Some Updates On “LDAP Authentication With Phoenix”

There’s an excellent write-up on authenticating users against an LDAP database with Phoenix which was created by Richard Nyström. For some reason even though it’s barely a year old, there seem to be a few points that are either out of date or simply incorrect. I worked through his example and I wanted to share a few amendments to his original code in the interests of other developers who may want to use LDAP with Phoenix.

First the set up of Phoenix

mix phx.new ldap_example # was mix phoenix.new ldap_example

...

Fetch and install dependencies? [Yn] Y

cd ldap_example

mix ecto.create (configure your db in config/dev.exs if needed)

mix phx.gen.schema User users username:string name:string email:string

# was

# mix phoenix.gen.model User users username:string name:string email:string

mix ecto.migrate

Next change is in the session_controller.ex file:

#was LdapExample.SessionController

defmodule LdapExampleWeb.SessionController do

#was LdapExample.Web, :controller

use LdapExampleWeb, :controller

alias LdapExample.{User, Repo, Ldap}

def new(conn, _params) do

render conn, "new.html", changeset: User.login_changeset

end

def create(conn, %{"user" => params}) do

username = params["username"]

password = params["password"]

case Ldap.authenticate(username, password) do

:ok -> handle_sign_in(conn, username)

_ -> handle_error(conn)

end

defp handle_sign_in(conn, username) do

{:ok, user} = insert_or_update_user(username)

conn

|> put_flash(:info, "Logged in.")

|> Guardian.Plug.sign_in(user)

|> redirect(to: page_path(conn, :index))

end

defp insert_or_update_user(username) do

{:ok, ldap_entry} = Ldap.get_by_uid(username)

user_attributes = Ldap.to_map(ldap_entry)

user = Repo.get_by(User, username: username)

changeset =

case user do

nil -> User.changeset(%User{}, user_attributes)

_ -> User.changeset(user, user_attributes)

end

Repo.insert_or_update changeset

end

defp handle_error(conn) do

conn

|> put_flash(:error, "Wrong username or password")

|> redirect(to: page_path(conn, :new))

end

def delete(conn, _params) do

Guardian.Plug.sign_out(conn)

|> put_flash(:info, "Logged out successfully.")

|> redirect(to: "/")

end

The changes to user.ex are not made in the web/model/user.ex; rather they’re made in the existing user.ex file.

And finally a change to session_view.ex

#was LdapExample.SessionView

defmodule LdapExampleWeb.SessionView do

use LdapExampleWeb, :view

end

Some Updates On “LDAP Authentication With Phoenix”

Some Updates On “LDAP Authentication With Phoenix”

Recommend

Using Mocking Frameworks To Help With Unit Testing UI Controls | Jamie Dixon's H...

Taking a Hiatus From Blogging | Jamie Dixon's Home

Creating Dynamic Uris For Visual Studio Web Tests | Jamie Dixon's Home

Age and Sex Analysis Of Microsoft USA MVPs | Jamie Dixon's Home

The Social Transf#ormation of Software Development | Jamie Dixon's Home

Replacing Entity Framework Classes With Record Types | Jamie Dixon's Home

Panzer General Portable

Setting Up The Environment For Mobile Development | Jamie Dixon's Home

Build Docker in an Azure DevOps CI Pipeline

Run xUnit Tests inside Docker during an Azure DevOps CI Build

About Joyk