ldap authentication works
This commit is contained in:
Marc Wäckerlin
36
ChangeLog
36
ChangeLog
@@ -1,3 +1,39 @@
|
|||||||
|
2016-09-20 15:00 marc
|
||||||
|
|
||||||
|
* autogen.sh, ax_cxx_compile_stdcxx_11.m4,
|
||||||
|
ax_init_standard_project.m4, bootstrap.sh, build-in-docker.sh,
|
||||||
|
doc/doxyfile.in, doc/footer.html.in, doc/header.html.in,
|
||||||
|
doc/plantuml.jar, doc/style.css, makefile_test.inc.am,
|
||||||
|
nodejs/authentication/index.js, nodejs/etc/servicedock.json,
|
||||||
|
nodejs/package.json.in, nodejs/public/javascripts/servicedock.js,
|
||||||
|
nodejs/public/stylesheets/servicedock.css, nodejs/servicedock.js,
|
||||||
|
nodejs/sockets/index.js, nodejs/views/index.ejs,
|
||||||
|
resolve-debbuilddeps.sh, resolve-rpmbuilddeps.sh, sql-to-dot.sed:
|
||||||
|
login is possible
|
||||||
|
|
||||||
|
2016-07-29 19:25 marc
|
||||||
|
|
||||||
|
* nodejs/authentication, nodejs/authentication/index.js,
|
||||||
|
nodejs/etc/servicedock.json, nodejs/package.json.in,
|
||||||
|
nodejs/public/javascripts/servicedock.js, nodejs/routes/index.js,
|
||||||
|
nodejs/servicedock.js, nodejs/sockets/index.js,
|
||||||
|
nodejs/views/index.ejs, scripts, scripts/docker-backup.sh: in the
|
||||||
|
middle of the work for authentication
|
||||||
|
|
||||||
|
2016-04-03 16:19 marc
|
||||||
|
|
||||||
|
* ChangeLog: after svn-server restore
|
||||||
|
|
||||||
|
2016-03-02 15:25 marc
|
||||||
|
|
||||||
|
* ax_init_standard_project.m4, bootstrap.sh, build-in-docker.sh,
|
||||||
|
debian/control.in, debian/servicedock.postinst,
|
||||||
|
mac-create-app-bundle.sh, nodejs/etc/default,
|
||||||
|
nodejs/etc/default/servicedock, nodejs/etc/init,
|
||||||
|
nodejs/etc/init/servicedock.conf, nodejs/etc/servicedock.json,
|
||||||
|
nodejs/makefile.am, nodejs/servicedock.js: proper packaging and
|
||||||
|
upstart scripts for ubuntu
|
||||||
|
|
||||||
2016-02-19 15:27 marc
|
2016-02-19 15:27 marc
|
||||||
|
|
||||||
* ChangeLog, nodejs/sockets/index.js: little fix: fail outside of
|
* ChangeLog, nodejs/sockets/index.js: little fix: fail outside of
|
||||||
|
|||||||
BIN
doc/screenshot10.png
Normal file
BIN
doc/screenshot10.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 237 KiB |
BIN
doc/screenshot11.png
Normal file
BIN
doc/screenshot11.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 117 KiB |
BIN
doc/screenshot12.png
Normal file
BIN
doc/screenshot12.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 193 KiB |
@@ -1,51 +1,78 @@
|
|||||||
module.exports = function(config) {
|
module.exports = function(config) {
|
||||||
|
|
||||||
|
var authentication;
|
||||||
|
|
||||||
|
if (config) {
|
||||||
|
|
||||||
authentication = function (username, password, success, fail) {
|
authentication = function (username, password, success, fail) {
|
||||||
|
|
||||||
if (config) {
|
console.log("...try: ", username);
|
||||||
const crypto = require('crypto');
|
const crypto = require('crypto');
|
||||||
if (config.passwords && config.passwords[username]) {
|
if (config.passwords && config.passwords[username]) {
|
||||||
|
console.log("...check hash");
|
||||||
if (crypto.getHashes().indexOf(config.passwords[username][0])>=0) {
|
if (crypto.getHashes().indexOf(config.passwords[username][0])>=0) {
|
||||||
if (crypto.createHash(config.passwords[username][0]).update(password, 'utf8').digest('hex') === config.passwords[username][1]) {
|
if (crypto.createHash(config.passwords[username][0]).update(password, 'utf8').digest('hex') === config.passwords[username][1]) {
|
||||||
success();
|
success(username);
|
||||||
return;
|
return;
|
||||||
} else {
|
} else {
|
||||||
fail();
|
fail(username);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
console.log("**** HASH NOT FOUND ****");
|
console.log("**** HASH NOT FOUND ****");
|
||||||
console.log(config.passwords[username][0]);
|
console.log(config.passwords[username][0]);
|
||||||
console.log(crypto.getHashes());
|
console.log(crypto.getHashes());
|
||||||
fail();
|
fail(username);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (config.ldap) try {
|
if (config.ldap) try {
|
||||||
|
console.log("...check ldap");
|
||||||
var LdapAuth = require('ldapauth');
|
var LdapAuth = require('ldapauth');
|
||||||
var auth = new LdapAuth(config.ldap);
|
var auth = new LdapAuth(config.ldap);
|
||||||
|
auth.once('connect', function () {
|
||||||
|
try {
|
||||||
auth.authenticate(username, password, function(err, usr) {
|
auth.authenticate(username, password, function(err, usr) {
|
||||||
auth.close(function(err) {})
|
auth.close(function(err) {})
|
||||||
if (err) {
|
if (err) {
|
||||||
console.log("**** ERROR: LDAP Authentication failed:", err);
|
console.log("**** ERROR: LDAP Authentication failed:", err);
|
||||||
fail();
|
fail(username);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
console.log("**** SUCCESS: LDAP Authentication:");
|
console.log("**** SUCCESS: LDAP Authentication:");
|
||||||
success();
|
success(username);
|
||||||
return;
|
return;
|
||||||
});
|
});
|
||||||
return; // need to block here!
