From 591ad40c9613c91069047ca0781a4b38fd2a8a1b Mon Sep 17 00:00:00 2001 From: Johannes Zellner Date: Sat, 27 Jun 2015 19:05:20 +0200 Subject: [PATCH] Add ldap auth --- Dockerfile | 1 + app.js | 17 +++++++++++++---- cli/actions.js | 2 ++ package.json | 3 +++ src/auth.js | 42 ++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 61 insertions(+), 4 deletions(-) create mode 100644 src/auth.js diff --git a/Dockerfile b/Dockerfile index 80ecadf..87ed80d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,6 +9,7 @@ WORKDIR /app/code ADD package.json /app/code/package.json ADD src /app/code/src ADD app.js /app/code/app.js +ADD app /app/code/app RUN npm install EXPOSE 3000 diff --git a/app.js b/app.js index 967b865..5cc70f4 100755 --- a/app.js +++ b/app.js @@ -4,11 +4,15 @@ var express = require('express'), morgan = require('morgan'), + passport = require('passport'), path = require('path'), compression = require('compression'), + session = require('express-session'), bodyParser = require('body-parser'), + cookieParser = require('cookie-parser'), lastMile = require('connect-lastmile'), multipart = require('./src/multipart'), + auth = require('./src/auth.js'), files = require('./src/files.js')(path.resolve(__dirname, 'files')); var app = express(); @@ -16,18 +20,23 @@ var router = new express.Router(); var multipart = multipart({ maxFieldsSize: 2 * 1024, limit: '512mb', timeout: 3 * 60 * 1000 }); -router.get('/api/files/*', files.get); -router.put('/api/files/*', multipart, files.put); -router.delete('/api/files/*', files.del); +router.get('/api/files/*', auth.ldap, files.get); +router.put('/api/files/*', auth.ldap, multipart, files.put); +router.delete('/api/files/*', auth.ldap, files.del); // healthcheck in case / does not serve up any file yet router.get('/', function (req, res) { res.sendfile(path.join(__dirname, '/app/welcome.html')); }); app.use(morgan('dev')); app.use(compression()); -app.use(bodyParser.json()); app.use('/settings', express.static(__dirname + '/app')); app.use(express.static(__dirname + '/files')); +app.use(bodyParser.json()); +app.use(bodyParser.urlencoded()); +app.use(cookieParser()); +app.use(session({ secret: 'surfin surfin' })); +app.use(passport.initialize()); +app.use(passport.session()); app.use(router); app.use(lastMile()); diff --git a/cli/actions.js b/cli/actions.js index 36296ae..b35b8da 100644 --- a/cli/actions.js +++ b/cli/actions.js @@ -44,6 +44,8 @@ function collectFiles(filesOrFolders) { } function login(server) { + if (server[server.length-1] === '/') server = server.slice(0, -1); + console.log('Using server', server); config.set('server', server); } diff --git a/package.json b/package.json index 8c11b9a..d10b733 100644 --- a/package.json +++ b/package.json @@ -23,13 +23,16 @@ "compression": "^1.5.0", "connect-lastmile": "0.0.10", "connect-timeout": "^1.6.2", + "cookie-parser": "^1.3.5", "debug": "^2.2.0", "del": "^1.2.0", "ejs": "^2.3.1", "express": "^4.12.4", + "express-session": "^1.11.3", "mkdirp": "^0.5.1", "morgan": "^1.6.0", "multiparty": "^4.1.2", + "passport": "^0.2.2", "safetydance": "0.0.16", "superagent": "^1.2.0", "underscore": "^1.8.3" diff --git a/src/auth.js b/src/auth.js new file mode 100644 index 0000000..3d2acce --- /dev/null +++ b/src/auth.js @@ -0,0 +1,42 @@ +'use strict'; + +var passport = require('passport'), + LdapStrategy = require('passport-ldapjs').Strategy; + +var LDAP_URL = process.env.LDAP_URL; +var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN; + +if (LDAP_URL && LDAP_USERS_BASE_DN) { + console.log('Enable ldap auth'); + + exports.ldap = passport.authenticate('ldap', { + successReturnToOrRedirect: '/', + failureRedirect: '/login', + failureFlash: true + }); +} else { + exports.ldap = function (req, res, next) { + console.log('ldap auth disabled'); + next(); + }; +} + +var opts = { + server: { + url: LDAP_URL, + }, + base: LDAP_USERS_BASE_DN, + search: { + filter: '(uid={{username}})', + attributes: ['displayname', 'username', 'mail', 'uid'], + scope: 'sub' + }, + uidTag: 'uid', + usernameField: 'username', + passwordField: 'password', +}; + +passport.use(new LdapStrategy(opts, function (profile, done) { + console.log('ldap', profile); + done(null, profile); +})); -- 2.41.0