@mashroom/mashroom-security-provider-ldap
Advanced tools
@mashroom/mashroom-security-provider-ldap - npm Package Compare versions
Comparing version 1.0.92 to 1.0.93
@@ -26,3 +26,4 @@ "use strict"; | ||
| bindDN, | ||
| bindCredentials | ||
| bindCredentials, | ||
| authenticationTimeoutSec | ||
| } = pluginConfig; | ||
@@ -38,3 +39,3 @@ const pluginContext = pluginContextHolder.getPluginContext(); | ||
| const ldapClient = new _LdapClientImpl.default(serverUrl, baseDN, bindDN, bindCredentials, fixedTlsOptions, loggerFactory); | ||
| return new _MashroomLdapSecurityProvider.default(loginPage, userSearchFilter, groupSearchFilter, groupToRoleMappingPath, ldapClient, serverRootFolder, loggerFactory); | ||
| return new _MashroomLdapSecurityProvider.default(loginPage, userSearchFilter, groupSearchFilter, groupToRoleMappingPath, ldapClient, serverRootFolder, authenticationTimeoutSec, loggerFactory); | ||
| }; | ||
@@ -41,0 +42,0 @@ |
@@ -14,6 +14,7 @@ "use strict"; | ||
| const AUTHENTICATION_RESULT_SESSION_KEY = '__MASHROOM_SECURITY_AUTH'; | ||
| const AUTHENTICATION_RESULT_SESSION_KEY = '__MASHROOM_SECURITY_AUTH_USER'; | ||
| const AUTHENTICATION_EXPIRES_SESSION_KEY = '__MASHROOM_SECURITY_AUTH_EXPIRES'; | ||
| class MashroomLdapSecurityProvider { | ||
| constructor(loginPage, userSearchFilter, groupSearchFilter, groupToRoleMappingPath, ldapClient, serverRootFolder, loggerFactory) { | ||
| constructor(loginPage, userSearchFilter, groupSearchFilter, groupToRoleMappingPath, ldapClient, serverRootFolder, authenticationTimeoutSec, loggerFactory) { | ||
| this._logger = loggerFactory('mashroom.security.provider.ldap'); | ||
@@ -25,2 +26,3 @@ this._loginPage = loginPage; | ||
| this._ldapClient = ldapClient; | ||
| this._authenticationTimeoutSec = authenticationTimeoutSec; | ||
@@ -45,3 +47,3 @@ if (groupToRoleMappingPath) { | ||
| async authenticate(request, response) { | ||
| let buff = new Buffer(decodeURI(request.originalUrl)); | ||
| let buff = Buffer.from(decodeURI(request.originalUrl)); | ||
| const base64encodedReferrer = buff.toString('base64'); | ||
@@ -54,2 +56,13 @@ response.redirect(`${this._loginPage}?ref=${base64encodedReferrer}`); | ||
| async refreshAuthentication(request) { | ||
| request.session[AUTHENTICATION_EXPIRES_SESSION_KEY] = Date.now() + this._authenticationTimeoutSec * 1000; | ||
| } | ||
| getAuthenticationExpiration(request) { | ||
| return request.session[AUTHENTICATION_EXPIRES_SESSION_KEY]; | ||
| } | ||
| async revokeAuthentication() {// Nothing to do, the session has been regenerated at this point | ||
| } | ||
| async login(request, username, password) { | ||
@@ -99,2 +112,3 @@ let user = null; | ||
| request.session[AUTHENTICATION_RESULT_SESSION_KEY] = mashroomUser; | ||
| request.session[AUTHENTICATION_EXPIRES_SESSION_KEY] = Date.now() + this._authenticationTimeoutSec * 1000; | ||
| return { | ||
@@ -110,6 +124,14 @@ success: true | ||
| async revokeAuthentication(request) {// Nothing to do, the session has been regenerated at this point | ||
| } | ||
| getUser(request) { | ||
| const timeout = request.session[AUTHENTICATION_EXPIRES_SESSION_KEY]; | ||
| getUser(request) { | ||
| if (!timeout) { | ||
| return null; | ||
| } | ||
| if (timeout < Date.now()) { | ||
| delete request.session[AUTHENTICATION_RESULT_SESSION_KEY]; | ||
| return null; | ||
| } | ||
| return request.session[AUTHENTICATION_RESULT_SESSION_KEY]; | ||
@@ -116,0 +138,0 @@ } |
@@ -7,3 +7,3 @@ { | ||
| "license": "MIT", | ||
| "version": "1.0.92", | ||
| "version": "1.0.93", | ||
| "files": [ | ||
@@ -17,5 +17,5 @@ "dist/**" | ||
| "@babel/cli": "^7.4.4", | ||
| "@mashroom/mashroom": "1.0.92", | ||
| "@mashroom/mashroom-security": "1.0.92", | ||
| "@mashroom/mashroom-utils": "1.0.92", | ||
| "@mashroom/mashroom": "1.0.93", | ||
| "@mashroom/mashroom-security": "1.0.93", | ||
| "@mashroom/mashroom-utils": "1.0.93", | ||
| "eslint": "^5.16.0", | ||
@@ -57,3 +57,4 @@ "express": "^4.17.1", | ||
| "groupSearchFilter": "(objectClass=group)", | ||
| "groupToRoleMapping": "./groupToRoleMapping.json" | ||
| "groupToRoleMapping": "./groupToRoleMapping.json", | ||
| "authenticationTimeoutSec": 1200 | ||
| } | ||
@@ -60,0 +61,0 @@ } |
@@ -37,3 +37,4 @@ | ||
| "groupSearchFilter": "(objectClass=group)", | ||
| "groupToRoleMapping": "./groupToRoleMapping.json" | ||
| "groupToRoleMapping": "./groupToRoleMapping.json", | ||
| "authenticationTimeoutSec": 1200 | ||
| } | ||
@@ -54,2 +55,3 @@ } | ||
| * _groupToRoleMapping_: An optional JSON file that contains a user group to roles mapping | ||
| * _authenticationTimeoutSec_: The inactivity time after that the authentication expires. Since this plugin uses the session to store make sure the session _cookie.maxAge_ is greater than this value. | ||
@@ -56,0 +58,0 @@ For a server that requires TLS you have to provide a _tlsOptions_ object: |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.96%
17569
- Lines of code
- increased by5.84%
326
- Number of lines in readme file
- increased by2.3%
89