Initial support for LDAP server authentication

Limitations as of this commit: - tlsOptions can only be specified in config.json, not as env vars - authentication failures are not yet gracefully handled by the UI - instead the error message is shown on a blank page (/auth/ldap) - no email address is associated with the LDAP user's account - no picture/profile URL is associated with the LDAP user's account - we might have to generate our own access + refresh tokens, because we aren't using oauth. The currently generated tokens are just a placeholder. - 'LDAP Sign in' needs to be translated to each locale
author: alecdwm 2016-12-13 22:31:35 +0100
committer: alecdwm 2016-12-13 22:41:07 +0100
commit: 02e99277146d8bd912f2f19af1d3e94a6181d90d (patch)
tree: 01140b215f4defc46ec28f599d27ebe31dbf2915 /app.js
parent: 8095f8cc983bbed532db7eee9f7f5a64e910b731 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/app.js b/app.js
index 0d78a153..44054961 100644
--- a/app.js
+++ b/app.js
@@ -380,6 +380,12 @@ if (config.google) {
             failureRedirect: config.serverurl + '/'
         }));
 }
+// ldap auth
+if (config.ldap) {
+    app.post('/auth/ldap', urlencodedParser,
+        passport.authenticate('ldapauth', { successRedirect: '/' })
+    );
+}
 // email auth
 if (config.email) {
     app.post('/register', urlencodedParser, function (req, res, next) {
author	alecdwm	2016-12-13 22:31:35 +0100
committer	alecdwm	2016-12-13 22:41:07 +0100
commit	02e99277146d8bd912f2f19af1d3e94a6181d90d (patch)
tree	01140b215f4defc46ec28f599d27ebe31dbf2915 /app.js
parent	8095f8cc983bbed532db7eee9f7f5a64e910b731 (diff)