Waterlock ActiveDirectory Auth
waterlock-activedirectory-auth is a module for waterlock providing a ActiveDirectory authentication method for users either based on username or email.
Build upon Waterlock Local Auth and ActiveDirectory for Node.
Usage
npm install waterlock-activedirectory-auth
set the following option in your waterlock.js
config file
authMethod: name: "waterlock-activedirectory-auth" url: string baseDN: string bindDN: string bindCredentials: string passwordReset: tokens: boolean // object containing information regarding password resets // object containing information about your smtp server, see nodemailer mail: options: string // how it is use te transport method, see nodemailer from: string // the from address subject: string // the email subject for password reset emails forwardUrl: string // the url to send the user to after they have clicked the password reset link in their inbox (e.g. a form on your site which POST to `/auth/reset`) // object containing template information for the reset emails template: file: string // the relative path to the `jade` template for the reset emails vars: object // object containing any vars you want passed to the template for rendering createOnNotFound: boolean // should local auth try to create the user on a failed login attempt, good if you do not want to implement a registration form. ldap: url: string // A valid LDAP URL (proto/host/port only) ie. 'ldap://dc.domain.com', baseDN: string // The alternative baseDN to use than the one specified in the ctor. ie. 'dc=domain,dc=com', username: string // ie. 'username@domain.com', password: string // ie. 'password' // Addtional params here: https://github.com/gheeres/node-activedirectory
Auth Model
Local auth adds the following attributes onto the Auth model
email: type: 'email' unique: true password: type: 'STRING' minLength: 8 resetToken: model: 'resetToken'
with the way waterlock is designed and this model you can override any of these attributes, also if you want to use a username instead of an email address you can drop in the username
attribute which is a signification key causing local auth to use that to authenticate.