[perso/Immae/Projets/Nodejs/Surfer.git] / src / auth.js

'use strict';

var passport = require('passport'),
    LdapStrategy = require('passport-ldapjs').Strategy;

passport.serializeUser(function (user, done) {
    console.log('serializeUser', user);
    done(null, user.id);
});

passport.deserializeUser(function (id, done) {
    console.log('deserializeUser', id);
    done(null, { id: id });
});

var LDAP_URL = process.env.LDAP_URL;
var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN;

if (LDAP_URL && LDAP_USERS_BASE_DN) {
    console.log('Enable ldap auth');

    exports.ldap = passport.authenticate('ldap');
} else {
    exports.ldap = function (req, res, next) {
        console.log('Disable ldap auth, use developer credentials!');

        if (req.query.username !== 'username') return res.send(401);
        if (req.query.password !== 'password') return res.send(401);

        next();
    };
}

var opts = {
    server: {
        url: LDAP_URL,
    },
    base: LDAP_USERS_BASE_DN,
    search: {
        filter: '(uid={{username}})',
        attributes: ['displayname', 'username', 'mail', 'uid'],
        scope: 'sub'
    },
    uidTag: 'cn',
    usernameField: 'username',
    passwordField: 'password',
};

passport.use(new LdapStrategy(opts, function (profile, done) {
    console.log('ldap', profile);
    done(null, profile);
}));
Commit	Line	Data
591ad40c JZ	1	'use strict';
	2
	3	var passport = require('passport'),
	4	LdapStrategy = require('passport-ldapjs').Strategy;
	5
a90a633f JZ	6	passport.serializeUser(function (user, done) {
	7	console.log('serializeUser', user);
	8	done(null, user.id);
	9	});
	10
	11	passport.deserializeUser(function (id, done) {
	12	console.log('deserializeUser', id);
	13	done(null, { id: id });
	14	});
	15
591ad40c JZ	16	var LDAP_URL = process.env.LDAP_URL;
	17	var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN;
	18
	19	if (LDAP_URL && LDAP_USERS_BASE_DN) {
	20	console.log('Enable ldap auth');
	21
a90a633f	22	exports.ldap = passport.authenticate('ldap');
591ad40c JZ	23	} else {
591ad40c JZ	24	exports.ldap = function (req, res, next) {
a90a633f JZ	25	console.log('Disable ldap auth, use developer credentials!');
	26
	27	if (req.query.username !== 'username') return res.send(401);
	28	if (req.query.password !== 'password') return res.send(401);
	29
591ad40c JZ	30	next();
	31	};
	32	}
	33
	34	var opts = {
	35	server: {
	36	url: LDAP_URL,
	37	},
	38	base: LDAP_USERS_BASE_DN,
	39	search: {
	40	filter: '(uid={{username}})',
	41	attributes: ['displayname', 'username', 'mail', 'uid'],
	42	scope: 'sub'
	43	},
a90a633f	44	uidTag: 'cn',
591ad40c JZ	45	usernameField: 'username',
	46	passwordField: 'password',
	47	};
	48
	49	passport.use(new LdapStrategy(opts, function (profile, done) {
	50	console.log('ldap', profile);
	51	done(null, profile);
	52	}));