1 files changed, 58 insertions, 1 deletions

diff --git a/lib/auth.js b/lib/auth.js
index f167cede..4b14e42c 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -7,6 +7,7 @@ var GithubStrategy = require('passport-github').Strategy;
 var GitlabStrategy = require('passport-gitlab2').Strategy;
 var DropboxStrategy = require('passport-dropbox-oauth2').Strategy;
 var GoogleStrategy = require('passport-google-oauth20').Strategy;
+var LdapStrategy = require('passport-ldapauth');
 var LocalStrategy = require('passport-local').Strategy;
 var validator = require('validator');
 
@@ -110,6 +111,62 @@ if (config.google) {
         callbackURL: config.serverurl + '/auth/google/callback'
     }, callback));
 }
+// ldap
+if (config.ldap) {
+    passport.use(new LdapStrategy({
+        server: {
+            url: config.ldap.url || null,
+            bindDn: config.ldap.bindDn || null,
+            bindCredentials: config.ldap.bindCredentials || null,
+            searchBase: config.ldap.searchBase || null,
+            searchFilter: config.ldap.searchFilter || null,
+            searchAttributes: config.ldap.searchAttributes || null,
+            tlsOptions: config.ldap.tlsOptions || null
+        },
+    },
+    function(user, done) {
+        var profile = {
+            id: 'LDAP-' + user.uidNumber,
+            username: user.uid,
+            displayName: user.displayName,
+            emails: user.mail ? [user.mail] : [],
+            avatarUrl: null,
+            profileUrl: null,
+            provider: 'ldap',
+        }
+        var stringifiedProfile = JSON.stringify(profile);
+        models.User.findOrCreate({
+            where: {
+                profileid: profile.id.toString()
+            },
+            defaults: {
+                profile: stringifiedProfile,
+            }
+        }).spread(function (user, created) {
+            if (user) {
+                var needSave = false;
+                if (user.profile != stringifiedProfile) {
+                    user.profile = stringifiedProfile;
+                    needSave = true;
+                }
+                if (needSave) {
+                    user.save().then(function () {
+                        if (config.debug)
+                            logger.info('user login: ' + user.id);
+                        return done(null, user);
+                    });
+                } else {
+                    if (config.debug)
+                        logger.info('user login: ' + user.id);
+                    return done(null, user);
+                }
+            }
+        }).catch(function (err) {
+            logger.error('ldap auth failed: ' + err);
+            return done(err, null);
+        });
+    }));
+}
 // email
 if (config.email) {
     passport.use(new LocalStrategy({
@@ -130,4 +187,4 @@ if (config.email) {
             return done(err);
         });
     }));
-}
\ No newline at end of file
+}