summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorLukas Kalbertodt2017-12-09 11:17:06 +0100
committerLukas Kalbertodt2017-12-09 12:30:48 +0100
commit612b2d181145597257c082aa24456112bcc2aee3 (patch)
treef0742d644f446c08d54e4c3ea283b0c59e8b6658 /lib
parent1b7d621fd1bb691793550b024dde0fb41dda5a40 (diff)
Add setting `ldap.usernameField`
This determines which ldap field is used as the username on HackMD. By default, the "id" is used as username, too. The id is taken from the fields `uidNumber`, `uid` or `sAMAccountName`. To give the user more flexibility, they can now choose the field used for the username instead.
Diffstat (limited to 'lib')
-rw-r--r--lib/config/default.js1
-rw-r--r--lib/config/environment.js1
-rw-r--r--lib/web/auth/ldap/index.js8
3 files changed, 9 insertions, 1 deletions
diff --git a/lib/config/default.js b/lib/config/default.js
index d04485ce..8d36db02 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -96,6 +96,7 @@ module.exports = {
searchBase: undefined,
searchFilter: undefined,
searchAttributes: undefined,
+ usernameField: undefined,
tlsca: undefined
},
saml: {
diff --git a/lib/config/environment.js b/lib/config/environment.js
index b7b0e3f8..d1b26843 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -71,6 +71,7 @@ module.exports = {
searchBase: process.env.HMD_LDAP_SEARCHBASE,
searchFilter: process.env.HMD_LDAP_SEARCHFILTER,
searchAttributes: process.env.HMD_LDAP_SEARCHATTRIBUTES,
+ usernameField: process.env.HMD_LDAP_USERNAMEFIELD,
tlsca: process.env.HMD_LDAP_TLS_CA
},
saml: {
diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js
index 9a63578a..cc0d29ad 100644
--- a/lib/web/auth/ldap/index.js
+++ b/lib/web/auth/ldap/index.js
@@ -24,9 +24,15 @@ passport.use(new LDAPStrategy({
}
}, function (user, done) {
var uuid = user.uidNumber || user.uid || user.sAMAccountName
+ var username = uuid
+
+ if (config.ldap.usernameField && user[config.ldap.usernameField]) {
+ username = user[config.ldap.usernameField]
+ }
+
var profile = {
id: 'LDAP-' + uuid,
- username: uuid,
+ username: username,
displayName: user.displayName,
emails: user.mail ? [user.mail] : [],
avatarUrl: null,