Home Explore Help
Sign In
mirrors
/
wikijs
mirror of https://github.com/Requarks/wiki.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 4643336e9d
Branches Tags
wikijs
/
server
/
modules
/
authentication
/
ldap.js

ldap.js 1.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. /* global WIKI */
    2. 

  2. 

  3. // ------------------------------------
    4. 

  4. // LDAP Account
    5. 

  5. // ------------------------------------
    6. 

  6. 

  7. const LdapStrategy = require('passport-ldapauth').Strategy
    8. 

  8. const fs = require('fs')
    9. 

  9. 

  10. module.exports = {
    11. 

  11.   key: 'ldap',
    12. 

  12.   title: 'LDAP / Active Directory',
    13. 

  13.   useForm: true,
    14. 

  14.   props: {
    15. 

  15.     url: {
    16. 

  16.       type: String,
    17. 

  17.       default: 'ldap://serverhost:389'
    18. 

  18.     },
    19. 

  19.     bindDn: {
    20. 

  20.       type: String,
    21. 

  21.       default: `cn='root'`
    22. 

  22.     },
    23. 

  23.     bindCredentials: String,
    24. 

  24.     searchBase: {
    25. 

  25.       type: String,
    26. 

  26.       default: 'o=users,o=example.com'
    27. 

  27.     },
    28. 

  28.     searchFilter: {
    29. 

  29.       type: String,
    30. 

  30.       default: '(uid={{username}})'
    31. 

  31.     },
    32. 

  32.     tlsEnabled: {
    33. 

  33.       type: Boolean,
    34. 

  34.       default: false
    35. 

  35.     },
    36. 

  36.     tlsCertPath: String
    37. 

  37.   },
    38. 

  38.   init (passport, conf) {
    39. 

  39.     passport.use('ldapauth',
    40. 

  40.       new LdapStrategy({
    41. 

  41.         server: {
    42. 

  42.           url: conf.url,
    43. 

  43.           bindDn: conf.bindDn,
    44. 

  44.           bindCredentials: conf.bindCredentials,
    45. 

  45.           searchBase: conf.searchBase,
    46. 

  46.           searchFilter: conf.searchFilter,
    47. 

  47.           searchAttributes: ['displayName', 'name', 'cn', 'mail'],
    48. 

  48.           tlsOptions: (conf.tlsEnabled) ? {
    49. 

  49.             ca: [
    50. 

  50.               fs.readFileSync(conf.tlsCertPath)
    51. 

  51.             ]
    52. 

  52.           } : {}
    53. 

  53.         },
    54. 

  54.         usernameField: 'email',
    55. 

  55.         passReqToCallback: false
    56. 

  56.       }, (profile, cb) => {
    57. 

  57.         profile.provider = 'ldap'
    58. 

  58.         profile.id = profile.dn
    59. 

  59.         WIKI.db.users.processProfile(profile).then((user) => {
    60. 

  60.           return cb(null, user) || true
    61. 

  61.         }).catch((err) => {
    62. 

  62.           return cb(err, null) || true
    63. 

  63.         })
    64. 

  64.       }
    65. 

  65.       ))
    66. 

  66.   }
    67. 

  67. }
    68.