Add ldap auth

author: Johannes Zellner <johannes@nebulon.de> 2015-06-27 19:05:20 +0200
committer: Johannes Zellner <johannes@nebulon.de> 2015-06-27 19:05:20 +0200
commit: 591ad40c9613c91069047ca0781a4b38fd2a8a1b (patch)
tree: 44cf2e3d52ead38eda311c38344294789f500ce8
parent: c10e69bfcf248c5e2c17b776e19c348b8acfecc7 (diff)
download: Surfer-591ad40c9613c91069047ca0781a4b38fd2a8a1b.tar.gz
Surfer-591ad40c9613c91069047ca0781a4b38fd2a8a1b.tar.zst
Surfer-591ad40c9613c91069047ca0781a4b38fd2a8a1b.zip
5 files changed, 61 insertions, 4 deletions
diff --git a/Dockerfile b/Dockerfile
index 80ecadf..87ed80d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,6 +9,7 @@ WORKDIR /app/code
 ADD package.json /app/code/package.json
 ADD src /app/code/src
 ADD app.js /app/code/app.js
+ADD app /app/code/app
 RUN npm install
 EXPOSE 3000
diff --git a/app.js b/app.js
index 967b865..5cc70f4 100755
--- a/app.js
+++ b/app.js
@@ -4,11 +4,15 @@
 var express = require('express'),
    morgan = require('morgan'),
+    passport = require('passport'),
    path = require('path'),
    compression = require('compression'),
+    session = require('express-session'),
    bodyParser = require('body-parser'),
+    cookieParser = require('cookie-parser'),
    lastMile = require('connect-lastmile'),
    multipart = require('./src/multipart'),
+    auth = require('./src/auth.js'),
    files = require('./src/files.js')(path.resolve(__dirname, 'files'));
 var app = express();
@@ -16,18 +20,23 @@ var router = new express.Router();
 var multipart = multipart({ maxFieldsSize: 2 * 1024, limit: '512mb', timeout: 3 * 60 * 1000 });
-router.get('/api/files/*', files.get);
+router.get('/api/files/*', auth.ldap, files.get);
-router.put('/api/files/*', multipart, files.put);
+router.put('/api/files/*', auth.ldap, multipart, files.put);
-router.delete('/api/files/*', files.del);
+router.delete('/api/files/*', auth.ldap, files.del);
 // healthcheck in case / does not serve up any file yet
 router.get('/', function (req, res) { res.sendfile(path.join(__dirname, '/app/welcome.html')); });
 app.use(morgan('dev'));
 app.use(compression());
-app.use(bodyParser.json());
 app.use('/settings', express.static(__dirname + '/app'));
 app.use(express.static(__dirname + '/files'));
+app.use(bodyParser.json());
+app.use(bodyParser.urlencoded());
+app.use(cookieParser());
+app.use(session({ secret: 'surfin surfin' }));
+app.use(passport.initialize());
+app.use(passport.session());
 app.use(router);
 app.use(lastMile());
diff --git a/cli/actions.js b/cli/actions.js
index 36296ae..b35b8da 100644
--- a/cli/actions.js
+++ b/cli/actions.js
@@ -44,6 +44,8 @@ function collectFiles(filesOrFolders) {
 }
 function login(server) {
+    if (server[server.length-1] === '/') server = server.slice(0, -1);
    console.log('Using server', server);
    config.set('server', server);
 }
diff --git a/package.json b/package.json
index 8c11b9a..d10b733 100644
--- a/package.json
+++ b/package.json
@@ -23,13 +23,16 @@
    "compression": "^1.5.0",
    "connect-lastmile": "0.0.10",
    "connect-timeout": "^1.6.2",
+    "cookie-parser": "^1.3.5",
    "debug": "^2.2.0",
    "del": "^1.2.0",
    "ejs": "^2.3.1",
    "express": "^4.12.4",
+    "express-session": "^1.11.3",
    "mkdirp": "^0.5.1",
    "morgan": "^1.6.0",
    "multiparty": "^4.1.2",
+    "passport": "^0.2.2",
    "safetydance": "0.0.16",
    "superagent": "^1.2.0",
    "underscore": "^1.8.3"
diff --git a/src/auth.js b/src/auth.js
new file mode 100644
index 0000000..3d2acce
--- /dev/null
+++ b/src/auth.js
@@ -0,0 +1,42 @@
+'use strict';
+var passport = require('passport'),
+    LdapStrategy = require('passport-ldapjs').Strategy;
+var LDAP_URL = process.env.LDAP_URL;
+var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN;
+if (LDAP_URL && LDAP_USERS_BASE_DN) {
+    console.log('Enable ldap auth');
+    exports.ldap = passport.authenticate('ldap', {
+        successReturnToOrRedirect: '/',
+        failureRedirect: '/login',
+        failureFlash: true
+    });
+} else {
+    exports.ldap = function (req, res, next) {
+        console.log('ldap auth disabled');
+        next();
+    };
+}
+var opts = {
+    server: {
+        url: LDAP_URL,
+    },
+    base: LDAP_USERS_BASE_DN,
+    search: {
+        filter: '(uid={{username}})',
+        attributes: ['displayname', 'username', 'mail', 'uid'],
+        scope: 'sub'
+    },
+    uidTag: 'uid',
+    usernameField: 'username',
+    passwordField: 'password',
+};
+passport.use(new LdapStrategy(opts, function (profile, done) {
+    console.log('ldap', profile);
+    done(null, profile);
+}));
author	Johannes Zellner <johannes@nebulon.de>	2015-06-27 19:05:20 +0200
committer	Johannes Zellner <johannes@nebulon.de>	2015-06-27 19:05:20 +0200
commit	591ad40c9613c91069047ca0781a4b38fd2a8a1b (patch)
tree	44cf2e3d52ead38eda311c38344294789f500ce8
parent	c10e69bfcf248c5e2c17b776e19c348b8acfecc7 (diff)
download	Surfer-591ad40c9613c91069047ca0781a4b38fd2a8a1b.tar.gz Surfer-591ad40c9613c91069047ca0781a4b38fd2a8a1b.tar.zst Surfer-591ad40c9613c91069047ca0781a4b38fd2a8a1b.zip

