How To: Authenticate via LDAP

Gregory Durelle edited this page Oct 27, 2016 · 7 revisions
Clone this wiki locally

In config/initializers/ add a new file ldap_authenticatable.rb.

require 'net/ldap'
require 'devise/strategies/authenticatable'

module Devise
  module Strategies
    class LdapAuthenticatable < Authenticatable
      def authenticate!
        if params[:user]
          ldap = Net::LDAP.new
          ldap.host = [YOUR LDAP HOSTNAME]
          ldap.port = [YOUR LDAP HOSTNAME PORT]
          ldap.auth email, password
        
          if ldap.bind
            user = User.find_or_create_by(email: email)
            success!(user)
          else
            return fail(:invalid_login)
          end
        end
      end
      
      def email
        params[:user][:email]
      end

      def password
        params[:user][:password]
      end

    end
  end
end

Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)

Add a configuration option in config/initializers/devise.rb

Devise.setup do |config|
  config.warden do |manager|
    manager.default_strategies(:scope => :user).unshift :ldap_authenticatable
  end
# ... rest of devise config
end