添加一个radius_authenticatable模块以与设计一起使用.zip_How to add RADIUS auth to Devise gem资源-CSDN下载

共81个文件

rb：36个

erb：17个

yml：4个

版权申诉

42 浏览量 2023-04-06 22:20:00 上传评论收藏 75KB ZIP 举报

在Ruby on Rails开发中，Devise是一个非常流行的用户认证库，它提供了许多可插拔的模块，用于处理用户的注册、登录、密码重置等常见功能。在这个“添加一个radius_authenticatable模块以与设计一起使用”的主题中，我们将探讨如何集成Devise与Radius认证系统，以增强应用的安全性。 `radius_authenticatable`模块是Devise的一个自定义模块，它允许应用使用Radius服务器进行身份验证。Radius是一种网络认证协议，常用于大型企业或机构，因为它支持集中式管理和多因素认证。 1. **安装Devise和Devise-Radius-Authenticatable**：在Rails项目中，首先要通过Gemfile添加Devise和devise-radius-authenticatable gem： ```ruby gem 'devise' gem 'devise-radius-authenticatable' ``` 然后执行`bundle install`来安装这些依赖。 2. **配置Devise**：在`config/initializers/devise.rb`文件中，需要配置Devise的各个模块，并启用`radius_authenticatable`： ```ruby config.secret_key = 'your_secret_key' config.pepper = 'your_pepper' config.authentication_keys = [ :email ] config.case_insensitive_keys = [ :email ] config.skip_session_storage = [:http_auth] config.stretches = Rails.env.test? ? 1 : 10 config.reconfirmable = true config.confirm_within = 2.days config.expire_all_remember_me_on_sign_out = true config.password_length = 6..128 config.lock_strategy = :failed_attempts config.unlock_keys = [:email] config.unlock_strategies = [:email] config.maximum_attempts = 20 config.reset_password_within = 6.hours config.sign_in_after_reset_password = true config.send_password_change_notification = false config.storage = :active_record config.sign_out_via = :delete config.register_module :radius_authenticatable ``` 3. **创建User模型**：如果还没有User模型，需要通过以下命令创建： ```bash rails generate devise User ``` 4. **修改User模型**：在`app/models/user.rb`中，添加`radius_authenticatable`模块到Devise模块列表中： ```ruby class User < ApplicationRecord devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable, :radius_authenticatable end ``` 5. **配置Radius服务器**：配置Rails应用连接到你的Radius服务器。在`config/initializers/devise.rb`中，添加以下代码： ```ruby config.radius_server = 'your_radius_server_address' config.radius_port = your_radius_server_port config.radius_secret = 'your_radius_shared_secret' ``` 6. **数据库迁移**：运行数据库迁移，以创建Devise所需的表： ```bash rails db:migrate ``` 7. **路由配置**：在`config/routes.rb`中，确保有Devise的默认路由： ```ruby devise_for :users ``` 8. **视图和控制器**：根据需要定制Devise的视图和控制器，以适应你的应用设计。 9. **测试和调试**：完成以上步骤后，启动Rails服务器并进行测试，确保用户可以正常地通过Radius服务器进行认证。通过以上步骤，你的Rails应用现在应该能够使用Radius服务器进行用户认证了。这不仅提高了安全性，还使得用户认证过程更符合企业级标准。然而，记得在生产环境中，对敏感信息如Radius共享密钥进行妥善保护，例如使用环境变量存储，以防止泄露。同时，定期更新和审计你的Radius服务器，确保其安全性和稳定性。

