npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

express-cached-ldap

v2.0.1

Published

Cached LDAP authentication middleware for express

Downloads

15

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jd78jd78

Keywords

ldapactive directoryauthentication

Readme

Express-Cached-LDAP

Express-Cached-LDAP is an Active Directory authentication middleware for Express.js. It supports both users and groups authentication. The middleware caches the user authentication so that it queries Active Directory just once per user (until the cache expires). Express-Cached-LDAP depends strictly on express-ntlm, activedirectory and node-cache packages.

Installation

$ npm install express-cached-ldap --no-optional

Usage

First of all, we need to install express-ntlm and express-cached-ldap in your express application

$ npm install express-ntlm
$ npm install express-cached-ldap

After that, we need to add the two middlewares in our app.js

var express = require('express');
...
var ntlm = require('express-ntlm');
var ldap = require('express-cached-ldap');

app.use(ntlm());

app.use(ldap({
  ldapUrl: 'ldap://yourDomain.domain.com',
  baseDN: 'dc=domain,dc=com',
  ldapUsername: 'adUsername',
  ldapPassword: 'adPassword'
}));

If the user is not authorized, a response status 401 will be sent or an error page will be rendered (see configuration).

Configuration

The configuration requires ldapUrl, baseDN, ldapUsername and ldapPassword. There are some optional parameters that can be added:

  • groups, array of strings that check if the users is in the given groups;
  • userToBePartOfAllGroups, default true; if true the user must be part of all the groups passed in the groups parameter; if false, the user is authorized if part of one or more groups;
  • ttl, cache expiration in seconds, the default is 1800 (30 min). Pass 0 for unlimited;
  • cacheCheckPeriod, delete cache check interval in seconds, the default is 600 (10 min). Pass 0 for no check.
  • unauthorizedView, renders the specified view instead of send back a 401 error status. The view should be placed into the views folder.
app.use(ldap({
  ldapUrl: 'ldap://yourDomain.domain.com',
  baseDN: 'dc=domain,dc=com',
  ldapUsername: 'adUsername',
  ldapPassword: 'adPassword',
  groups: ['Group Test 1', 'Group Test 2'], //optional
  userToBePartOfAllGroups: true, //optional
  ttl: 36000, //optional
  cacheCheckPeriod: 1000, //optional
  unauthorizedView: 'unauthorized' //optional
}));

Authorize single API

app.use(ldap({...})) filters all the traffic and checks the user authorization. Instead to filter all traffic, you might want to filter only some APIs. To do that you need to create your own ldapModule and inject the middleware into the single APIs.

Create a new file authorizationMiddleware.js:

var ldap = require('express-cached-ldap');

module.exports = ldap({
  ldapUrl: 'ldap://yourDomain.domain.com',
  baseDN: 'dc=domain,dc=com',
  ldapUsername: 'adUsername',
  ldapPassword: 'adPassword',
  groups: ['Group Test 1', 'Group Test 2']
});

Remove the app.use(ldap({...})) from the app.js file and inject the middleware into the single API:

var express = require('express');
var router = express.Router();
var authorizationMiddleware = require('yourAuthrizationMiddlewarePath/authorizationMiddleware');

router.get('/', authorizationMiddleware, function(req, res, next) {
  res.render('index', { title: 'Express' });
});

module.exports = router;