src/auth.js

   1 'use strict';
   2
   3 var passport = require('passport'),
   4     LdapStrategy = require('passport-ldapjs').Strategy;
   5
   6 var LDAP_URL = process.env.LDAP_URL;
   7 var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN;
   8
   9 if (LDAP_URL && LDAP_USERS_BASE_DN) {
  10     console.log('Enable ldap auth');
  11
  12     exports.ldap = passport.authenticate('ldap', {
  13         successReturnToOrRedirect: '/',
  14         failureRedirect: '/login',
  15         failureFlash: true
  16     });
  17 } else {
  18     exports.ldap = function (req, res, next) {
  19         console.log('ldap auth disabled');
  20         next();
  21     };
  22 }
  23
  24 var opts = {
  25     server: {
  26         url: LDAP_URL,
  27     },
  28     base: LDAP_USERS_BASE_DN,
  29     search: {
  30         filter: '(uid={{username}})',
  31         attributes: ['displayname', 'username', 'mail', 'uid'],
  32         scope: 'sub'
  33     },
  34     uidTag: 'uid',
  35     usernameField: 'username',
  36     passwordField: 'password',
  37 };
  38
  39 passport.use(new LdapStrategy(opts, function (profile, done) {
  40     console.log('ldap', profile);
  41     done(null, profile);
  42 }));