ldapauth - npm Package Compare versions

.npmignore

AUTHORS

CHANGES.md

Makefile

tools/cutarelease.py

tools/jsstyle

21

lib/cache.js

		@@ -7,8 +7,8 @@ /*
		* Usage:
		* var Cache = require("amon-common").Cache;
		* var Cache = require('amon-common').Cache;
		* // size, expiry, log, name
		* this.accountCache = new Cache( 100, 300, log, "account");
		* this.accountCache.set("hamish", {...});
		* this.accountCache = new Cache( 100, 300, log, 'account');
		* this.accountCache.set('hamish', {...});
		* ...
		* this.accountCache.get("hamish") // -> {...}
		* this.accountCache.get('hamish') // -> {...}
		*/
		@@ -36,3 +36,3 @@
		this.log = log;
		this.name = (name ? name + " " : "");
		this.name = (name ? name + ' ' : '');
		this.items = LRU(this.size);
		@@ -48,3 +48,3 @@ }
		if (this.log) {
		this.log.trace("%scache reset", this.name);
		this.log.trace('%scache reset', this.name);
		}
		@@ -60,3 +60,3 @@ this.items.reset();
		if (this.log) {
		this.log.trace("%scache hit: key='%s': %o", this.name, key, cached);
		this.log.trace('%scache hit: key="%s": %o', this.name, key, cached);
		}
		@@ -67,3 +67,3 @@ return cached.value;
		if (this.log) {
		this.log.trace("%scache miss: key='%s'", this.name, key);
		this.log.trace('%scache miss: key="%s"', this.name, key);
		}
		@@ -80,3 +80,3 @@ return null;
		if (this.log) {
		this.log.trace("%scache set: key='%s': %o", this.name, key, item);
		this.log.trace('%scache set: key="%s": %o', this.name, key, item);
		}
		@@ -89,3 +89,3 @@ this.items.set(key, item);
		if (this.log) {
		this.log.trace("%scache del: key='%s'", this.name, key);
		this.log.trace('%scache del: key="%s"', this.name, key);
		}
		@@ -97,2 +97,1 @@ this.items.del(key);
		module.exports = Cache;

95

lib/ldapauth.js

		@@ -1,2 +0,3 @@
		/* Copyright 2011 (c) Trent Mick.
		/**
		* Copyright 2011 (c) Trent Mick.
		*
		@@ -9,10 +10,5 @@ * LDAP auth.
		* ...
		* auth.authenticate(username, password, function(err, user) { ... });
		* auth.authenticate(username, password, function (err, user) { ... });
		* ...
		* auth.close(function(err) { ... })
		*
		* npm Dependencies:
		* ldapjs
		* lru-cache
		* log4js (optional)
		* auth.close(function (err) { ... })
		*/
		@@ -22,4 +18,5 @@
		var bcrypt = require('bcrypt');
		var ldap = require("ldapjs");
		var ldap = require('ldapjs');
		var debug = console.warn;
		var format = require('util').format;

		@@ -31,10 +28,11 @@
		*
		* @param opts {Object} Config options. Keys (required, unless says otherwise) are:
		* url {String} E.g. "ldaps://ldap.example.com:663"
		* adminDn {String} E.g. "uid=myapp,ou=users,o=example.com"
		* @param opts {Object} Config options. Keys (required, unless says
		* otherwise) are:
		* url {String} E.g. 'ldaps://ldap.example.com:663'
		* adminDn {String} E.g. 'uid=myapp,ou=users,o=example.com'
		* adminPassword {String} Password for adminDn.
		* searchBase {String} The base DN from which to search for users by
		* username. E.g. "ou=users,o=example.com"
		* username. E.g. 'ou=users,o=example.com'
		* searchFilter {String} LDAP search filter with which to find a user by
		* username, e.g. "(uid={{username}})". Use the literal "{{username}}"
		* username, e.g. '(uid={{username}})'. Use the literal '{{username}}'
		* to have the given username be interpolated in for the LDAP
		@@ -57,8 +55,8 @@ * search.
		assert.ok(opts.searchFilter);

		this.log = opts.log4js && opts.log4js.getLogger("ldapauth");


		this.log = opts.log4js && opts.log4js.getLogger('ldapauth');

		if (opts.cache) {
		var Cache = require("./cache");
		this.userCache = new Cache(100, 300, this.log, "user");
		var Cache = require('./cache');
		this.userCache = new Cache(100, 300, this.log, 'user');
		}
		@@ -74,3 +72,3 @@

		this._salt = bcrypt.gen_salt_sync();
		this._salt = bcrypt.genSaltSync();
		}
		@@ -83,3 +81,3 @@
		} else {
		this._adminClient.unbind(function(err) {
		this._adminClient.unbind(function (err) {
		callback(err);
		@@ -99,5 +97,6 @@ });
		var self = this;
		this._adminClient.bind(this.opts.adminDn, this.opts.adminPassword, function (err) {
		this._adminClient.bind(this.opts.adminDn, this.opts.adminPassword,
		function (err) {
		if (err) {
		self.log && self.log.trace("ldap authenticate: bind error: %s", err);
		self.log && self.log.trace('ldap authenticate: bind error: %s', err);
		return callback(err);
		@@ -121,23 +120,26 @@ }
		self._adminBind(function (err) {
		if (err) return callback(err);

