Fixes the authMode name for passport-ldapjs and add a parameter for LDAP mailTag

2019-08-20 10:00:51 +02:00 · 2019-08-20 10:00:51 +02:00 · 2f9a75df9b
commit 2f9a75df9b
parent 71737fa656
2 changed files with 6 additions and 4 deletions
--- a/server/config/default.yaml
+++ b/server/config/default.yaml
@ -147,6 +147,8 @@ ldap:
  uidTag: username
  # nameTag identifies the attribute to be used for user's full name
  nameTag: username
+  # mailTag identifies the attribute to be used for user's email address
+  mailTag: mail
  passwordresetlink:
  newUserRole: master
  # Global namespace id
--- a/server/lib/passport.js
+++ b/server/lib/passport.js
@ -24,7 +24,7 @@ if (config.ldap.enabled) {
    if (!config.ldap.method || config.ldap.method === 'ldapjs') {
        try {
            LdapStrategy = require('passport-ldapjs').Strategy; // eslint-disable-line global-require
-            authMode = 'ldapjs';
+            authMode = 'ldap';
            log.info('LDAP', 'Found module "passport-ldapjs". It will be used for LDAP auth.');

            ldapStrategyOpts = {
@ -34,7 +34,7 @@ if (config.ldap.enabled) {
                base: config.ldap.baseDN,
                search: {
                    filter: config.ldap.filter,
-                    attributes: [config.ldap.uidTag, config.ldap.nameTag, 'mail'],
+                    attributes: [config.ldap.uidTag, config.ldap.nameTag, config.ldap.mailTag],
                    scope: 'sub'
                },
                uidTag: config.ldap.uidTag,
@ -58,7 +58,7 @@ if (config.ldap.enabled) {
                    url: ldapProtocol + '://' + config.ldap.host + ':' + config.ldap.port,
                    searchBase: config.ldap.baseDN,
                    searchFilter: config.ldap.filter,
-                    searchAttributes: [config.ldap.uidTag, config.ldap.nameTag, 'mail'],
+                    searchAttributes: [config.ldap.uidTag, config.ldap.nameTag, config.ldap.mailTag],
                    bindDN: config.ldap.bindUser,
                    bindCredentials: config.ldap.bindPassword
                },
@ -177,7 +177,7 @@ module.exports.restLogin = (req, res, next) => {
 };

 if (LdapStrategy) {
-    log.info('Using LDAP auth (passport-' + authMode + ')');
+    log.info('Using LDAP auth (passport-' + authMode === 'ldap' ? 'ldapjs' : authMode + ')');
    module.exports.authMethod = 'ldap';
    module.exports.isAuthMethodLocal = false;