diff options
| author | Lukas Kalbertodt | 2017-12-09 11:17:06 +0100 |
|---|---|---|
| committer | Lukas Kalbertodt | 2017-12-09 12:30:48 +0100 |
| commit | 612b2d181145597257c082aa24456112bcc2aee3 (patch) | |
| tree | f0742d644f446c08d54e4c3ea283b0c59e8b6658 /lib | |
| parent | 1b7d621fd1bb691793550b024dde0fb41dda5a40 (diff) | |
Add setting `ldap.usernameField`
This determines which ldap field is used as the username on
HackMD. By default, the "id" is used as username, too. The id
is taken from the fields `uidNumber`, `uid` or
`sAMAccountName`. To give the user more flexibility, they can
now choose the field used for the username instead.
Diffstat (limited to '')
| -rw-r--r-- | lib/config/default.js | 1 | ||||
| -rw-r--r-- | lib/config/environment.js | 1 | ||||
| -rw-r--r-- | lib/web/auth/ldap/index.js | 8 |
3 files changed, 9 insertions, 1 deletions
diff --git a/lib/config/default.js b/lib/config/default.js index d04485ce..8d36db02 100644 --- a/lib/config/default.js +++ b/lib/config/default.js @@ -96,6 +96,7 @@ module.exports = { searchBase: undefined, searchFilter: undefined, searchAttributes: undefined, + usernameField: undefined, tlsca: undefined }, saml: { diff --git a/lib/config/environment.js b/lib/config/environment.js index b7b0e3f8..d1b26843 100644 --- a/lib/config/environment.js +++ b/lib/config/environment.js @@ -71,6 +71,7 @@ module.exports = { searchBase: process.env.HMD_LDAP_SEARCHBASE, searchFilter: process.env.HMD_LDAP_SEARCHFILTER, searchAttributes: process.env.HMD_LDAP_SEARCHATTRIBUTES, + usernameField: process.env.HMD_LDAP_USERNAMEFIELD, tlsca: process.env.HMD_LDAP_TLS_CA }, saml: { diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js index 9a63578a..cc0d29ad 100644 --- a/lib/web/auth/ldap/index.js +++ b/lib/web/auth/ldap/index.js @@ -24,9 +24,15 @@ passport.use(new LDAPStrategy({ } }, function (user, done) { var uuid = user.uidNumber || user.uid || user.sAMAccountName + var username = uuid + + if (config.ldap.usernameField && user[config.ldap.usernameField]) { + username = user[config.ldap.usernameField] + } + var profile = { id: 'LDAP-' + uuid, - username: uuid, + username: username, displayName: user.displayName, emails: user.mail ? [user.mail] : [], avatarUrl: null, |