]>
Commit | Line | Data |
---|---|---|
1 | 'use strict'; | |
2 | ||
3 | var passport = require('passport'), | |
4 | LdapStrategy = require('passport-ldapjs').Strategy; | |
5 | ||
6 | passport.serializeUser(function (user, done) { | |
7 | console.log('serializeUser', user); | |
8 | done(null, user.uid); | |
9 | }); | |
10 | ||
11 | passport.deserializeUser(function (id, done) { | |
12 | console.log('deserializeUser', id); | |
13 | done(null, { uid: id }); | |
14 | }); | |
15 | ||
16 | var LDAP_URL = process.env.LDAP_URL; | |
17 | var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN; | |
18 | ||
19 | if (LDAP_URL && LDAP_USERS_BASE_DN) { | |
20 | console.log('Enable ldap auth'); | |
21 | ||
22 | exports.ldap = passport.authenticate('ldap'); | |
23 | } else { | |
24 | exports.ldap = function (req, res, next) { | |
25 | console.log('Disable ldap auth, use developer credentials!'); | |
26 | ||
27 | if (req.query.username !== 'test') return res.send(401); | |
28 | if (req.query.password !== 'test') return res.send(401); | |
29 | ||
30 | next(); | |
31 | }; | |
32 | } | |
33 | ||
34 | var opts = { | |
35 | server: { | |
36 | url: LDAP_URL, | |
37 | }, | |
38 | base: LDAP_USERS_BASE_DN, | |
39 | search: { | |
40 | filter: '(|(username={{username}})(mail={{username}}))', | |
41 | attributes: ['displayname', 'username', 'mail', 'uid'], | |
42 | scope: 'sub' | |
43 | }, | |
44 | uidTag: 'cn', | |
45 | usernameField: 'username', | |
46 | passwordField: 'password', | |
47 | }; | |
48 | ||
49 | passport.use(new LdapStrategy(opts, function (profile, done) { | |
50 | console.log('ldap', profile); | |
51 | done(null, profile); | |
52 | })); |