const passport = require(‘passport’);
const LdapStrategy = require(‘passport-ldapauth’);
module.exports = () => {
const ldapConfig = {
server: {
url: ‘ldaps://link:636’,
bindDN: ‘DC=link,DC=link’,
bindCredentials: ‘password’,
searchBase: ‘DC=link,DC=link’,
searchFilter: ‘(uid={{sAMAccountName}})’,
},
};
passport.use(‘ldap’, new LdapStrategy(ldapConfig, (user, done) => {
done(null, {
ldapDN: user.ldapDN,
ldapUsername: user.username,
});
}));
return {
initialize() {
return passport.initialize();
},
authenticate(ctx, next) {
return passport.authenticate(‘ldap’, { session: false }, (err, user, info) => {
if (err) {
return ctx.throw(401, err);
}
if (!user) {
return ctx.throw(401, ‘Invalid credentials’);
}
ctx.state.user = user;
return next();
})(ctx);
},
};
};