lib/generators/devise_radius_authenticatable/install_generator.rb
module DeviseRadiusAuthenticatable
class InstallGenerator < Rails::Generators::Base
source_root File.expand_path("../../templates", __FILE__)
desc <<-DESC.gsub(/ {6}/, '')
Description:
Adds radius_authenticatable strategy to the devise initializer
<SERVER IP> - The IP address of the radius server
<SHARED SECRET> - The shared secret for the radius server
DESC
argument(:server, :banner => '<SERVER IP>',
:desc => 'The IP address of the radius server')
argument(:secret, :banner => '<SHARED SECRET>',
:desc => 'The shared secret for the radius server')
class_option(:uid_field, :default => :uid,
:desc => 'What database column to use for the UID')
class_option(:port, :default => 1812,
:desc => 'The port to connect to the radius server on')
class_option(:timeout, :default => 60,
:desc => 'How long to wait for a response from the radius server')
class_option(:retries, :default => 0,
:desc => 'How many times to retry a radius request')
class_option(:dictionary_path, :default => nil,
:desc => 'The path to load radius dictionary files from')
class_option(:handle_timeout_as_failure, :default => false,
:desc => 'Option to handle radius timeout as authentication failure')
def install
inject_into_file("config/initializers/devise.rb", default_devise_settings,
:before => /^\s*.*==> Scopes configuration/)
end
private
def default_devise_settings
<<-CONFIG.gsub(/ {6}/, '')
# ==> Configuration for radius_authenticatable
# The radius_authenticatable strategy can be used in place of the
# database_authenticatable strategy or alongside it. The default order of the
# strategies is the reverse of how they were loaded. You can control this
# order by explicitly telling warden the order in which to apply the strategies.
# See the Warden Configuration section for further details.
#
# Configure the hostname or IP address of the radius server to use.
config.radius_server = '#{server}'
# Configure the port to use when connecting to the radius server.
config.radius_server_port = #{options[:port]}
# Configure the shared secret needed to connect to the radius server.
config.radius_server_secret = '#{secret}'
# Configure the time in seconds to wait for a radius server to respond.
config.radius_server_timeout = #{options[:timeout]}
# Configure the number of times a request should be retried when a radius server
# does not immediately respond to requests.
config.radius_server_retries = #{options[:retries]}
# In some cases you may want to support authentication attempts against
# multiple radius servers. In these cases the same username could be used on
# each of the servers. In order to create unique database records, a unique
# username is generated by using the radius username and the radius server IP
# address once the authentication has succeeded. This configuration option
# allows you to chose which database column this calculated UID field will be
# stored in.
config.radius_uid_field = :#{options[:uid_field]}
# If you want to control how the unique identifier is created for each radius
# user, this can be customized by configuring a proc that accepts the username
# and the radius server as parameters and returns the uid.
#
# config.radius_uid_generator = Proc.new do |username, server|
# "\#{username}@\#{server}"
# end
# There is a very basic radius dictionary provided by default. Most of the time
# this will not be sufficient, so this configuration option allows you to
# specify the path that contains all of the radius dictionary files that should
# be loaded.
#
# config.radius_dictionary_path = '#{options[:dictionary_path]}'
# Option to handle radius timeout as authentication failure
#
config.handle_radius_timeout_as_failure = #{options[:handle_timeout_as_failure]}
CONFIG
end
end
end