diff options
Diffstat (limited to 'sources/patches/app-sso.patch')
| -rw-r--r-- | sources/patches/app-sso.patch | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/sources/patches/app-sso.patch b/sources/patches/app-sso.patch new file mode 100644 index 0000000..72f738e --- /dev/null +++ b/sources/patches/app-sso.patch @@ -0,0 +1,56 @@ +diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb +index 7c36bc6b8..3f691d102 100644 +--- a/app/controllers/application_controller.rb ++++ b/app/controllers/application_controller.rb +@@ -69,7 +69,7 @@ class ApplicationController < ActionController::Base + end + + def after_sign_out_path_for(_resource_or_scope) +- new_user_session_path ++ "https://#{File.read('/etc/yunohost/current_host')}/yunohost/sso/?action=logout" + end + + protected +diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb +index 5232e6cfd..160348674 100644 +--- a/config/initializers/devise.rb ++++ b/config/initializers/devise.rb +@@ -180,7 +180,7 @@ Devise.setup do |config| + # given strategies, for example, `config.http_authenticatable = [:database]` will + # enable it only for database authentication. The supported strategies are: + # :database = Support basic authentication with authentication key + password +- config.http_authenticatable = [:pam, :database] ++ config.http_authenticatable = [:two_factor_ldap, :pam, :database] + + # If 401 status code should be returned for AJAX requests. True by default. + # config.http_authenticatable_on_xhr = true +diff --git a/lib/devise/two_factor_ldap_authenticatable.rb b/lib/devise/two_factor_ldap_authenticatable.rb +index 065aa2de8..0eb4be10c 100644 +--- a/lib/devise/two_factor_ldap_authenticatable.rb ++++ b/lib/devise/two_factor_ldap_authenticatable.rb +@@ -5,13 +5,13 @@ require 'devise/strategies/base' + + module Devise + module Strategies +- class TwoFactorLdapAuthenticatable < Base ++ class TwoFactorLdapAuthenticatable < Authenticatable + def valid? +- valid_params? && mapping.to.respond_to?(:authenticate_with_ldap) ++ (valid_for_params_auth? || valid_for_http_auth?) && mapping.to.respond_to?(:authenticate_with_ldap) + end + + def authenticate! +- resource = mapping.to.authenticate_with_ldap(params[scope]) ++ resource = mapping.to.authenticate_with_ldap(authentication_hash.merge(:password => password)) + + if resource && !resource.otp_required_for_login? + success!(resource) +@@ -23,7 +23,7 @@ module Devise + protected + + def valid_params? +- params[scope] && params[scope][:password].present? ++ super && params[scope][:password].present? + end + end + end |