summaryrefslogtreecommitdiff
path: root/lib/gitlab/auth.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r--lib/gitlab/auth.rb19
1 files changed, 19 insertions, 0 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 78d2196fbbe..ff1d1b13cc9 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -70,5 +70,24 @@ module Gitlab
def log
Gitlab::AppLogger
end
+
+ def ldap_auth(login, password)
+ # Check user against LDAP backend if user is not authenticated
+ # Only check with valid login and password to prevent anonymous bind results
+ return nil unless ldap_conf.enabled && !login.blank? && !password.blank?
+
+ ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)
+ ldap_user = ldap.bind_as(
+ filter: Net::LDAP::Filter.eq(ldap.uid, login),
+ size: 1,
+ password: password
+ )
+
+ User.find_by_extern_uid_and_provider(ldap_user.dn, 'ldap') if ldap_user
+ end
+
+ def ldap_conf
+ @ldap_conf ||= Gitlab.config.ldap
+ end
end
end
View Lorry Controller Status