wiki
/
weseek__growi
mirror da https://github.com/weseek/growi


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128
							const debug = require('debug')('crowi:service:PassportService');
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;
const LdapStrategy = require('passport-ldapauth');

/**
 * the service class of Passport
 */
class PassportService {

  // see '/lib/form/login.js'
  static get USERNAME_FIELD() { return 'loginForm[username]' }
  static get PASSWORD_FIELD() { return 'loginForm[password]' }

  constructor(crowi) {
    this.crowi = crowi;
  }

  /**
   * setup LocalStrategy
   *
   * @memberof PassportService
   */
  setupLocalStrategy() {
    debug('setup LocalStrategy');

    const User = this.crowi.model('User');

    passport.use(new LocalStrategy(
      {
        usernameField: PassportService.USERNAME_FIELD,
        passwordField: PassportService.PASSWORD_FIELD,
      },
      (username, password, done) => {
        // find user
        User.findUserByUsernameOrEmail(username, password, (err, user) => {
          if (err) { return done(err); }
          // check existence and password
          if (!user || !user.isPasswordValid(password)) {
            return done(null, false, { message: 'Incorrect credentials.' });
          }
          return done(null, user);
        });
      }
    ));
  }

  /*
   * Asynchronous configuration retrieval
   */
  // setupLdapStrategy() {
  //   var getLDAPConfiguration = function(req, callback) {
  //     var loginForm = req.body.loginForm;

  //     if (!req.form.isValid) {
  //       // TODO handle error
  //     }

  //     var username = loginForm.username;
  //     var password = loginForm.password;

  //     process.nextTick(() => {
  //       var opts = {
  //         usernameField: PassportService.USERNAME_FIELD,
  //         passwordField: PassportService.PASSWORD_FIELD,
  //         server: {
  //           url: 'ldaps://pike.weseek.co.jp',
  //           bindDN: `uid=${username}`,
  //           bindCredentials: password,
  //           searchBase: 'ou=people',
  //           searchFilter: '(uid={{username}})'
  //         }
  //       };

  //       callback(null, opts);
  //     });
  //   };

  //   passport.use(new LdapStrategy(getLDAPConfiguration,
  //     (user, done) => {
  //       debug("LDAP authentication has successed");
  //       return done(null, user);
  //     }
  //   ));
  // }

  setupLdapStrategy() {
    passport.use(new LdapStrategy(
      {
        usernameField: PassportService.USERNAME_FIELD,
        passwordField: PassportService.PASSWORD_FIELD,
        server: {
          url: 'ldaps://localhost',
          bindDN: `cn=...,dc=weseek,dc=co,dc=jp`,
          bindCredentials: 'secret',
          searchBase: 'ou=...,dc=weseek,dc=co,dc=jp',
          searchFilter: '(uid={{username}})'
        },
      },
      (user, done) => {
        debug("LDAP authentication has succeeded");
        return done(null, user);
      }
    ));
  }

  /**
   * setup serializer and deserializer
   *
   * @memberof PassportService
   */
  setupSerializer() {
    debug('setup serializer and deserializer');

    const User = this.crowi.model('User');

    passport.serializeUser(function(user, done) {
      done(null, user.id);
    });
    passport.deserializeUser(function(id, done) {
      User.findById(id, function(err, user) {
        done(err, user);
      });
    });
  }
}

module.exports = PassportService;