ldap authentication works
This commit is contained in:
36
ChangeLog
36
ChangeLog
@@ -1,3 +1,39 @@
|
||||
2016-09-20 15:00 marc
|
||||
|
||||
* autogen.sh, ax_cxx_compile_stdcxx_11.m4,
|
||||
ax_init_standard_project.m4, bootstrap.sh, build-in-docker.sh,
|
||||
doc/doxyfile.in, doc/footer.html.in, doc/header.html.in,
|
||||
doc/plantuml.jar, doc/style.css, makefile_test.inc.am,
|
||||
nodejs/authentication/index.js, nodejs/etc/servicedock.json,
|
||||
nodejs/package.json.in, nodejs/public/javascripts/servicedock.js,
|
||||
nodejs/public/stylesheets/servicedock.css, nodejs/servicedock.js,
|
||||
nodejs/sockets/index.js, nodejs/views/index.ejs,
|
||||
resolve-debbuilddeps.sh, resolve-rpmbuilddeps.sh, sql-to-dot.sed:
|
||||
login is possible
|
||||
|
||||
2016-07-29 19:25 marc
|
||||
|
||||
* nodejs/authentication, nodejs/authentication/index.js,
|
||||
nodejs/etc/servicedock.json, nodejs/package.json.in,
|
||||
nodejs/public/javascripts/servicedock.js, nodejs/routes/index.js,
|
||||
nodejs/servicedock.js, nodejs/sockets/index.js,
|
||||
nodejs/views/index.ejs, scripts, scripts/docker-backup.sh: in the
|
||||
middle of the work for authentication
|
||||
|
||||
2016-04-03 16:19 marc
|
||||
|
||||
* ChangeLog: after svn-server restore
|
||||
|
||||
2016-03-02 15:25 marc
|
||||
|
||||
* ax_init_standard_project.m4, bootstrap.sh, build-in-docker.sh,
|
||||
debian/control.in, debian/servicedock.postinst,
|
||||
mac-create-app-bundle.sh, nodejs/etc/default,
|
||||
nodejs/etc/default/servicedock, nodejs/etc/init,
|
||||
nodejs/etc/init/servicedock.conf, nodejs/etc/servicedock.json,
|
||||
nodejs/makefile.am, nodejs/servicedock.js: proper packaging and
|
||||
upstart scripts for ubuntu
|
||||
|
||||
2016-02-19 15:27 marc
|
||||
|
||||
* ChangeLog, nodejs/sockets/index.js: little fix: fail outside of
|
||||
|
BIN
doc/screenshot10.png
Normal file
BIN
doc/screenshot10.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 237 KiB |
BIN
doc/screenshot11.png
Normal file
BIN
doc/screenshot11.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 117 KiB |
BIN
doc/screenshot12.png
Normal file
BIN
doc/screenshot12.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 193 KiB |
@@ -1,51 +1,78 @@
|
||||
module.exports = function(config) {
|
||||
|
||||
var authentication;
|
||||
|
||||
if (config) {
|
||||
|
||||
authentication = function (username, password, success, fail) {
|
||||
|
||||
if (config) {
|
||||
console.log("...try: ", username);
|
||||
const crypto = require('crypto');
|
||||
if (config.passwords && config.passwords[username]) {
|
||||
console.log("...check hash");
|
||||
if (crypto.getHashes().indexOf(config.passwords[username][0])>=0) {
|
||||
if (crypto.createHash(config.passwords[username][0]).update(password, 'utf8').digest('hex') === config.passwords[username][1]) {
|
||||
success();
|
||||
success(username);
|
||||
return;
|
||||
} else {
|
||||
fail();
|
||||
fail(username);
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
console.log("**** HASH NOT FOUND ****");
|
||||
console.log(config.passwords[username][0]);
|
||||
console.log(crypto.getHashes());
|
||||
fail();
|
||||
fail(username);
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (config.ldap) try {
|
||||
console.log("...check ldap");
|
||||
var LdapAuth = require('ldapauth');
|
||||
var auth = new LdapAuth(config.ldap);
|
||||
auth.once('connect', function () {
|
||||
try {
|
||||
auth.authenticate(username, password, function(err, usr) {
|
||||
auth.close(function(err) {})
|
||||
if (err) {
|
||||
console.log("**** ERROR: LDAP Authentication failed:", err);
|
||||
fail();
|
||||
fail(username);
|
||||
return;
|
||||
}
|
||||
console.log("**** SUCCESS: LDAP Authentication:");
|
||||
success();
|
||||
success(username);
|
||||
return;
|
||||
});
|
||||
return; // need to block here!
