Product
Introducing SSO
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
sinopia-altldap
Advanced tools
Readme
Alternative to sinopia-ldap which doesn't require an ldap admin account. If you can perform a bind against the configured ldap url, you are granted access.
$ npm install sinopia
$ npm install sinopia-altldap
Add to your config.yaml
:
auth:
altldap:
type: ldap
domain: example.com
client_options:
url: "ldaps://ldap.example.com"
tlsOptions:
rejectUnauthorized: False
If the domain
option is supplied it is appended to the username so that users don't have to type
the full <user>@<domain>
to login.
client_options
are passed directly to ldap.createClient.
It's called as:
require('sinopia-altldap')(config, stuff)
Where:
This should export two functions:
adduser(user, password, cb)
It should respond with:
cb(err)
in case of an error (error will be returned to user)cb(null, false)
in case registration is disabled (next auth plugin will be executed)cb(null, true)
in case user registered successfullyIt's useful to set err.status
property to set http status code (e.g. err.status = 403
).
authenticate(user, password, cb)
It should respond with:
cb(err)
in case of a fatal error (error will be returned to user, keep those rare)cb(null, false)
in case user not authenticated (next auth plugin will be executed)cb(null, [groups])
in case user is authenticatedGroups is an array of all users/usergroups this user has access to. You should probably include username itself here.
FAQs
Alternate LDAP Auth plugin for Sinopia
The npm package sinopia-altldap receives a total of 3 weekly downloads. As such, sinopia-altldap popularity was classified as not popular.
We found that sinopia-altldap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.