Authenticate a Node application with LDAP
·1 min
This post demonstrates how to authenticate a user against LDAP.
Let’s start by installing basic-auth and ldapauth-fork packages
npm install ldapauth-fork
npm install basic-auth
Steps for implementation;
- Add packages
- Create an
LDAPvariable with authentication configuration - Basic auth should prompt for your username and password. Once the user is found, verify the given password by trying to bind the user client with the found LDAP user object and the given password.
const auth = require("basic-auth");
var LdapAuth = require("ldapauth-fork");
var ldap = new LdapAuth({
url: "ldap://ldap-url:389",
bindDN: "uid=rc,ou=AppAccounts,ou=People,ou=Entsys,dc=example.com",
bindCredentials: "credentials",
searchBase: "ou=entsys,dc=example.com",
searchFilter: "(uid={{username}})",
reconnect: true
});
app.use("/API/admin/", (req, res, next) => {
const credentials = auth(req);
if (credentials) {
LDAP.authenticate(credentials.name, credentials.pass, function(err, user) {
if (err) {
console.log(err.message);
return res
.status("401")
.set({ "WWW-Authenticate": 'Basic realm="Access Denied"' })
.end("access denied");
}
req.user = user;
next();
});
} else {
return res
.status("401")
.set({ "WWW-Authenticate": 'Basic realm="Access Denied"' })
.end("access denied");
}
});
Visit basic-auth, ldapauth-fork packages for more information on configuration.