How do I authenticate users with a rubycas server with multiple fields?
I have used rubycas-server to create sso systems using program to create custom system but now my question is rubycas-server only one field, like 'email', I want to use 'email' / 'tel' / 'nickname' for user login. no more info in the wiki
authenticator:
class: CASServer::Authenticators::SQLBcrypt
database:
adapter: mysql2
database: xxxx
username: root
password: xxxx
host: localhost
user_table: users
username_column: email # tel/nickname
password_column: encrypted_password
Sorry for my poor English! help me, thank you very much!
source to share
Change the following code in rubycas-server / lib / casserver / authenticators / sql_bcrypt.rb
def matching_users
results = user_model.find(:all, :conditions => ["#{username_column} = ?", @username])
results.select { |user| BCrypt::Password.new(user.send(password_column.to_sym)) == @password }
end
to
def matching_users
if username_column.include?(',')
columns = username_column.split(',')
sql = ''
conditions = []
columns.each do |field|
if sql.length != 0
sql += ' or '
end
sql += "#{field} = ?"
conditions << @username
end
conditions.unshift(sql)
else
conditions = ["#{username_column} = ?", @username]
end
results = user_model.find(:all, :conditions => conditions)
results.select { |user| BCrypt::Password.new(user.send(password_column.to_sym)) == @password }
end
then u can use mutli-fieds in config.yml like this:
authenticator:
class: CASServer::Authenticators::SQLBcrypt
database:
adapter: mysql2
database: test
username: root
password: map
host: localhost
user_table: users
username_column: email,nickname,tel
password_column: encrypted_password
source to share
I am afraid this is not possible. As you can see from the official repository, this authenticator simply matches the username column name:
def matching_users
results = user_model.find(:all, :conditions => ["#{username_column} = ?", @username])
results.select { |user| BCrypt::Password.new(user.send(password_column.to_sym)) == @password }
end
For your case, your best bet would be to write your own authenticator that matches email/tel/nickname
. This is however a very tough login name, but think about a more user-friendly one.
source to share