summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoralecdwm2016-12-14 12:40:54 +0100
committeralecdwm2016-12-14 12:40:54 +0100
commitfc8d709afb8a0ff78f649c9ec3b405a68b56a3c0 (patch)
tree2b699e77f549e31c42ce4e3899360e13793a2537
parent30071637998097b25a36b69af3a1affe3c18bf23 (diff)
LDAP login improvements
- return bad request if no username or password given - return to referer url on auth success - flash error message on auth failure
Diffstat (limited to '')
-rw-r--r--app.js12
1 files changed, 9 insertions, 3 deletions
diff --git a/app.js b/app.js
index 44054961..e3ce93de 100644
--- a/app.js
+++ b/app.js
@@ -382,9 +382,15 @@ if (config.google) {
}
// ldap auth
if (config.ldap) {
- app.post('/auth/ldap', urlencodedParser,
- passport.authenticate('ldapauth', { successRedirect: '/' })
- );
+ app.post('/auth/ldap', urlencodedParser, function (req, res, next) {
+ if (!req.body.username || !req.body.password) return response.errorBadRequest(res);
+ setReturnToFromReferer(req);
+ passport.authenticate('ldapauth', {
+ successReturnToOrRedirect: config.serverurl + '/',
+ failureRedirect: config.serverurl + '/',
+ failureFlash: true
+ })(req, res, next);
+ });
}
// email auth
if (config.email) {