- if Rails.configuration.new_users_are_active ||
- Rails.configuration.auto_activate_users_from.include?(remote_user['uuid'][0..4])
- # Update is_active to whatever it is at the remote end
- user.is_active = remote_user['is_active']
- elsif !remote_user['is_active']
- # Remote user is inactive; our mirror should be, too.
- user.is_active = false
+ remote_user_prefix = remote_user['uuid'][0..4]
+
+ # Clusters can only authenticate for their own users.
+ if remote_user_prefix != token_uuid_prefix
+ Rails.logger.warn "remote authentication rejected: claimed remote user #{remote_user_prefix} but token was issued by #{token_uuid_prefix}"
+ return nil
+ end
+
+ # Invariant: remote_user_prefix == token_uuid_prefix
+ # therefore: remote_user_prefix != Rails.configuration.ClusterID
+
+ # Add or update user and token in local database so we can
+ # validate subsequent requests faster.
+
+ user = User.find_by_uuid(remote_user['uuid'])
+
+ if !user
+ # Create a new record for this user.
+ user = User.new(uuid: remote_user['uuid'],
+ is_active: false,
+ is_admin: false,
+ email: remote_user['email'],
+ owner_uuid: system_user_uuid)
+ user.set_initial_username(requested: remote_user['username'])
+ end
+
+ # Sync user record.
+ if remote_user_prefix == Rails.configuration.Login.LoginCluster
+ # Remote cluster controls our user database, set is_active if
+ # remote is active. If remote is not active, user will be
+ # unsetup (see below).
+ user.is_active = true if remote_user['is_active']
+ user.is_admin = remote_user['is_admin']
+ else
+ if Rails.configuration.Users.NewUsersAreActive ||
+ Rails.configuration.RemoteClusters[remote_user_prefix].andand["ActivateUsers"]
+ # Default policy is to activate users
+ user.is_active = true if remote_user['is_active']