From 591ad40c9613c91069047ca0781a4b38fd2a8a1b Mon Sep 17 00:00:00 2001
From: Johannes Zellner <johannes@nebulon.de>
Date: Sat, 27 Jun 2015 19:05:20 +0200
Subject: Add ldap auth

---
 src/auth.js | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 src/auth.js

(limited to 'src/auth.js')

diff --git a/src/auth.js b/src/auth.js
new file mode 100644
index 0000000..3d2acce
--- /dev/null
+++ b/src/auth.js
@@ -0,0 +1,42 @@
+'use strict';
+
+var passport = require('passport'),
+    LdapStrategy = require('passport-ldapjs').Strategy;
+
+var LDAP_URL = process.env.LDAP_URL;
+var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN;
+
+if (LDAP_URL && LDAP_USERS_BASE_DN) {
+    console.log('Enable ldap auth');
+
+    exports.ldap = passport.authenticate('ldap', {
+        successReturnToOrRedirect: '/',
+        failureRedirect: '/login',
+        failureFlash: true
+    });
+} else {
+    exports.ldap = function (req, res, next) {
+        console.log('ldap auth disabled');
+        next();
+    };
+}
+
+var opts = {
+    server: {
+        url: LDAP_URL,
+    },
+    base: LDAP_USERS_BASE_DN,
+    search: {
+        filter: '(uid={{username}})',
+        attributes: ['displayname', 'username', 'mail', 'uid'],
+        scope: 'sub'
+    },
+    uidTag: 'uid',
+    usernameField: 'username',
+    passwordField: 'password',
+};
+
+passport.use(new LdapStrategy(opts, function (profile, done) {
+    console.log('ldap', profile);
+    done(null, profile);
+}));
-- 
cgit v1.2.3