diff --git a/Dockerfile b/Dockerfile index 80ecadf..87ed80d 100644 --- a/Dockerfile +++ b/Dockerfile
@@ -9,6 +9,7 @@ WORKDIR /app/code
9	ADD package.json /app/code/package.json	9	ADD package.json /app/code/package.json
10	ADD src /app/code/src	10	ADD src /app/code/src
11	ADD app.js /app/code/app.js	11	ADD app.js /app/code/app.js
		12	ADD app /app/code/app
12	RUN npm install	13	RUN npm install
13		14
14	EXPOSE 3000	15	EXPOSE 3000


diff --git a/app.js b/app.js index 967b865..5cc70f4 100755 --- a/app.js +++ b/app.js
@@ -4,11 +4,15 @@
4		4
5	var express = require('express'),	5	var express = require('express'),
6	morgan = require('morgan'),	6	morgan = require('morgan'),
		7	passport = require('passport'),
7	path = require('path'),	8	path = require('path'),
8	compression = require('compression'),	9	compression = require('compression'),
		10	session = require('express-session'),
9	bodyParser = require('body-parser'),	11	bodyParser = require('body-parser'),
		12	cookieParser = require('cookie-parser'),
10	lastMile = require('connect-lastmile'),	13	lastMile = require('connect-lastmile'),
11	multipart = require('./src/multipart'),	14	multipart = require('./src/multipart'),
		15	auth = require('./src/auth.js'),
12	files = require('./src/files.js')(path.resolve(__dirname, 'files'));	16	files = require('./src/files.js')(path.resolve(__dirname, 'files'));
13		17
14	var app = express();	18	var app = express();
@@ -16,18 +20,23 @@ var router = new express.Router();
16		20
17	var multipart = multipart({ maxFieldsSize: 2 * 1024, limit: '512mb', timeout: 3 * 60 * 1000 });	21	var multipart = multipart({ maxFieldsSize: 2 * 1024, limit: '512mb', timeout: 3 * 60 * 1000 });
18		22
19	router.get('/api/files/*', files.get);	23	router.get('/api/files/*', auth.ldap, files.get);
20	router.put('/api/files/*', multipart, files.put);	24	router.put('/api/files/*', auth.ldap, multipart, files.put);
21	router.delete('/api/files/*', files.del);	25	router.delete('/api/files/*', auth.ldap, files.del);
22		26
23	// healthcheck in case / does not serve up any file yet	27	// healthcheck in case / does not serve up any file yet
24	router.get('/', function (req, res) { res.sendfile(path.join(__dirname, '/app/welcome.html')); });	28	router.get('/', function (req, res) { res.sendfile(path.join(__dirname, '/app/welcome.html')); });
25		29
26	app.use(morgan('dev'));	30	app.use(morgan('dev'));
27	app.use(compression());	31	app.use(compression());
28	app.use(bodyParser.json());
29	app.use('/settings', express.static(__dirname + '/app'));	32	app.use('/settings', express.static(__dirname + '/app'));
30	app.use(express.static(__dirname + '/files'));	33	app.use(express.static(__dirname + '/files'));
		34	app.use(bodyParser.json());
		35	app.use(bodyParser.urlencoded());
		36	app.use(cookieParser());
		37	app.use(session({ secret: 'surfin surfin' }));
		38	app.use(passport.initialize());
		39	app.use(passport.session());
31	app.use(router);	40	app.use(router);
32	app.use(lastMile());	41	app.use(lastMile());
33		42


