Nonflavored Prescription Medicine
    Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »

    passport-ldaplngpublic

    passport-ldapauth

    Passport authentication strategy against LDAP server. This module is a Passport strategy wrapper for ldapauth-fork

    Usage

    var LdapStrategy = require('passport-ldapauth').Strategy;
     
    passport.use(new LdapStrategy({
        server: {
          url: 'ldap://localhost:389',
          ...
        }
      }));

    If you wish to e.g. do some additional verification or initialize user data to local database you may supply a verify callback which accepts user object and then calls the done callback supplying a user, which should be set to false if user is not allowed to authenticate. If an exception occured, err should be set.

    var LdapStrategy = require('passport-ldapauth').Strategy;
     
    passport.use(new LdapStrategy({
        server: {
          url: 'ldap://localhost:389',
          ...
        }
      },
      function(user, done) {
        ...
        return done(null, user);
      }
    ));

    Install

    npm install passport-ldapauth

    Status

    Build Status Dependency Status

    Configuration options

    • server: LDAP settings. These are passed directly to ldapauth-fork. See its documentation for all available options.

      • url: e.g. ldap://localhost:389
      • adminDn: e.g. cn='root'
      • adminPassword: Password for adminDn
      • searchBase: e.g. o=users,o=example.com
      • searchFilter: LDAP search filter, e.g. (uid={{username}}). Use literal {{username}} to have the given username used in the search.
      • searchAttributes: Optional array of attributes to fetch from LDAP server, e.g. ['displayName', 'mail']. Defaults to undefined, i.e. fetch all attributes
      • tlsOptions: Optional object with options accepted by Node.js tls module.
    • usernameField: Field name where the username is found, defaults to username

    • passwordField: Field name where the password is found, defaults to password

    • passReqToCallback: When true, req is the first argument to the verify callback (default: false):

        passport.use(new LdapStrategy(..., function(req, user, done) {
            ...
            done(null, user);
          }
        ));
      

    Express example

    var express      = require('express'),
        passport     = require('passport'),
        LdapStrategy = require('passport-ldapauth').Strategy;
     
    var OPTS = {
      server: {
        url: 'ldap://localhost:389',
        adminDn: 'cn=root',
        adminPassword: 'secret',
        searchBase: 'ou=passport-ldapauth',
        searchFilter: '(uid={{username}})'
      }
    };
     
    var app = express();
     
    passport.use(new LdapStrategy(OPTS));
     
    app.configure(function() {
      app.use(express.bodyParser());
      app.use(passport.initialize());
    });
     
    app.post('/login', passport.authenticate('ldapauth', {session: false}), function(req, res) {
      res.send({status: 'ok'});
    });
     
    app.listen(8080);

    Active Directory over SSL example

    Simple example config for connecting over ldaps:// to a server requiring some internal CA certificate (often the case in corporations using Windows AD).

    var fs = require('fs');
     
    var opts = {
      server: {
        url: 'ldaps://ad.corporate.com:636',
        adminDn: 'non-person@corporate.com',
        adminPassword: 'secret',
        searchBase: 'dc=corp,dc=corporate,dc=com',
        searchFilter: '(&(objectcategory=person)(objectclass=user)(|(samaccountname={{username}})(mail={{username}})))',
        searchAttributes: ['displayName', 'mail'],
        tlsOptions: {
          ca: [
            fs.readFileSync('/path/to/root_ca_cert.crt')
          ]
        }
      }
    };
    ...

    Asynchronous configuration retrieval

    Instead of providing a static configuration object, you can pass to the LdapStrategy a function that will take care of fetching the configuration.

    Example (here process.nextTick illustrates the asynchronous workings; in a real world this will for example be a database query):

    function getLDAPConfiguration(callback) {
      process.nextTick(function() {
        var opts = {
          server: {
            url: 'ldap://localhost:389',
            adminDn: 'cn=root',
            adminPassword: 'secret',
            searchBase: 'ou=passport-ldapauth',
            searchFilter: '(uid={{username}})'
          }
        };
        callback(null, opts);
      });
    }
     
    var LdapStrategy = require('passport-ldapauth').Strategy;
     
    passport.use(new LdapStrategy(getLDAPConfiguration,
      function(user, done) {
        ...
        return done(null, user);
      }
    ));

    License

    MIT

    install

    npm i passport-ldaplng

    Downloadsweekly downloads

    64

    version

    0.3.0

    license

    MIT

    repository

    github.com

    last publish

    collaborators

    • avatar