]>
Commit | Line | Data |
---|---|---|
591ad40c JZ |
1 | 'use strict'; |
2 | ||
3 | var passport = require('passport'), | |
4 | LdapStrategy = require('passport-ldapjs').Strategy; | |
5 | ||
6 | var LDAP_URL = process.env.LDAP_URL; | |
7 | var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN; | |
8 | ||
9 | if (LDAP_URL && LDAP_USERS_BASE_DN) { | |
10 | console.log('Enable ldap auth'); | |
11 | ||
12 | exports.ldap = passport.authenticate('ldap', { | |
13 | successReturnToOrRedirect: '/', | |
14 | failureRedirect: '/login', | |
15 | failureFlash: true | |
16 | }); | |
17 | } else { | |
18 | exports.ldap = function (req, res, next) { | |
19 | console.log('ldap auth disabled'); | |
20 | next(); | |
21 | }; | |
22 | } | |
23 | ||
24 | var opts = { | |
25 | server: { | |
26 | url: LDAP_URL, | |
27 | }, | |
28 | base: LDAP_USERS_BASE_DN, | |
29 | search: { | |
30 | filter: '(uid={{username}})', | |
31 | attributes: ['displayname', 'username', 'mail', 'uid'], | |
32 | scope: 'sub' | |
33 | }, | |
34 | uidTag: 'uid', | |
35 | usernameField: 'username', | |
36 | passwordField: 'password', | |
37 | }; | |
38 | ||
39 | passport.use(new LdapStrategy(opts, function (profile, done) { | |
40 | console.log('ldap', profile); | |
41 | done(null, profile); | |
42 | })); |