waterlock-activedirectory-auth
v0.0.11
Published
ActiveDirectory authentication for waterlock
Downloads
2
Maintainers
Readme
Waterlock ActiveDirectory Auth
waterlock-activedirectory-auth is a module for waterlock providing a ActiveDirectory authentication method for users either based on username or email.
Build upon Waterlock Local Auth and ActiveDirectory for Node.
Usage
npm install waterlock-activedirectory-auth
set the following option in your waterlock.js
config file
authMethod:[
{
name: "waterlock-activedirectory-auth",
url: string,
baseDN: string,
bindDN: string,
bindCredentials: string,
passwordReset: {
tokens: boolean, // object containing information regarding password resets
// object containing information about your smtp server, see nodemailer
mail: {
options: string, // how it is use te transport method, see nodemailer
from: string, // the from address
subject: string, // the email subject for password reset emails
forwardUrl: string // the url to send the user to after they have clicked the password reset link in their inbox (e.g. a form on your site which POST to `/auth/reset`)
},
// object containing template information for the reset emails
template:{
file: string, // the relative path to the `jade` template for the reset emails
vars: object, // object containing any vars you want passed to the template for rendering
}
},
createOnNotFound: boolean // should local auth try to create the user on a failed login attempt, good if you do not want to implement a registration form.
}
],
ldap: {
url: string // A valid LDAP URL (proto/host/port only) ie. 'ldap://dc.domain.com',
baseDN: string // The alternative baseDN to use than the one specified in the ctor. ie. 'dc=domain,dc=com',
username: string // ie. '[email protected]',
password: string // ie. 'password'
// Addtional params here: https://github.com/gheeres/node-activedirectory
}
Auth Model
Local auth adds the following attributes onto the Auth model
email: {
type: 'email',
unique: true
},
password: {
type: 'STRING',
minLength: 8
},
resetToken: {
model: 'resetToken'
}
with the way waterlock is designed and this model you can override any of these attributes, also if you want to use a username instead of an email address you can drop in the username
attribute which is a signification key causing local auth to use that to authenticate.