|
||||
} catch (e) {
|
||||
console.log("**** Error: LDAP failed: ", e, e.stack);
|
||||
fail();
|
||||
fail(username);
|
||||
}
|
||||
return; // need to block here!
|
||||
});
|
||||
} catch (e) {
|
||||
console.log("**** Error: LDAP failed: ", e, e.stack);
|
||||
fail(username);
|
||||
return;
|
||||
}
|
||||
}
|
||||
fail();
|
||||
if (config.unrestricted)
|
||||
success(username);
|
||||
else
|
||||
fail(username);
|
||||
return;
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
authentication = function (username, password, success, fail) {
|
||||
console.log('**** Error: no access configuraion. To allow any user, add:')
|
||||
console.log(' "restrict": {');
|
||||
console.log(' "unrestricted": true');
|
||||
console.log(' }');
|
||||
fail(username);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return authentication;
|
||||
|
||||
}
|
||||
|
@@ -2,17 +2,12 @@
|
||||
"port": 8888,
|
||||
"restrict": {
|
||||
"passwords": {
|
||||
"marc": ["sha256", "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"],
|
||||
"foo": ["sha256", "fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9"]
|
||||
"foo": ["sha256", "fcde2b2edxx56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9"]
|
||||
},
|
||||
"ldap": {
|
||||
"tlsOptions": {
|
||||
"requestCert": false,
|
||||
"rejectUnauthorized": false
|
||||
},
|
||||
"url": "ldap://dev.marc.waeckerlin.org",
|
||||
"adminDn": "cn=tmp,ou=system,ou=people,dc=dev,dc=marc,dc=waeckerlin,dc=org",
|
||||
"adminPassword": "dGg7benUnZ9z",
|
||||
"adminPassword": "secret",
|
||||
"searchBase": "ou=person,ou=people,dc=dev,dc=marc,dc=waeckerlin,dc=org",
|
||||
"searchFilter": "(uid={{username}})"
|
||||
}
|
||||
|
0
nodejs/etc/systemd/system/servicedock.service
Normal file
0
nodejs/etc/systemd/system/servicedock.service
Normal file
@@ -9,7 +9,8 @@
|
||||
"socket.io": "~1.4.4",
|
||||
"pty.js": "~0.3.0",
|
||||
"async": "~1.5.2",
|
||||
"socketio-auth": "0.0.5"
|
||||
"socketio-auth": "0.0.5",
|
||||
"ldapauth": "git+https://github.com/DimensionSoftware/node-ldapauth.git"
|
||||
},
|
||||
"description": "@DESCRIPTION@",
|
||||
"main": "@PACKAGE_NAME@.js",
|
||||
|
@@ -19,8 +19,8 @@ try {
|
||||
var package = require(__dirname+'/package.json');
|
||||
var config = require(package.path.config);
|
||||
var docker = require(__dirname+'/docker')(app);
|
||||
//var authentication = require(__dirname+'/authentication')(config.restrict);
|
||||
var sockets = require(__dirname+'/sockets')(io);
|
||||
var authentication = require(__dirname+'/authentication')(config.restrict);
|
||||
var sockets = require(__dirname+'/sockets')(io, authentication);
|
||||
|
||||
// Configuration
|
||||
process.argv.forEach(function(val, index) {
|
||||
|
@@ -1,4 +1,4 @@
|
||||
module.exports = function(io) {
|
||||
module.exports = function(io, authentication) {
|
||||
|
||||
var pty = require('pty.js');
|
||||
var proc = require('child_process');
|
||||
@@ -287,10 +287,9 @@ module.exports = function(io) {
|
||||
//get credentials sent by the client
|
||||
var username = data.username;
|
||||
var password = data.password;
|
||||
if (username=="hello")
|
||||
return callback(null, "world" == password);
|
||||
else
|
||||
return callback(new Error("wrong credentials"));
|
||||
authentication(data.username, data.password,
|
||||
function() {console.log("####LOGIN-SUCESS####");callback(null, true)},
|
||||
function() {console.log("####LOGIN-FAIL####");callback(new Error("wrong credentials"))});
|
||||
},
|
||||
postAuthenticate: connection,
|
||||
timeout: "none"
|
||||
|
Reference in New Issue
Block a user