Adauth can be setup to limit logins to specific groups. This allows you to control access to your application using Active Directory.
You pass the groups you want to allow as an array to
allowed_groups so if you had a group of "Developers" and wanted to allow only that group access to your application you would need this in your config:
c.allowed_groups = ["Developers"]
allowed_groups has been set anyone logging in will have their groups checked against this array, and if they aren't a member of any of the groups in it adauth will return value will be the same as if they had logged in with the wrong username and password.