expressjs ldap authentication显示基本身份验证弹出窗体

时间:2018-04-18 00:07:38

标签: node.js express ldap openldap

我是expressjs和ldap的新手。

需要您帮助我完成代码流程。

我需要针对ldap服务器验证用户凭据。 我正在使用这个ldap库https://github.com/vesse/node-ldapauth-fork来使其工作。

在我使用登录表单(loginCtrl.js)提交登录凭据后,我在我的broswer上获得了弹出窗口,要求提供我的基本身份验证凭据。 当我在弹出窗口中输入凭据时,后端将它们视为“未定义”

enter image description here 我的问题是,如果我已经通过loginCtrl.js发送了凭证,为什么会弹出基本身份验证表格

这是我调用REST api的前端代码     的login.html

app.controller("loginCtrl", ["$scope", "$http", "$location","$document", "$uibModal", "$filter", "$q", function($scope, $http, $location, $document, $uibModal, $filter, $q) {

	$scope.keepLoggedIn = false;


	$scope.login = function() {
		var body = {};
		body["username"] =  $scope.username;
		body["password"] = $scope.password;

		var auth = window.btoa($scope.username+":"+$scope.password);
		console.log(auth);
	/*	$http.post('/login', JSON.stringify(credentials)).then(function(success){
			console.log("success");
		}, function(error){
			console.error("error");
		});*/
		var results = [];
		$http({
				method: 'POST',
				headers: {'Authorization': "Basic " + auth},
				url: '/login',
				data: JSON.stringify(body)
		})
		.then(function (success) {
				console.log(success);
				results.push(success);
		}, function (error) {
				results.push(error.data);
		});

	}


}]);
<div id="container">
	<form ng-submit="login()">
		<label for="username">Username:</label>
		<input type="text" ng-model="username" id="username" name="username">
		<label for="password">Password:</label>
		<input type="password" ng-model="password" id="password" name="password">
		<div id="lower">
			<input type="checkbox" ng-model="keepLoggedIn"><label for="checkbox">Keep me logged in</label>
			<input type="submit" value="Login">
		</div><!--/ lower-->
	</form>
</div>

这是使用ldapauth对ldap

进行身份验证的expressjs服务器代码
var express = require('express');
var basicAuth = require('basic-auth');
var LdapAuth = require('ldapauth-fork');
var app = express();

var ldap = new LdapAuth({
  url: 'ldap://ldapserver.net:389',
  bindDN: 'uid=root,ou=sample,dc=dept,dc=net',
  bindCredentials: 'secret',
  searchBase: 'ou=sample,dc=dept,dc=net',
  searchFilter: '(uid={{username}})',
  reconnect: true
});

ldap.on('error', function (err) {
  console.error('LdapAuth: ', err);
});

var rejectBasicAuth = function(res) {

  res.statusCode = 401;
  res.setHeader('WWW-Authenticate', 'Basic realm="Example"');
  res.end('Access denied');

}
var basicAuthMiddleware = function(req, res, next) {

  ldap.authenticate(req.body.username, req.body.password, function(err, user) {
    console.log("callback:"+user);
    if (err) {
      console.log(err);
      return rejectBasicAuth(res);
    }
    console.log("success");
    req.user = user;
    next();
  });
};
app.post('/login',basicAuthMiddleware, function(req,res){
    res.send({"status":"ok"});
});
app.listen(2500, function(){
    console.log('Express started on http://localhost:' + 2500 + '; press Ctrl-C to terminate.');
});

0 个答案:

没有答案