Merge pull request #225 from joshua-arts/ldap

Add support for LDAP authentication.

app/controllers/sessions_controller.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class SessionsController < ApplicationController
+  skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]
+
   # GET /users/logout
   def destroy
     logout
@@ -13,7 +15,7 @@ class SessionsController < ApplicationController
     if user.try(:authenticate, session_params[:password])
       login(user)
     else
-      redirect_to root_path, notice: I18n.t("login_failed")
+      redirect_to root_path, notice: I18n.t("invalid_credentials")
     end
   end
 
@@ -23,12 +25,12 @@ class SessionsController < ApplicationController
     login(user)
   rescue => e
     logger.error "Error authenticating via omniauth: #{e}"
-    redirect_to root_path
+    omniauth_fail
   end
 
   # POST /auth/failure
-  def fail
-    redirect_to root_path
+  def omniauth_fail
+    redirect_to root_path, notice: I18n.t(params[:message], default: I18n.t("omniauth_error"))
   end
 
   private

app/helpers/application_helper.rb

@@ -10,6 +10,11 @@ module ApplicationHelper
     end
   end
 
+  # Determines which providers can show a login button in the login modal.
+  def iconset_providers
+    configured_providers & [:google, :twitter]
+  end
+
   # Generates the login URL for a specific provider.
   def omniauth_login_url(provider)
     "#{Rails.configuration.relative_url_root}/auth/#{provider}"

app/models/user.rb

@@ -25,10 +25,10 @@ class User < ApplicationRecord
       # Provider is the customer name if in loadbalanced config mode
       provider = auth['provider'] == "bn_launcher" ? auth['info']['customer'] : auth['provider']
       find_or_initialize_by(social_uid: auth['uid'], provider: provider).tap do |u|
-        u.name = send("#{auth['provider']}_name", auth) unless u.name
-        u.username = send("#{auth['provider']}_username", auth) unless u.username
-        u.email = send("#{auth['provider']}_email", auth)
-        u.image = send("#{auth['provider']}_image", auth)
+        u.name = auth_name(auth) unless u.name
+        u.username = auth_username(auth) unless u.username
+        u.email = auth_email(auth)
+        u.image = auth_image(auth)
         u.save!
       end
     end
@@ -36,52 +36,32 @@ class User < ApplicationRecord
     private
 
     # Provider attributes.
-    def twitter_name(auth)
+    def auth_name(auth)
       auth['info']['name']
     end
 
-    def twitter_username(auth)
-      auth['info']['nickname']
+    def auth_username(auth)
+      case auth['provider']
+      when :google
+        auth['info']['email'].split('@').first
+      when :bn_launcher
+        auth['info']['username']
+      else
+        auth['info']['nickname']
+      end
     end
 
-    def twitter_email(auth)
+    def auth_email(auth)
       auth['info']['email']
     end
 
-    def twitter_image(auth)
-      auth['info']['image'].gsub("http", "https").gsub("_normal", "")
-    end
-
-    def google_name(auth)
-      auth['info']['name']
-    end
-
-    def google_username(auth)
-      auth['info']['email'].split('@').first
-    end
-
-    def google_email(auth)
-      auth['info']['email']
-    end
-
-    def google_image(auth)
-      auth['info']['image']
-    end
-
-    def bn_launcher_name(auth)
-      auth['info']['name']
-    end
-
-    def bn_launcher_username(auth)
-      auth['info']['username']
-    end
-
-    def bn_launcher_email(auth)
-      auth['info']['email']
-    end
-
-    def bn_launcher_image(auth)
-      auth['info']['image']
+    def auth_image(auth)
+      case auth['provider']
+      when :twitter
+        auth['info']['image'].gsub("http", "https").gsub("_normal", "")
+      else
+        auth['info']['image']
+      end
     end
   end
 

app/views/shared/_header.html.erb

@@ -30,7 +30,7 @@
 								<i class="dropdown-icon fas fa-cog"></i> <%= t("header.dropdown.settings") %>
 							<% end %>
 							<div class="dropdown-divider"></div>
-							<a class="dropdown-item" href="http://docs.bigbluebutton.org/install/greenlight.html" target="_blank">
+							<a class="dropdown-item" href="http://docs.bigbluebutton.org/install/greenlight-v2.html" target="_blank">
 								<i class="dropdown-icon far fa-question-circle"></i> <%= t("header.dropdown.help") %>
 							</a>
 							<%= link_to logout_path, class: "dropdown-item" do %>
@@ -39,9 +39,11 @@
 						</div>
 					</div>
 				<% else %>
-          <% if Rails.configuration.omniauth_bn_launcher && !current_user %>
-            <%= link_to t("login"), "#{Rails.configuration.relative_url_root}/auth/bn_launcher", :class => "btn btn-pill btn-outline-primary mx-2" %>
-          <% else %>
+          <% if Rails.configuration.omniauth_bn_launcher %>
+            <%= link_to t("login"), omniauth_login_url(:bn_launcher), :class => "btn btn-pill btn-outline-primary mx-2" %>
+          <% elsif Rails.configuration.omniauth_ldap %>
+						<%= link_to t("login"), omniauth_login_url(:ldap), :class => "btn btn-pill btn-outline-primary mx-2" %>
+					<% else %>
             <%= link_to t("login"), "#loginModal", :class => "btn btn-pill btn-outline-primary mx-2", "data-toggle": "modal" %>
           <% end %>
 

app/views/shared/modals/_login_modal.html.erb

@@ -7,8 +7,8 @@
             <h3><%= t("login") %></h3>
           </div>
 
-          <% unless configured_providers.length.zero? %>
-            <% configured_providers.each do |provider| %>
+          <% unless iconset_providers.length.zero? %>
+            <% iconset_providers.each do |provider| %>
               <%= link_to omniauth_login_url(provider), class: "btn btn-pill btn-#{provider} btn-block" do %>
                 <i class="fab fa-<%= provider %>"></i>&ensp;<%= t("modal.login.with", provider: provider.capitalize) %>
               <% end %>