1 | Fork of [node-ldapauth](https://github.com/trentm/node-ldapauth) - A simple node.js lib to authenticate against an LDAP server.
|
2 |
|
3 | ## About the fork
|
4 |
|
5 | This fork was originally created and published because of an urgent need to get newer version of [ldapjs](http://ldapjs.org/) in use to [passport-ldapauth](https://github.com/vesse/passport-ldapauth) since the newer version supported passing `tlsOptions` to the TLS module. Since then a lot of issues from the original module ([#2](https://github.com/trentm/node-ldapauth/issues/2), [#3](https://github.com/trentm/node-ldapauth/issues/3), [#8](https://github.com/trentm/node-ldapauth/issues/8), [#10](https://github.com/trentm/node-ldapauth/issues/10), [#11](https://github.com/trentm/node-ldapauth/issues/11), [#12](https://github.com/trentm/node-ldapauth/issues/12), [#13](https://github.com/trentm/node-ldapauth/pull/13)) have been fixed, and new features have been added as well.
|
6 |
|
7 | Multiple [ldapjs](http://ldapjs.org/) client options have been made available.
|
8 |
|
9 | ## Usage
|
10 |
|
11 | ```javascript
|
12 | var LdapAuth = require('ldapauth-fork');
|
13 | var options = {
|
14 | url: 'ldaps://ldap.example.com:636',
|
15 | ...
|
16 | };
|
17 | var auth = new LdapAuth(options);
|
18 | auth.on('error', function (err) {
|
19 | console.error('LdapAuth: ', err);
|
20 | });
|
21 | ...
|
22 | auth.authenticate(username, password, function(err, user) { ... });
|
23 | ...
|
24 | auth.close(function(err) { ... })
|
25 | ```
|
26 |
|
27 | ## Install
|
28 |
|
29 | npm install ldapauth-fork
|
30 |
|
31 |
|
32 | ## License
|
33 |
|
34 | MIT. See "LICENSE" file.
|
35 |
|
36 |
|
37 | ## `LdapAuth` Config Options
|
38 |
|
39 | [Use the source Luke](https://github.com/vesse/node-ldapauth-fork/blob/master/lib/ldapauth.js#L35-L99)
|
40 |
|
41 |
|
42 | ## express/connect basicAuth example
|
43 |
|
44 | ```javascript
|
45 | var basicAuth = require('basic-auth');
|
46 | var LdapAuth = require('ldapauth-fork');
|
47 |
|
48 | var ldap = new LdapAuth({
|
49 | url: "ldaps://ldap.example.com:636",
|
50 | bindDn: "uid=myadminusername,ou=users,o=example.com",
|
51 | bindCredentials: "mypassword",
|
52 | searchBase: "ou=users,o=example.com",
|
53 | searchFilter: "(uid={{username}})",
|
54 | reconnect: true
|
55 | });
|
56 |
|
57 | var rejectBasicAuth = function(res) {
|
58 | res.statusCode = 401;
|
59 | res.setHeader('WWW-Authenticate', 'Basic realm="Example"');
|
60 | res.end('Access denied');
|
61 | }
|
62 |
|
63 | var basicAuthMiddleware = function(req, res, next) {
|
64 | var credentials = basicAuth(req);
|
65 | if (!credentials) {
|
66 | return rejectBasicAuth(res);
|
67 | }
|
68 |
|
69 | ldap.authenticate(credentials.name, credentials.pass, function(err, user) {
|
70 | if (err) {
|
71 | return rejectBasicAuth(res);
|
72 | }
|
73 |
|
74 | req.user = user;
|
75 | next();
|
76 | });
|
77 | };
|
78 | ```
|