Permalink
Browse files

Merge branch 'master' of git://github.com/rubycas/rubycas-server

  • Loading branch information...
2 parents 986b48c + 9956c29 commit cf07371f9503a65193459e49abdbc640ced490b7 @Slotos committed Jul 5, 2012
Showing with 49 additions and 12 deletions.
  1. +10 −0 CHANGELOG
  2. +1 −1 README.md
  3. +20 −10 lib/casserver/authenticators/sql.rb
  4. +17 −0 lib/casserver/authenticators/sql_bcrypt.rb
  5. +1 −1 rubycas-server.gemspec
View
@@ -1,3 +1,13 @@
+=== 1.1.1 :: 2012-06-08
+
+* NEW:
+ * Google authenticator now has a "restricted_domain" option to allow logins only
+ from Google accounts (email addressed) under a specific domain name.
+
+* FIXED:
+ * When installed as a gem, localization should now work correctly thanks to fixed
+ translations path.
+
=== 1.1.0 :: 2012-04-19
* NEW:
View
@@ -1,4 +1,4 @@
-# RubyCAS-Server ![http://stillmaintained.com/rubycas/rubycas-server](http://stillmaintained.com/rubycas/rubycas-server.png)
+# RubyCAS-Server
## Copyright
@@ -78,24 +78,18 @@ def self.user_model
def validate(credentials)
read_standard_credentials(credentials)
raise_if_not_configured
-
- user_model = self.class.user_model
-
- username_column = @options[:username_column] || 'username'
- password_column = @options[:password_column] || 'password'
$LOG.debug "#{self.class}: [#{user_model}] " + "Connection pool size: #{user_model.connection_pool.instance_variable_get(:@checked_out).length}/#{user_model.connection_pool.instance_variable_get(:@connections).length}"
- results = user_model.find(:all, :conditions => ["#{username_column} = ? AND #{password_column} = ?", @username, @password])
user_model.connection_pool.checkin(user_model.connection)
- if results.size > 0
- $LOG.warn("#{self.class}: Multiple matches found for user #{@username.inspect}") if results.size > 1
+ if matching_users.size > 0
+ $LOG.warn("#{self.class}: Multiple matches found for user #{@username.inspect}") if matching_users.size > 1
unless @options[:extra_attributes].blank?
- if results.size > 1
+ if matching_users.size > 1
$LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}")
else
- user = results.first
+ user = matching_users.first
extract_extra(user)
log_extra
@@ -110,6 +104,18 @@ def validate(credentials)
protected
+ def user_model
+ self.class.user_model
+ end
+
+ def username_column
+ @options[:username_column] || 'username'
+ end
+
+ def password_column
+ @options[:password_column] || 'password'
+ end
+
def raise_if_not_configured
raise CASServer::AuthenticatorError.new(
"Cannot validate credentials because the authenticator hasn't yet been configured"
@@ -130,4 +136,8 @@ def log_extra
$LOG.debug("#{self.class}: Read the following extra_attributes for user #{@username.inspect}: #{@extra_attributes.inspect}")
end
end
+
+ def matching_users
+ user_model.find(:all, :conditions => ["#{username_column} = ? AND #{password_column} = ?", @username, @password])
+ end
end
@@ -0,0 +1,17 @@
+require 'casserver/authenticators/sql'
+
+require 'bcrypt'
+
+# Essentially the same as the standard SQL authenticator but assumes that
+# BCrypt has been used to encrypt the password. If you're using
+# has_secure_password, then this is probably for you.
+class CASServer::Authenticators::SQLBcrypt < CASServer::Authenticators::SQL
+
+ protected
+
+ def matching_users
+ results = user_model.find(:all, :conditions => ["#{username_column} = ?", @username])
+ results.select { |user| BCrypt::Password.new(user.send(password_column.to_sym)) == @password }
+ end
+
+end
View
@@ -1,6 +1,6 @@
$gemspec = Gem::Specification.new do |s|
s.name = 'rubycas-server'
- s.version = '1.1.0'
+ s.version = '1.1.1'
s.authors = ["Matt Zukowski"]
s.email = ["matt@zukowski.ca"]
s.homepage = 'https://github.com/rubycas/rubycas-server'

0 comments on commit cf07371

Please sign in to comment.