Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-18 00:00:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

This allows CAS to work side by side with other Auth methods.

Browse source 
This is at least one issue with this

to logout of CAS you need session information but the logout method blows this away so I do the cas log out before the session is killed so the session persistest in rails.  Because I needed to move the CAS before filters into login_cas and out of the application to make it work side by side.   The user will still be logined into tracks even though their CAS session is closed as the session will still be there.

 def logout
    @user.forget_me if logged_in?
    cookies.delete :auth_token
    session['user_id'] = nil
    if ( SITE_CONFIG['authentication_schemes'].include? 'cas')  && session[:cas_user]
      CASClient::Frameworks::Rails::Filter.logout(self)
    else
      reset_session
      notify :notice, "You have been logged out of Tracks."
      redirect_to_login
    end
  end

The other issue I have with this is that:
I could not find a use case for having mixed auth when using CAS. The reason to move to CAS is that all your users use CAS all the time. Even for admin accounts. Moodle is a good example of this in that when you activate CAS the default is that you can now only access moodle via CAS. By allowing mixed auth and self signup you end up with a anyone (the public) being able to sign up for accounts.
This commit is contained in:
Erik Ordway 2009-12-29 12:22:44 -08:00 committed by Eric Allen
parent d5c16db975
commit 5b431ef50a
10 changed files with 113 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

18
app/controllers/users_controller.rb
View file

@ -27,6 +27,13 @@ class UsersController < ApplicationController
# GET /users/new
def new
@auth_types = []
unless session[:cas_user]
Tracks::Config.auth_schemes.each {|auth| @auth_types << [auth,auth]}
else
@auth_types << ['cas','cas']
end
if User.no_users_yet?
@page_title = "TRACKS::Sign up as the admin user"
@heading = "Welcome to TRACKS. To get started, please create an admin account:"
@ -68,7 +75,9 @@ class UsersController < ApplicationController
user = User.new(params['user'])
if Tracks::Config.auth_schemes.include?('cas')
user.auth_type = "cas" #since CAS will be doing all the auth we may as well set it for everyone when CAS in enabled
if user.auth_type.eql? "cas"
user.crypted_password = "cas"
end
end
unless user.valid?
@ -79,9 +88,6 @@ class UsersController < ApplicationController
first_user_signing_up = User.no_users_yet?
user.is_admin = true if first_user_signing_up
if Tracks::Config.auth_schemes.include?('cas')
user.auth_type = "cas" #since CAS will be doing all the auth we may as well set it for everyone when CAS in enabled
end
if user.save
@user = User.authenticate(user.login, params['user']['password'])
@user.create_preference
@ -102,8 +108,8 @@ class UsersController < ApplicationController
return
end
user = User.new(params[:request])
if Tracks::Config.auth_schemes.include?('cas')
user.auth_type = "cas" #since CAS will be doing all the auth we may as well set it for everyone when CAS in enabled
if Tracks::Config.auth_schemes.include?('cas') && session[:cas_user]
user.auth_type = "cas" #if they area cas user
end
user.password_confirmation = params[:request][:password]
if user.save