summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md1
-rw-r--r--config.json.example1
-rw-r--r--lib/config/default.js1
-rw-r--r--lib/config/environment.js1
-rw-r--r--lib/web/auth/ldap/index.js8
5 files changed, 11 insertions, 1 deletions
diff --git a/README.md b/README.md
index 0c276354..798e17e7 100644
--- a/README.md
+++ b/README.md
@@ -170,6 +170,7 @@ There are some configs you need to change in the files below
| HMD_LDAP_SEARCHBASE | `o=users,dc=example,dc=com` | LDAP directory to begin search from |
| HMD_LDAP_SEARCHFILTER | `(uid={{username}})` | LDAP filter to search with |
| HMD_LDAP_SEARCHATTRIBUTES | `displayName, mail` | LDAP attributes to search with (use comma to separate) |
+| HMD_LDAP_USERNAMEFIELD | `uid` | The LDAP field which is used as the username on HackMD |
| HMD_LDAP_TLS_CA | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
| HMD_LDAP_PROVIDERNAME | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
| HMD_SAML_IDPSSOURL | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth.md#saml-onelogin). |
diff --git a/config.json.example b/config.json.example
index 63eb443f..b243bf8d 100644
--- a/config.json.example
+++ b/config.json.example
@@ -71,6 +71,7 @@
"searchBase": "change this",
"searchFilter": "change this",
"searchAttributes": ["change this"],
+ "usernameField": "change this e.g. uid"
"tlsOptions": {
"changeme": "See https://nodejs.org/api/tls.html#tls_tls_connect_options_callback"
}
diff --git a/lib/config/default.js b/lib/config/default.js
index d04485ce..8d36db02 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -96,6 +96,7 @@ module.exports = {
searchBase: undefined,
searchFilter: undefined,
searchAttributes: undefined,
+ usernameField: undefined,
tlsca: undefined
},
saml: {
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 45a2b0e0..27e63591 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -71,6 +71,7 @@ module.exports = {
searchBase: process.env.HMD_LDAP_SEARCHBASE,
searchFilter: process.env.HMD_LDAP_SEARCHFILTER,
searchAttributes: toArrayConfig(process.env.HMD_LDAP_SEARCHATTRIBUTES),
+ usernameField: process.env.HMD_LDAP_USERNAMEFIELD,
tlsca: process.env.HMD_LDAP_TLS_CA
},
saml: {
diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js
index 9a63578a..cc0d29ad 100644
--- a/lib/web/auth/ldap/index.js
+++ b/lib/web/auth/ldap/index.js
@@ -24,9 +24,15 @@ passport.use(new LDAPStrategy({
}
}, function (user, done) {
var uuid = user.uidNumber || user.uid || user.sAMAccountName
+ var username = uuid
+
+ if (config.ldap.usernameField && user[config.ldap.usernameField]) {
+ username = user[config.ldap.usernameField]
+ }
+
var profile = {
id: 'LDAP-' + uuid,
- username: uuid,
+ username: username,
displayName: user.displayName,
emails: user.mail ? [user.mail] : [],
avatarUrl: null,