资源推荐

资源详情

资源评论

收起资源包目录

添加一个radius_authenticatable模块以与设计一起使用.zip （81个子文件）

devise-radius-authenticatable-master

lib

devise

radius_authenticatable

test_helpers.rb 4KB

version.rb 84B

models

radius_authenticatable.rb 7KB

radius_authenticatable.rb 1KB

strategies

radius_authenticatable.rb 1KB

devise-radius-authenticatable.rb 169B

generators

devise_radius_authenticatable

install_generator.rb 4KB

Rakefile 500B

.rspec 9B

.travis.yml 106B

devise-radius-authenticatable.gemspec 2KB

spec

devise

models

radius_authenticatable_spec.rb 6KB

rails_app

lib

tasks

.gitkeep 0B

assets

.gitkeep 0B

Rakefile 273B

config.ru 158B

app

assets

stylesheets

application.css 546B

images

rails.png 6KB

javascripts

application.js 641B

mailers

.gitkeep 0B

controllers

admins_controller.rb 2KB

application_controller.rb 205B

helpers

application_helper.rb 29B

models

admin.rb 376B

.gitkeep 0B

views

devise

registrations

new.html.erb 494B

edit.html.erb 961B

mailer

confirmation_instructions.html.erb 232B

unlock_instructions.html.erb 295B

reset_password_instructions.html.erb 424B

passwords

new.html.erb 375B

edit.html.erb 558B

confirmations

new.html.erb 387B

shared

_links.erb 1KB

unlocks

new.html.erb 369B

sessions

new.html.erb 478B

layouts

application.html.erb 442B

admins

_form.html.erb 405B

index.html.erb 406B

new.html.erb 77B

show.html.erb 119B

edit.html.erb 113B

public

422.html 711B

500.html 643B

robots.txt 204B

404.html 728B

favicon.ico 0B

Gemfile 88B

.gitignore 430B

script

rails 295B

config

application.rb 3KB

environment.rb 152B

database.yml 571B

locales

devise.en.yml 4KB

en.yml 214B

routes.rb 2KB

initializers

backtrace_silencers.rb 404B

devise.rb 13KB

mime_types.rb 205B

secret_token.rb 499B

inflections.rb 533B

wrap_parameters.rb 465B

session_store.rb 417B

environments

test.rb 1KB

production.rb 2KB

development.rb 1KB

boot.rb 191B

schema.rb 2KB

seeds.rb 343B

migrate

20120627042556_devise_create_admins.rb 2KB

factories

admins.rb 194B

fixtures

devise.rb 11KB

support

devise_helpers.rb 456B

generator_helpers.rb 518B

generators

install_generator_spec.rb 3KB

integration

radius_authenticatable_spec.rb 4KB

spec_helper.rb 855B

Gemfile 38B

.gitignore 36B

MIT-LICENSE 1KB

README.md 5KB

Devise Radius Authenticatable ============================= [![Gem Version](https://badge.fury.io/rb/devise-radius-authenticatable.png)](http://badge.fury.io/rb/devise-radius-authenticatable) [![Build Status](https://travis-ci.org/cbascom/devise-radius-authenticatable.png)](https://travis-ci.org/cbascom/devise-radius-authenticatable) [![Code Climate](https://codeclimate.com/github/cbascom/devise-radius-authenticatable.png)](https://codeclimate.com/github/cbascom/devise-radius-authenticatable) Devise Radius Authenticatable is a Radius authentication strategy for [Devise](http://github.com/plataformatec/devise). Dependencies ------------ - Rails ~> 3.2 - Devise ~> 2.0 - radiustar ~> 0.0.8 Installation ------------ In the Gemfile for your application: gem "devise", "~> 2.0" gem "devise-radius-authenticatable" Setup ----- Run the rails generators for devise (please check the [devise](http://github.com/plataformatec/devise) documents for further instructions) rails generate devise:install rails generate devise MODEL_NAME Run the rails generator for devise-radius-authenticatable. Note that the generator is named with underscores instead of hyphens due to rails restrictions. rails generate devise_radius_authenticatable:install <IP> <SECRET> [options] This will update the devise.rb initializer. The IP and SECRET parameters specify the IP address and shared secret for the radius server. There are also some options you can pass to the generator to customize some default settings: Options: [--uid-field=UID_FIELD] # What database column to use for the UID # Default: uid [--port=PORT] # The port to connect to the radius server on # Default: 1812 [--timeout=TIMEOUT] # How long to wait for a response from the radius server # Default: 60 [--retries=RETRIES] # How many times to retry a radius request # Default: 0 [--dictionary-path=DICTIONARY_PATH] # The path to load radius dictionary files from [--handle-timeout-as-failure=HANDLE_TIMEOUT_AS_FAILURE] # Option to handle radius timeout as authentication failure # Default: false Documentation ------------- The rdocs for the gem are available here: http://rubydoc.info/github/cbascom/devise-radius-authenticatable/master/frames Usage ----- In order to use the radius_authenticatable strategy, you must modify your user model to use the :radius_authenticatable module. The radius_authenticatable strategy can be used standalone or along with database_authenticatable and any other strategies you wish to include. If you use radius_authenticatable alongside other authentication strategies, the default order for the strategies is determined by the order they are loaded in. The last loaded strategy will be the first strategy executed. The order of these strategies can be configured in the devise.rb initializer as follows: config.warden do |warden_config| warden_config.default_strategies(:token_authenticatable, :database_authenticatable, :radius_authenticatable, {:scope => :admin}) end The radius_authenticatable strategy will stop warden from continuing to the next strategy if authentication to the radius server is successful, but will have warden continue to the next stratgey if authentication to the radius server fails. The field that is used for logins is the first key that's configured in the Devise `config.authentication_keys` settings, which by default is email. For help changing this, please see the [Railscast](http://railscasts.com/episodes/210-customizing-devise) that goes through how to customize Devise. Configuration ------------- The radius_authenticatable module is configured through the normal devise initializer `config/initializers/devise.rb`. The initial values are added to the file when you run the devise_radius_authenticatable:install generator as described previously. References ---------- * [FreeRadius](http://www.freeradius.org/) * [Devise](http://github.com/plataformatec/devise) * [Warden](http://github.com/hassox/warden) Copyright (c) 2012-2013 Calvin Bascom Released under the MIT license

评论收藏

内容反馈

版权申诉