- if (req.query.username !== 'test') return res.send(401);
- if (req.query.password !== 'test') return res.send(401);
-
- next();
+ exports.ldap = function (req, res, next) {
+ var users = safe.JSON.parse(safe.fs.readFileSync(LOCAL_AUTH_FILE));
+ if (!users) return res.send(401);
+ if (!users[req.query.username]) return res.send(401);
+
+ bcrypt.compare(req.query.password, users[req.query.username].passwordHash, function (error, valid) {
+ if (error || !valid) return res.send(401);
+ next();
+ });