		var searchFilter = self.opts.searchFilter.replace("{{username}}", username);
		var opts = {filter: searchFilter, scope: "sub"};
		self._adminClient.search(self.opts.searchBase, opts, function (err, result) {
		if (err)
		return callback(err);

		var searchFilter = self.opts.searchFilter.replace('{{username}}', username);
		var opts = {filter: searchFilter, scope: 'sub'};
		self._adminClient.search(self.opts.searchBase, opts,
		function (err, result) {
		if (err) {
		self.log && self.log.trace("ldap authenticate: search error: %s", err);
		self.log && self.log.trace('ldap authenticate: search error: %s', err);
		return callback(err);
		}
		var items = [];
		result.on('searchEntry', function(entry) {
		result.on('searchEntry', function (entry) {
		items.push(entry.object);
		});
		result.on('error', function(err) {
		self.log && self.log.trace("ldap authenticate: search error event: %s", err);
		result.on('error', function (err) {
		self.log && self.log.trace(
		'ldap authenticate: search error event: %s', err);
		return callback(err);
		});
		result.on('end', function(result) {
		result.on('end', function (result) {
		if (result.status !== 0) {
		var err = "non-zero status from LDAP search: " + result.status;
		self.log && self.log.trace("ldap authenticate: %s", err);
		var err = 'non-zero status from LDAP search: ' + result.status;
		self.log && self.log.trace('ldap authenticate: %s', err);
		return callback(err);
		@@ -151,4 +153,5 @@ }
		default:
		return callback("unexpected number of matches (" + items.length
		+ ") for '" + username + "' username");
		return callback(format(
		'unexpected number of matches (%s) for "%s" username',
		items.length, username));
		}
		@@ -166,23 +169,25 @@ });
		var self = this;


		if (self.opts.cache) {
		// Check cache. "cached" is `{password: <hashed-password>, user: <user>}`.
		// Check cache. 'cached' is `{password: <hashed-password>, user: <user>}`.
		var cached = self.userCache.get(username);
		if (cached && bcrypt.compare_sync(password, cached.password)) {
		if (cached && bcrypt.compareSync(password, cached.password)) {
		return callback(null, cached.user)
		}
		}


		// 1. Find the user DN in question.
		self._findUser(username, function (err, user) {
		if (err) return callback(err);
		if (!user) return callback("no such user: '" + username + "'");
		if (err)
		return callback(err);
		if (!user)
		return callback(format('no such user: "%s"', username));
		// 2. Attempt to bind as that user to check password.
		self._userClient.bind(user.dn, password, function (err) {
		if (err) {
		self.log && self.log.trace("ldap authenticate: bind error: %s", err);
		self.log && self.log.trace('ldap authenticate: bind error: %s', err);
		return callback(err);
		}
		if (self.opts.cache) {
		bcrypt.encrypt(password, self._salt, function(err, hash) {
		bcrypt.hash(password, self._salt, function (err, hash) {
		self.userCache.set(username, {password: hash, user: user});
		@@ -189,0 +194,0 @@ return callback(null, user);

6

package.json

		{
		"name": "ldapauth",
		"version": "1.0.2",
		"version": "2.0.0",
		"main": "./lib/ldapauth.js",
		@@ -11,3 +11,3 @@ "description": "Authenticate against an LDAP server",
		},
		"keywords": ["authenticate", "ldap"],
		"keywords": ["authenticate", "ldap", "authentication", "auth"],
		"repository": {
		@@ -19,5 +19,5 @@ "type": "git",
		"ldapjs": "0.3",
		"bcrypt": "0.4",
		"bcrypt": "0.5",
		"lru-cache": "1.0.5"
		}
		}

49

README.md

		@@ -31,1 +31,50 @@ A simple node.js lib to authenticate against an LDAP server.
		[Use the source Luke](https://github.com/trentm/node-ldapauth/blob/master/lib/ldapauth.js#L25-45)


		# express/connect basicAuth example

		var connect = require('connect');
		var LdapAuth = require('ldapauth');

		// Config from a .json or .ini file or whatever.
		var config = {
		ldap: {
		url: "ldaps://ldap.example.com:663",
		adminDn: "uid=myadminusername,ou=users,o=example.com",
		adminPassword: "mypassword",
		searchBase: "ou=users,o=example.com",
		searchFilter: "(uid={{username}})"
		}
		};

		var ldap = new LdapAuth({
		url: config.ldap.url,
		adminDn: config.ldap.adminDn,
		adminPassword: config.ldap.adminPassword,
		searchBase: config.ldap.searchBase,
		searchFilter: config.ldap.searchFilter,
		//log4js: require('log4js'),
		cache: true
		});

		var basicAuthMiddleware = connect.basicAuth(function (username, password, callback) {
		ldap.authenticate(username, password, function (err, user) {
		if (err) {
		console.log("LDAP auth error: %s", err);
		}
		callback(err, user)
		});
		});


		# Development

		Check coding style before commit:

		make check

		To cut a release (tagging, npm publish, etc., see
		<https://github.com/trentm/cutarelease> for details):

		make cutarelease

.gitignore

Improved metrics

Dependency changes