LDAP login improvements

- return bad request if no username or password given - return to referer url on auth success - flash error message on auth failure
author: alecdwm 2016-12-14 12:40:54 +0100
committer: alecdwm 2016-12-14 12:40:54 +0100
commit: fc8d709afb8a0ff78f649c9ec3b405a68b56a3c0 (patch)
tree: 2b699e77f549e31c42ce4e3899360e13793a2537 /app.js
parent: 30071637998097b25a36b69af3a1affe3c18bf23 (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/app.js b/app.js
index 44054961..e3ce93de 100644
--- a/app.js
+++ b/app.js
@@ -382,9 +382,15 @@ if (config.google) {
 }
 // ldap auth
 if (config.ldap) {
-    app.post('/auth/ldap', urlencodedParser,
-        passport.authenticate('ldapauth', { successRedirect: '/' })
-    );
+    app.post('/auth/ldap', urlencodedParser, function (req, res, next) {
+        if (!req.body.username || !req.body.password) return response.errorBadRequest(res);
+        setReturnToFromReferer(req);
+        passport.authenticate('ldapauth', {
+            successReturnToOrRedirect: config.serverurl + '/',
+            failureRedirect: config.serverurl + '/',
+            failureFlash: true
+        })(req, res, next);
+    });
 }
 // email auth
 if (config.email) {
author	alecdwm	2016-12-14 12:40:54 +0100
committer	alecdwm	2016-12-14 12:40:54 +0100
commit	fc8d709afb8a0ff78f649c9ec3b405a68b56a3c0 (patch)
tree	2b699e77f549e31c42ce4e3899360e13793a2537 /app.js
parent	30071637998097b25a36b69af3a1affe3c18bf23 (diff)