|
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
console.log("**** Error: LDAP failed: ", e, e.stack);
|
console.log("**** Error: LDAP failed: ", e, e.stack);
|
||||||
fail();
|
fail(username);
|
||||||
|
}
|
||||||
|
return; // need to block here!
|
||||||
|
});
|
||||||
|
} catch (e) {
|
||||||
|
console.log("**** Error: LDAP failed: ", e, e.stack);
|
||||||
|
fail(username);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
if (config.unrestricted)
|
||||||
fail();
|
success(username);
|
||||||
|
else
|
||||||
|
fail(username);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
authentication = function (username, password, success, fail) {
|
||||||
|
console.log('**** Error: no access configuraion. To allow any user, add:')
|
||||||
|
console.log(' "restrict": {');
|
||||||
|
console.log(' "unrestricted": true');
|
||||||
|
console.log(' }');
|
||||||
|
fail(username);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
return authentication;
|
return authentication;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,17 +2,12 @@
|
|||||||
"port": 8888,
|
"port": 8888,
|
||||||
"restrict": {
|
"restrict": {
|
||||||
"passwords": {
|
"passwords": {
|
||||||
"marc": ["sha256", "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"],
|
"foo": ["sha256", "fcde2b2edxx56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9"]
|
||||||
"foo": ["sha256", "fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9"]
|
|
||||||
},
|
},
|
||||||
"ldap": {
|
"ldap": {
|
||||||
"tlsOptions": {
|
|
||||||
"requestCert": false,
|
|
||||||
"rejectUnauthorized": false
|
|
||||||
},
|
|
||||||
"url": "ldap://dev.marc.waeckerlin.org",
|
"url": "ldap://dev.marc.waeckerlin.org",
|
||||||
"adminDn": "cn=tmp,ou=system,ou=people,dc=dev,dc=marc,dc=waeckerlin,dc=org",
|
"adminDn": "cn=tmp,ou=system,ou=people,dc=dev,dc=marc,dc=waeckerlin,dc=org",
|
||||||
"adminPassword": "dGg7benUnZ9z",
|
"adminPassword": "secret",
|
||||||
"searchBase": "ou=person,ou=people,dc=dev,dc=marc,dc=waeckerlin,dc=org",
|
"searchBase": "ou=person,ou=people,dc=dev,dc=marc,dc=waeckerlin,dc=org",
|
||||||
"searchFilter": "(uid={{username}})"
|
"searchFilter": "(uid={{username}})"
|
||||||
}
|
}
|
||||||
|
|||||||
0
nodejs/etc/systemd/system/servicedock.service
Normal file
0
nodejs/etc/systemd/system/servicedock.service
Normal file
@@ -9,7 +9,8 @@
|
|||||||
"socket.io": "~1.4.4",
|
"socket.io": "~1.4.4",
|
||||||
"pty.js": "~0.3.0",
|
"pty.js": "~0.3.0",
|
||||||
"async": "~1.5.2",
|
"async": "~1.5.2",
|
||||||
"socketio-auth": "0.0.5"
|
"socketio-auth": "0.0.5",
|
||||||
|
"ldapauth": "git+https://github.com/DimensionSoftware/node-ldapauth.git"
|
||||||
},
|
},
|
||||||
"description": "@DESCRIPTION@",
|
"description": "@DESCRIPTION@",
|
||||||
"main": "@PACKAGE_NAME@.js",
|
"main": "@PACKAGE_NAME@.js",
|
||||||
|
|||||||
@@ -19,8 +19,8 @@ try {
|
|||||||
var package = require(__dirname+'/package.json');
|
var package = require(__dirname+'/package.json');
|
||||||
var config = require(package.path.config);
|
var config = require(package.path.config);
|
||||||
var docker = require(__dirname+'/docker')(app);
|
var docker = require(__dirname+'/docker')(app);
|
||||||
//var authentication = require(__dirname+'/authentication')(config.restrict);
|
var authentication = require(__dirname+'/authentication')(config.restrict);
|
||||||
var sockets = require(__dirname+'/sockets')(io);
|
var sockets = require(__dirname+'/sockets')(io, authentication);
|
||||||
|
|
||||||
// Configuration
|
// Configuration
|
||||||
process.argv.forEach(function(val, index) {
|
process.argv.forEach(function(val, index) {
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
module.exports = function(io) {
|
module.exports = function(io, authentication) {
|
||||||
|
|
||||||
var pty = require('pty.js');
|
var pty = require('pty.js');
|
||||||
var proc = require('child_process');
|
var proc = require('child_process');
|
||||||
@@ -287,10 +287,9 @@ module.exports = function(io) {
|
|||||||
//get credentials sent by the client
|
//get credentials sent by the client
|
||||||
var username = data.username;
|
var username = data.username;
|
||||||
var password = data.password;
|
var password = data.password;
|
||||||
if (username=="hello")
|
authentication(data.username, data.password,
|
||||||
return callback(null, "world" == password);
|
function() {console.log("####LOGIN-SUCESS####");callback(null, true)},
|
||||||
else
|
function() {console.log("####LOGIN-FAIL####");callback(new Error("wrong credentials"))});
|
||||||
return callback(new Error("wrong credentials"));
|
|
||||||
},
|
},
|
||||||
postAuthenticate: connection,
|
postAuthenticate: connection,
|
||||||
timeout: "none"
|
timeout: "none"
|
||||||
|
|||||||
Reference in New Issue
Block a user