Skip to content

openSUSE/devise_ichain_authenticatable

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
app
app
 
 
config/locales
config/locales
 
 
lib
lib
 
 
rails
rails
 
 
Gemfile
Gemfile
 
 
MIT-LICENSE
MIT-LICENSE
 
 
README.md
README.md
 
 
devise_ichain_authenticatable.gemspec
devise_ichain_authenticatable.gemspec
 
 

Repository files navigation

Devise iChain Authenticatable

iChain based authentication for the Devise authentication framework. The plugin adds two new modules to Devise: ichain_autenticatable and ichain_registerable. This plugin is compatible with Database Authenticatable, so users in your application can be authenticated with both mechanism if desired.

Requirements

The plugin should be compatible with Ruby 1.8.7, 1.9 and 2.0 (tested with 1.9.3 and 2.0.0).

In the same way, it should work with any version of Devise equal or greater than 2.2 and with any version of Rails equal or greater than 3.2 (tested with Devise 2.2 on Rails 3.2 and with Devise 3.1 on Rails 4).

Reporting of success stories with other setups would be highly appreciated.

Installation and basic setup

First of all, install Devise following the great documentation available in its official website. Then, just add the following line to your Gemfile and run the bundle command.

gem "devise_ichain_authenticatable"

Only two changes are required in your user model. First, you obviously need to add the new modules to the devise call. In the other hand, you need to provide a way to link the iChain usernames to your application users by implementing the for_ichain_username class method. For example:

class User < ActiveRecord::Base
  devise :ichain_authenticatable, :ichain_registerable

  def self.for_ichain_username(username, attributes)
    if (user = find_by(login: username))
      user.update_column(email: attributes[:email]) if user.email != attributes[:email]
    else
      create(login: username, email: attributes[:email])
    end
  end
end

After performing a valid iChain authentication, the plugin will call the from_ichain_username class method of your model passing two parameters: the username validated by iChain and a hash of additional parameters defined in the configuration of your iChain proxy (see config.ichain_attributes_header below). The method is expected to return a valid user object. If the returned value is evaluated to false or nil, the authentication will fail.

In the example, an ActiveRecord based model is used, but the plugin will work with any storage backend as long as it's supported by Devise and the from_ichain_username is properly implemented.

Finally, you'll need to add some configuration to your config/initializers/devise.rb in order to tell your app how to talk to your iChain proxy.

Devise.setup do |config|
 ...
 # You will always need to set this parameter.
 config.ichain_base_url = "https://my.application.org"

 # Paths (relative to ichain_base_url) used by your proxy
 # config.ichain_login_path = "ICSLogin/"
 # config.ichain_registration_path = "ICSLogin/auth-up/"
 # config.ichain_logout_path = "cmd/ICSLogout/"

 # The header used by your iChain proxy to pass the username.
 # config.ichain_username_header = "HTTP_X_USERNAME"

 # Additional parameters, beyond the username, provided by the iChain proxy.
 # HTTP_X_EMAIL is expected by default. Set to {} if no additional attributes
 # are configured in the proxy.
 # config.ichain_attributes_header = {:email => "HTTP_X_EMAIL"}

 # Configuration options for requests sent to the iChain proxy
 # config.ichain_context = "default"
 # config.ichain_proxypath = "reverse"

 # Activate the test mode, useful when no real iChain is present, like in
 # testing and development environments
 # config.ichain_test_mode = false

 # In test mode, you can skip asking for the user information by always
 # forcing the following username. The user will be permanently signed in.
 # config.ichain_force_test_username = "testuser"

 # In test mode, force the following additional attributes
 # config.ichain_force_test_attributes = {:email => "testuser@example.com"}
end

Helpers

This plugin provides the expected URL helpers, analogous to those provided by Database Authenticable and Registerable. For example, for a model called User, the following helpers would be available: new_user_ichain_session_path, destroy_user_ichain_session_path, new_ichain_registration_path...

Test mode

This gem provides a test mode, extremely useful during the development phase, in which an iChain proxy is not usually configured or even available. ichain_registerablewill have no effect if test mode is enabled.

By default, if the test mode is enabled in the configuration file, anytime authentication is required, a very simple form asking for the username and the additional parameters will be displayed. The entered values will be completely trusted with no check and stored in the Rails' session.

In some situations this approach is not useful, either because the application lacks sessions' management and/or user interface (for example, applications based on rails-api), either because you simply want to skip asking for the test user information. In those cases, a username and/or a set of additional attributes can be forced using the ichain_force_test_username and ichain_force_test_attributes configuration options. If ichain_force_test_username is set, the username will be used in every single request, which means that the user will be permanently signed in.

Contact

Ancor González Sosa

License

The Redmine iChain Plugin is licensed under the MIT License (MIT-LICENSE.txt).

Copyright (c) 2013 Ancor González Sosa

About

Ruby gem to make ichain a17e

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

35 watching

Forks

4 forks
Report repository

Releases 1

Version 0.3.2 Latest
May 23, 2019

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages