Permalink
Browse files

Worked on authentication

  • Loading branch information...
1 parent 1ae14cd commit 25a1843e380bc26fdc6ab13f09ad14927479f2ef David Davis committed Aug 4, 2012
@@ -4,8 +4,12 @@
ldap.host = localhost
ldap.port = 389
-ldap.user =
-ldap.pass =
+ldap.user =
+ldap.pass =
+ldap.email-field =
+ldap.username-field =
+ldap.full-name-field =
+ldap.connection-string =
############################
# Datomic
@@ -6,9 +6,29 @@
(defn ldap-config [key]
(config-value (str "ldap." key)))
-(defn ldap-authenticate? [username password]
+(defn authenticate? [user-entry password]
"Authenticate a user against ldap and return true if successful, false otherwise."
- (let [ldap-server (ldap/connect {:host (ldap-config "host") :port (ldap-config "port") :bind-dn (ldap-config "user") :password (ldap-config "pass")})
- user-entry (ldap/search ldap-server "ou=netfriends,DC=netfriends,DC=com" {:filter (str "sAMAccountName=" username) :attributes [:dn]})
- user-dn (apply :dn user-entry)]
+ (let [host (ldap-config "host")
+ port (ldap-config "port")
+ bind-dn (ldap-config "user")
+ bind-pass (ldap-config "pass")
+ ldap-server (ldap/connect {:host host :port port :bind-dn bind-dn :password bind-pass})
+ user-dn (:dn user-entry)]
(ldap/bind? ldap-server user-dn password)))
+
+(defn find-user [username]
+ "Find a user in ldap and a user entry (a map of values like dn, etc.)"
+ (let [host (ldap-config "host")
+ port (ldap-config "port")
+ bind-dn (ldap-config "user")
+ bind-pass (ldap-config "pass")
+ ldap-server (ldap/connect {:host host :port port :bind-dn bind-dn :password bind-pass})
+ connection-string (ldap-config "connection-string")
+ filter-string (str (ldap-config "username-field") "=" username)]
+ (first (ldap/search ldap-server connection-string {:filter filter-string}))))
+
+(defn user-attributes [user-entry]
+ (let [username ((keyword (ldap-config "username-field")) user-entry)
+ email ((keyword (ldap-config "email-field")) user-entry)
+ full-name ((keyword (ldap-config "full-name-field")) user-entry)]
+ {:username username :email email :full-name full-name}))
@@ -40,4 +40,4 @@
(if save-user (find-or-create-user (auth/user-attributes user-entry)))
true)
false)
- (false))))
+ false)))

0 comments on commit 25a1843

Please sign in to comment.