refactor test ldap credentials api

lib/form/index.js

@@ -7,7 +7,6 @@ module.exports = {
   me: {
     user: require('./me/user'),
     password: require('./me/password'),
-    associateLdapAccount: require('./me/associate-ldap'),
     imagetype: require('./me/imagetype'),
     apiToken: require('./me/apiToken'),
   },

lib/form/me/associate-ldap.js

@@ -1,9 +0,0 @@
-'use strict';
-
-var form = require('express-form')
-  , field = form.field;
-
-module.exports = form(
-  field('loginForm.username').required(),
-  field('loginForm.password').required().is(/^[\x20-\x7F]{6,}$/)
-);

lib/routes/index.js

@@ -38,6 +38,7 @@ module.exports = function(crowi, app) {
   // switch POST /login route
   if (Config.isEnabledPassport(config)) {
     app.post('/login'                , form.login                           , csrf, loginPassport.loginWithLocal, loginPassport.loginWithLdap, loginPassport.loginFailure);
+    app.post('/_api/login/testLdap'  , loginRequired(crowi, app) , form.login , loginPassport.testLdapCredentials);
   }
   else {
     app.post('/login'                , form.login                           , csrf, login.login);
@@ -113,8 +114,7 @@ module.exports = function(crowi, app) {
   if (Config.isEnabledPassport(config)) {
     app.get('/me/external-accounts'                         , loginRequired(crowi, app) , me.externalAccounts.list);
     app.post('/me/external-accounts/disassociate'           , loginRequired(crowi, app) , me.externalAccounts.disassociate);
-    app.post('/me/external-accounts/associateLdap'          , loginRequired(crowi, app) , form.me.associateLdapAccount , me.externalAccounts.associateLdap);
-    app.post('/_api/me/external-accounts/testAssociateLdap' , loginRequired(crowi, app) , form.me.associateLdapAccount , me.api.externalAccounts.testAssociateLdap);
+    app.post('/me/external-accounts/associateLdap'          , loginRequired(crowi, app) , form.login , me.externalAccounts.associateLdap);
   }
   app.post('/me/password'             , form.me.password          , loginRequired(crowi, app) , me.password);
   app.post('/me/imagetype'            , form.me.imagetype         , loginRequired(crowi, app) , me.imagetype);

lib/routes/login-passport.js

@@ -115,6 +115,50 @@ module.exports = function(crowi, app) {
     })(req, res, next);
   }
 
+  /**
+   * middleware that test credentials with LdapStrategy
+   *
+   * @param {*} req
+   * @param {*} res
+   */
+  const testLdapCredentials = (req, res) => {
+    if (!passportService.isLdapStrategySetup) {
+      debug('LdapStrategy has not been set up');
+      return res.json({
+        status: 'warning',
+        message: 'LdapStrategy has not been set up',
+      });
+    }
+
+    const loginForm = req.body.loginForm;
+
+    passport.authenticate('ldapauth', (err, user, info) => {
+      if (res.headersSent) {  // dirty hack -- 2017.09.25
+        return;               // cz: somehow passport.authenticate called twice when ECONNREFUSED error occurred
+      }
+
+      if (err) {  // DB Error
+        console.log('LDAP Server Error: ', err);
+        return res.json({
+          status: 'warning',
+          message: 'LDAP Server Error occured.',
+        });
+      }
+      if (info && info.message) {
+        return res.json({
+          status: 'warning',
+          message: info.message,
+        });
+      }
+      if (user) {
+        return res.json({
+          status: 'success',
+          message: 'Successfully authenticated.',
+        });
+      }
+    })(req, res, () => {});
+  }
+
   /**
    * middleware that login with LocalStrategy
    * @param {*} req
@@ -152,6 +196,7 @@ module.exports = function(crowi, app) {
   return {
     loginFailure,
     loginWithLdap,
+    testLdapCredentials,
     loginWithLocal,
   };
 };

lib/routes/me.js

@@ -281,48 +281,6 @@ module.exports = function(crowi, app) {
 
   }
 
-  api.externalAccounts = {}
-  api.externalAccounts.testAssociateLdap = (req, res) => {
-    const passport = require('passport');
-    const passportService = crowi.passportService;
-
-    if (!passportService.isLdapStrategySetup) {
-      debug('LdapStrategy has not been set up');
-      return res.json({
-        status: 'warning',
-        message: 'LdapStrategy has not been set up',
-      });
-    }
-
-    const loginForm = req.body.loginForm;
-
-    passport.authenticate('ldapauth', (err, user, info) => {
-      if (res.headersSent) {  // dirty hack -- 2017.09.25
-        return;               // cz: somehow passport.authenticate called twice when ECONNREFUSED error occurred
-      }
-
-      if (err) {  // DB Error
-        console.log('LDAP Server Error: ', err);
-        return res.json({
-          status: 'warning',
-          message: 'LDAP Server Error occured.',
-        });
-      }
-      if (info && info.message) {
-        return res.json({
-          status: 'warning',
-          message: info.message,
-        });
-      }
-      if (user) {
-        return res.json({
-          status: 'success',
-          message: 'Successfully authenticated.',
-        });
-      }
-    })(req, res, () => {});
-  }
-
   actions.password = function(req, res) {
     var passwordForm = req.body.mePassword;
     var userData = req.user;

lib/views/admin/widget/passport/ldap.html

@@ -129,7 +129,7 @@
         <button type="submit" class="btn btn-primary">{# the first element is the default button to submit #}
           {{ t('Update') }}
         </button>
-        <button type="submit"
+        <button type="button"
             class="btn btn-default passport-ldap-hide-when-disabled"
             data-target="#test-ldap-account" data-toggle="modal"
             {%if !isLdapEnabled %}style="display: none;"{% endif %}>

lib/views/widget/passport/ldap-association-tester.html

@@ -1,4 +1,4 @@
-<form id="formLdapAssociation" method="post" class="form-horizontal" role="form">
+<form id="formTestLdapCredentials" method="post" class="form-horizontal" role="form">
   <div class="alert-container"></div>
   <fieldset>
     <div class="form-group">
@@ -15,7 +15,7 @@
     </div>
 
     <div class="form-group">
-      <button type="button" class="btn btn-default col-xs-offset-5 col-xs-2" onclick="testAssociateLdap()">{{ t('Test') }}</button>
+      <button type="button" class="btn btn-default col-xs-offset-5 col-xs-2" onclick="testLdapCredentials()">{{ t('Test') }}</button>
     </div>
 
   </fieldset>
@@ -24,7 +24,7 @@
     /**
      * test association (ajax)
      */
-    function testAssociateLdap() {
+    function testLdapCredentials() {
       function showMessage(formId, msg, status) {
         $('#' + formId + ' .alert-container .alert').remove();
 
@@ -45,8 +45,8 @@
         }
       }
 
-      var $form = $('#formLdapAssociation');
-      var $action = '/_api/me/external-accounts/testAssociateLdap';
+      var $form = $('#formTestLdapCredentials');
+      var $action = '/_api/login/testLdap';
       var $id = $form.attr('id');
       var $button = $('button', this);
       $button.attr('disabled', 'disabled');