diff --git a/cli/actions.js b/cli/actions.js index 36296ae..b35b8da 100644 --- a/cli/actions.js +++ b/cli/actions.js
@@ -44,6 +44,8 @@ function collectFiles(filesOrFolders) {
44	}	44	}
45		45
46	function login(server) {	46	function login(server) {
		47	if (server[server.length-1] === '/') server = server.slice(0, -1);
		48
47	console.log('Using server', server);	49	console.log('Using server', server);
48	config.set('server', server);	50	config.set('server', server);
49	}	51	}


diff --git a/package.json b/package.json index 8c11b9a..d10b733 100644 --- a/package.json +++ b/package.json
@@ -23,13 +23,16 @@
23	"compression": "^1.5.0",	23	"compression": "^1.5.0",
24	"connect-lastmile": "0.0.10",	24	"connect-lastmile": "0.0.10",
25	"connect-timeout": "^1.6.2",	25	"connect-timeout": "^1.6.2",
		26	"cookie-parser": "^1.3.5",
26	"debug": "^2.2.0",	27	"debug": "^2.2.0",
27	"del": "^1.2.0",	28	"del": "^1.2.0",
28	"ejs": "^2.3.1",	29	"ejs": "^2.3.1",
29	"express": "^4.12.4",	30	"express": "^4.12.4",
		31	"express-session": "^1.11.3",
30	"mkdirp": "^0.5.1",	32	"mkdirp": "^0.5.1",
31	"morgan": "^1.6.0",	33	"morgan": "^1.6.0",
32	"multiparty": "^4.1.2",	34	"multiparty": "^4.1.2",
		35	"passport": "^0.2.2",
33	"safetydance": "0.0.16",	36	"safetydance": "0.0.16",
34	"superagent": "^1.2.0",	37	"superagent": "^1.2.0",
35	"underscore": "^1.8.3"	38	"underscore": "^1.8.3"


diff --git a/src/auth.js b/src/auth.js new file mode 100644 index 0000000..3d2acce --- /dev/null +++ b/src/auth.js
@@ -0,0 +1,42 @@
		1	'use strict';
		2
		3	var passport = require('passport'),
		4	LdapStrategy = require('passport-ldapjs').Strategy;
		5
		6	var LDAP_URL = process.env.LDAP_URL;
		7	var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN;
		8
		9	if (LDAP_URL && LDAP_USERS_BASE_DN) {
		10	console.log('Enable ldap auth');
		11
		12	exports.ldap = passport.authenticate('ldap', {
		13	successReturnToOrRedirect: '/',
		14	failureRedirect: '/login',
		15	failureFlash: true
		16	});
		17	} else {
		18	exports.ldap = function (req, res, next) {
		19	console.log('ldap auth disabled');
		20	next();
		21	};
		22	}
		23
		24	var opts = {
		25	server: {
		26	url: LDAP_URL,
		27	},
		28	base: LDAP_USERS_BASE_DN,
		29	search: {
		30	filter: '(uid={{username}})',
		31	attributes: ['displayname', 'username', 'mail', 'uid'],
		32	scope: 'sub'
		33	},
		34	uidTag: 'uid',
		35	usernameField: 'username',
		36	passwordField: 'password',
		37	};
		38
		39	passport.use(new LdapStrategy(opts, function (profile, done) {
		40	console.log('ldap', profile);
		41	done(null, profile);
		42	}));