From 02e99277146d8bd912f2f19af1d3e94a6181d90d Mon Sep 17 00:00:00 2001
From: alecdwm
Date: Tue, 13 Dec 2016 22:31:35 +0100
Subject: Initial support for LDAP server authentication

Limitations as of this commit:

- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
  - instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
  because we aren't using oauth. The currently generated
  tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
---
 config.json.example | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'config.json.example')

diff --git a/config.json.example b/config.json.example
index 22fd5c92..642df4f6 100644
--- a/config.json.example
+++ b/config.json.example
@@ -45,6 +45,18 @@
             "clientID": "change this",
             "clientSecret": "change this"
         },
+        "ldap": {
+            "url": "ldap://change_this",
+            "bindDn": null,
+            "bindCredentials": null,
+            "tokenSecret": "change this",
+            "searchBase": "change this",
+            "searchFilter": "change this",
+            "searchAttributes": "change this",
+            "tlsOptions": {
+                "changeme": "See https://nodejs.org/api/tls.html#tls_tls_connect_options_callback"
+            }
+        },
         "imgur": {
             "clientID": "change this"
         }
-- 
cgit v1.2.3