lib/adauth/user.rb in adauth-1.0.0 vs lib/adauth/user.rb in adauth-1.0.1
- old
+ new
@@ -1,20 +1,33 @@
module Adauth
+
+ # The class which links to Active Directory, based on http://metautonomo.us/2008/04/04/simplified-active-directory-authentication/
+ #
+ # Do no call Adauth::User.new, use Adauth::User.authenticate instead. For all of Adauth additional filtering use Adauth.authenticate.
class User
+
+ # Single vales where the method maps directly to one Active Directory attribute
ATTR_SV = {
:login => :samaccountname,
:first_name => :givenname,
:last_name => :sn,
:email => :mail,
:name => :name
}
-
+
+ # Multi values were the method needs to return an array for values.
ATTR_MV = {
:groups => [ :memberof,
Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ]
}
+ # Authenticates a user against Active Directory and returns an instance of self
+ #
+ # Called as:
+ # Adauth::User.authenticate("username", "password")
+ #
+ # Usage would by-pass Adauths group filtering.
def self.authenticate(login, pass)
return nil if login.empty? or pass.empty?
conn = Net::LDAP.new :host => Adauth.config.server,
:port => Adauth.config.port,
:base => Adauth.config.base,
@@ -28,13 +41,17 @@
end
rescue Net::LDAP::LdapError => e
return nil
end
+ # Returns the full name of the user
+ #
+ # Combines the first_name and last_name attributes to create full_name
def full_name
self.first_name + ' ' + self.last_name
end
+ # Returns true if the user is a member of the passed group.
def member_of?(group)
self.groups.include?(group)
end
private
\ No newline at end of file