ep_ldapauth - npm Package Compare versions

Comparing version 0.1.0 to 0.2.0

ep_ldapauth.js

@@ -31,4 +31,4 @@ // Copyright 2013 Andrew Grimberg <tykeal@bardicgrove.org>
     var userpass = new Buffer(context.req.headers.authorization.split(' ')[1], 'base64').toString().split(":");
-    var username = userpass[0];
-    var password = userpass[1];
+    var username = userpass.shift();
+    var password = userpass.join(':');
     var express_sid = context.req.sessionID;
@@ -59,3 +59,9 @@
       // User authenticated, save off some information needed for authorization
-      context.req.session.user = { username: username, displayName: user.cn };
+      context.req.session.user = { username: username };
+      if ('displayNameAttribute' in settings.users.ldapauth && settings.users.ldapauth.displayNameAttribute in user) {
+        context.req.session.user['displayName']=user[settings.users.ldapauth.displayNameAttribute];
+      }
+      else if ('cn' in user) {
+        context.req.session.user['displayName']=user.cn;
+      }
       if (settings.users.ldapauth.groupAttributeIsDN) {
@@ -79,3 +85,3 @@ context.req.session.user.userDN = user.dn;
   }
-}
+};
 
@@ -85,2 +91,8 @@ exports.authorize = function(hook_name, context, cb) {
 
+  if(settings.users.ldapauth.anonymousReadonly &&
+      /^\/(p\/r\..{16}|locales.json|static|javascripts|pluginfw|favicon.ico)/.test(context.resource)) {
+    console.debug('ep_ldapauth.authorize.anonymous: authorizing static path %s', context.resource);
+    return cb([true]);
+  }
+
   userDN = null;
@@ -99,3 +111,3 @@
 
-  if (context.resource.match(/^\/(static|javascripts|pluginfw|favicon.ico|api)/)) {
+  if (/^\/(static|javascripts|pluginfw|favicon.ico|api)/.test(context.resource)) {
     console.debug('ep_ldapauth.authorize: authorizing static path %s', context.resource);
@@ -160,3 +172,3 @@ return cb([true]);
   }
-}
+};
 
@@ -170,5 +182,11 @@ exports.handleMessage = function(hook_name, context, cb) {
       var client_id = context.client.id;
-      var displayName = context.client.manager.handshaken[client_id].session.user.displayName;
-      console.debug('ep_ldapauth.handleMessage: intercepted CLIENT_READY message for client_id = %s, setting username for token %s to %s', client_id, context.message.token, displayName);
-      ldapauthSetUsername(context.message.token, displayName);
+      if ('user' in context.client.manager.handshaken[client_id].session) {
+        var displayName = context.client.manager.handshaken[client_id].session.user.displayName;
+        if(settings.users.ldapauth.anonymousReadonly && !displayName) displayName = 'guest';
+        console.debug('ep_ldapauth.handleMessage: intercepted CLIENT_READY message for client_id = %s, setting username for token %s to %s', client_id, context.message.token, displayName);
+        ldapauthSetUsername(context.message.token, displayName);
+      }
+      else {
+        console.debug('ep_ldapauth.handleMessage: intercepted CLIENT_READY but user does have displayName !');
+      }
     }
@@ -180,4 +198,4 @@ } else if ( context.message.type == "COLLABROOM" && context.message.data.type == "USERINFO_UPDATE" ) {
   return cb([context.message]);
-}
+};
 
 // vim: sw=2 ts=2 sts=2 et ai

lib/MyLdapAuth.js

@@ -46,3 +46,3 @@ // Copyright 2013 Andrew Grimberg <tykeal@bardicgrove.org>
 
-  this.log = opts.log4js && opts.jog4js.getLogger('ldapauth');
+  this.log = opts.log4js && opts.log4js.getLogger('ldapauth');
 
@@ -212,6 +212,11 @@ var clientOpts = {url: opts.url};
           case 1:
-            if (items[0].member.some(function (item) {
-              return (item === usersearch);
-            })) {
-              return cb(null, items[0]);
+            if (self.opts.groupAttribute in items[0]) {
+              if (typeof items[0][self.opts.groupAttribute] === 'string') {
+                items[0][self.opts.groupAttribute]=new Array(items[0][self.opts.groupAttribute]);
+              }
+              if (items[0][self.opts.groupAttribute].some(function (item) {
+                return (item === usersearch);
+              })) {
+                return cb(null, items[0]);
+              }
             }
@@ -218,0 +223,0 @@

package.json

@@ -5,3 +5,3 @@ {
   "author": "Andrew Grimberg <agrimberg@linuxfoundation.org>",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "license": "GPLv2",
@@ -8,0 +8,0 @@ "repository": {

README.md

@@ -16,2 +16,3 @@ # Etherpad lite LDAP authentication and authorization
             "accountPattern": "(&(objectClass=*)(uid={{username}}))",
+            "displayNameAttribute": "cn",
             "searchDN": "uid=searchuser,dc=example,dc=com",
@@ -23,3 +24,4 @@ "searchPWD": "supersecretpassword",
             "searchScope": "sub",
-            "groupSerach": "(&(cn=admin)(objectClass=groupOfNames))"
+            "groupSearch": "(&(cn=admin)(objectClass=groupOfNames))"
+            "anonymousReadonly": false
         }
@@ -26,0 +28,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

35255

increased by4.93%

Number of package files

8

increased by14.29%

Lines of code

404

increased by5.76%

Number of lines in readme file

31

increased by6.9%

No dependency changes