GitHunt
MI

mintbridge/passport-ldap

LDAP authentication strategy for Passport and Node.js

Passport-LDAP

Passport strategy for authenticating against an OpenLDAP
server.

This module lets you authenticate against an OpenLDAP server in your Node.js applications.
By plugging into Passport, LDAP authentication can be easily and
unobtrusively integrated into any application or framework that supports
Connect-style middleware, including
Express.

Install

$ npm install passport-ldap

Usage

Configure Strategy

The LDAP authentication strategy authenticates requests by delegating to the
given ldap server using the openldap protocol.

The strategy requires a verify callback which accepts a user profile entry
from the directory, and then calls the done callback supplying a user.

    passport.use(new LDAPStrategy({
        server: {
          url: 'ldap://0.0.0.0:1389'
        },
        base: 'cn=users,dc=example,dc=local',
        search: {
          filter: '(&(l=Seattle)(email=*@foo.com))',
         }
      },
      function(profile, done) {
        return done(null, JSON.parse(profile));
      }
    ));

Authenticate Requests

Use passport.authenticate(), specifying the 'ldap' strategy, to
authenticate requests.

For example, as route middleware in an Express
application:

    app.get('/auth/login',
      passport.authenticate('facebook'));

    app.post('/auth/ldap',
      passport.authenticate('ldap', {
        successRedirect: '/',
        failureRedirect: '/auth/login/'
      })
    );

Profile Fields

Option Type Default Description
server Object {url:''} Set the server URL in the format of {url:'url.com:port'}
usernameField String 'user' Set the field to use for the username from the request sent
passwordField String 'pwd' Set the field to use for the password from the request sent
base `String Array` ''
search Object {filter:''} Object containing search options
authOnly Boolean false Whether to only get a successfull authentication with the server without returning the LDAP user
authMode Number 1 Used to differentiate between a Windows 0 or Unix LDAP server 1
uidTag String uid Linux OpenLDAP uid, Sun Solaris cn
debug Boolean false Enable/disable debug messages

Examples

For a complete working example refer to the passport example.

Tests

$ npm install --dev
$ make test

Build Status

Credits

License

The MIT License

Copyright (c) 2011-2013 Paul Dixon <http://www.mintbridge.co.uk/>

Languages

JavaScript100.0%

Contributors

MIZINI
MIT License
Created February 24, 2013
Updated July 19, 2022