sinopia-altldap
Advanced tools
Comparing version 0.0.1 to 0.0.2
29
index.js
@@ -1,2 +0,2 @@ | ||
var ldap = require('ldapjs'); | ||
var ldap = require("ldapjs"); | ||
@@ -15,15 +15,28 @@ module.exports = Auth; | ||
Auth.prototype.authenticate = function(user, password, callback) { | ||
var self = this; | ||
self._ldap_client.bind(user, password, function(error, res) { | ||
var self = this, domain = self._config.domain; | ||
if (domain) { | ||
if (user.indexOf('@') !== -1 && user.split("@").pop() !== domain) { | ||
self._logger.warn({user: user}, "Rejected auth due to invalid domain: @{user}"); | ||
return callback(null, false); | ||
} | ||
if (user.indexOf("@") === -1) { | ||
user += "@" + domain; | ||
} | ||
} | ||
self._ldap_client.bind(user, password, function(error) { | ||
var groups = []; | ||
if (error) { | ||
if (error.name === "InvalidCredentialsError") { | ||
self._logger.info({user: user}, "Invalid Credentials for user: @{user}"); | ||
self._logger.warn({user: user}, "Invalid Credentials for user: @{user}"); | ||
return callback(null, false); | ||
} else { | ||
self._logger.error({err: error}, "LDAP bind failed: @{err}"); | ||
return callback("Unable to authenticate against LDAP"); | ||
} | ||
self._logger.error({err: error}, "LDAP bind failed: @{err}"); | ||
return callback("Unable to authenticate against LDAP"); | ||
} | ||
return callback(null, [user]); | ||
if (domain) { | ||
groups.push(user.split("@")[0]); | ||
} | ||
groups.push(user); | ||
return callback(null, groups); | ||
}); | ||
} |
{ | ||
"name": "sinopia-altldap", | ||
"version": "0.0.1", | ||
"version": "0.0.2", | ||
"description": "Alternate LDAP Auth plugin for Sinopia", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
# sinopia-altldap | ||
An simpler alternative to [sinopia-ldap](https://github.com/rlidwka/sinopia-ldap) | ||
which doesn't require an ldap admin account. If you can performa a bind | ||
which doesn't require an ldap admin account. If you can perform a bind | ||
against the configured ldap url, you are granted access. | ||
@@ -23,2 +23,3 @@ | ||
type: ldap | ||
domain: example.com | ||
client_options: | ||
@@ -30,2 +31,5 @@ url: "ldaps://ldap.example.com" | ||
If the domain option is supplied it is appended to the username so that users don't have to type | ||
the full <user>@<domain> to login. | ||
client_options are passed directly to [ldap.createClient](http://ldapjs.org/client.html#create-a-client). | ||
@@ -38,3 +42,3 @@ | ||
```js | ||
require('sinopia-ldap')(config, stuff) | ||
require('sinopia-altldap')(config, stuff) | ||
``` | ||
@@ -41,0 +45,0 @@ |
3943
37
70