depau/HackMD
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Tokens not required for ldap auth

Browse source
This commit is contained in:
alecdwm 2016-12-14 11:50:10 +01:00
parent 6ba9a2f039
commit 3007163799
1 changed files with 30 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
lib/auth.js
View file

@ -135,10 +135,36 @@ if (config.ldap) {
provider: 'ldap', provider: 'ldap',
} }
var stringifiedProfile = JSON.stringify(profile); var stringifiedProfile = JSON.stringify(profile);
// TODO: Generate secure tokens for LDAP users models.User.findOrCreate({
var accessToken = 'debug-access-token|LDAP-' + user.uidNumber + '|' + config.ldap.tokenSecret + '|' + new Date().getTime(); where: {
var refreshToken = 'debug-refresh-token|LDAP-' + user.uidNumber + '|' + config.ldap.tokenSecret + '|' + new Date().getTime(); profileid: profile.id.toString()
callback(accessToken, refreshToken, profile, done); },
defaults: {
profile: stringifiedProfile,
}
}).spread(function (user, created) {
if (user) {
var needSave = false;
if (user.profile != stringifiedProfile) {
user.profile = stringifiedProfile;
needSave = true;
}
if (needSave) {
user.save().then(function () {
if (config.debug)
logger.info('user login: ' + user.id);
return done(null, user);
});
} else {
if (config.debug)
logger.info('user login: ' + user.id);
return done(null, user);
}
}
}).catch(function (err) {
logger.error('ldap auth failed: ' + err);
return done(err, null);
});
})); }));
} }
// email // email