+  s.add_dependency(%q<devise>, ["> 1.0.4"])
+  s.add_dependency(%q<net-ldap>, ["> 0.1.1"])
+  end
+end
+

lib/devise_ldap_authenticatable.rb

@@ -0,0 +1,24 @@
+# encoding: utf-8
+require 'devise'
+
+require 'devise_ldap_authenticatable/schema'
+require 'devise_ldap_authenticatable/ldap_adapter'
+require 'devise_ldap_authenticatable/routes'
+
+module Devise
+  # host
+  mattr_accessor :ldap_host
+  @@ldap_host = nil
+
+  # port
+  mattr_accessor :ldap_port
+  @@ldap_port = nil
+end
+
+# Add ldap_authenticatable strategy to defaults.
+#
+Devise.add_module(:ldap_authenticatable,
+                  :strategy   => true,
+                  :controller => :sessions,
+                  :model  => 'devise_ldap_authenticatable/model',
+                  :routes => :ldap_authenticatable)

lib/devise_ldap_authenticatable/ldap_adapter.rb

@@ -0,0 +1,20 @@
+require 'net/ldap'
+
+module Devise
+
+  # simple adapter for ldap credential checking
+  # ::Devise.ldap_host
+  module LdapAdapter
+
+    def self.valid_credentials?(login, password)
+      ldap = Net::LDAP.new( :host => ::Devise.ldap_host, :port => ::Devise.ldap_port )
+      if ldap.bind( :method => :simple, :username => login, :password => password )
+        true
+      else
+        false
+      end
+    end
+
+  end
+  
+end

lib/devise_ldap_authenticatable/model.rb

@@ -0,0 +1,67 @@
+require 'devise_imapable/strategy'
+
+module Devise
+  module Models
+    # LDAP Module, responsible for validating the user credentials via LDAP.
+    #
+    # Examples:
+    #
+    #    User.authenticate('[email protected]', 'password123')  # returns authenticated user or nil
+    #    User.find(1).valid_password?('password123')         # returns true/false
+    #
+    module LdapAuthenticatable
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+
+          attr_accessor :password
+        end
+      end
+
+      # Set password to nil
+      def clean_up_passwords
+        self.password = nil
+      end
+
+      # Checks if a resource is valid upon authentication.
+      def valid_ldap_authentication?(password)
+        Devise::LdapAdapter.valid_credentials?(self.login, password)
+      end
+
+      module ClassMethods
+        # Authenticate a user based on configured attribute keys. Returns the
+        # authenticated user if it's valid or nil.
+        def authenticate_with_ldap(attributes={})
+          return unless attributes[:login].present?
+          conditions = attributes.slice(:login)
+
+          unless conditions[:login] && conditions[:login].include?('@') 
+            conditions[:login] = "#{conditions[:login]}"
+          end
+
+          resource = find_for_ldap_authentication(conditions) || new(conditions)
+
+          if resource.try(:valid_ldap_authentication?, attributes[:password])
+             resource.new_record? ? create(conditions) : resource
+          end
+        end
+
+      protected
+
+        # Find first record based on conditions given (ie by the sign in form).
+        # Overwrite to add customized conditions, create a join, or maybe use a
+        # namedscope to filter records while authenticating.
+        # Example:
+        #
+        #   def self.find_for_imap_authentication(conditions={})
+        #     conditions[:active] = true
+        #     find(:first, :conditions => conditions)
+        #   end
+        #
+        def find_for_ldap_authentication(conditions)
+          find(:first, :conditions => conditions)
+        end
+      end
+    end
+  end
+end

lib/devise_ldap_authenticatable/schema.rb

@@ -0,0 +1,13 @@
+Devise::Schema.class_eval do
+
+    # Creates login
+    #
+    # == Options
+    # * :null - When true, allow columns to be null.
+    def ldap_authenticatable(options={})
+      null = options[:null] || false
+
+      apply_schema :login, String, :null => null
+    end
+
+end

lib/devise_ldap_authenticatable/strategy.rb

@@ -0,0 +1,36 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Strategy for signing in a user based on his login and password using LDAP.
+    # Redirects to sign_in page if it's not authenticated
+    class LdapAuthenticatable < Base
+      def valid?
+        valid_controller? && valid_params? && mapping.to.respond_to?(:authenticate_with_ldap)
+      end
+
+      # Authenticate a user based on login and password params, returning to warden
+      # success and the authenticated user if everything is okay. Otherwise redirect
+      # to sign in page.
+      def authenticate!
+        if resource = mapping.to.authenticate_with_ldap(params[scope])
+          success!(resource)
+        else
+          fail(:invalid)
+        end
+      end
+
+      protected
+
+        def valid_controller?
+          params[:controller] == 'sessions'
+        end
+
+        def valid_params?
+          params[scope] && params[scope][:password].present?
+        end
+    end
+  end
+end
+
+Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)

rails/init.rb

@@ -1,2 +1,2 @@
 # Include hook code here
-require 'devise_imapable'
+require 'devise_ldap_authenticatable'

test/devise_imapable_test.rb

@@ -1,8 +1,8 @@
 require 'test_helper'
 
-class DeviseImapableTest < ActiveSupport::TestCase
+class DeviseLdapAuthenticatableTest < ActiveSupport::TestCase
   # Replace this with your real tests.
   test "the truth" do
     assert true
   end
-end
+end