我已将我的passport-ldapauth策略配置为如下所示:
我已经更改了敏感信息,但是我想做的是针对已在usernameField和passwordField中对护照进行硬编码的LDAP服务器测试身份验证。
const OPTS = {
server: {
url: "ldaps://ldap:port",
searchBase: "<Search-details>",
searchFilter:
"(&(objectCategory=person)(objectClass=user)(sAMAccountName={0}))",
groupSearchFilter:
"(&(objectCategory=person)(objectClass=user)(memberOf={0}))",
searchAttributes: ["displayName", "sAMAccountName", "mail", "memberOf"]
},
usernameField: "<hardcoded-username>",
passwordField: "<hardcoded-password>",
tlsOptions: {
ca: [fs.readFileSync("LDAP-SSL-CERT")]
}
};
passport.use(
new LdapStrategy(OPTS, (user: any, done: any) => {
return done(null, user);
})
);
我在req中验证了usernameField和passwordField包含必要的凭据,但是当我通过邮递员触发邮递请求时,ldapauth仍返回{message: 'Missing credentials'}。
export let postLogin = (req: Request, res: Response, next: NextFunction) => {
passport.serializeUser((user: any, done: any) => {
done(null, user);
});
passport.deserializeUser((user: any, done: any) => {
done(null, user);
});
passport.authenticate(
"ldapauth",
{ session: false },
(err: Error, user: any, info: any) => {
if (err) return next(err);
console.log(err);
console.log(user);
console.log(info);
res.send({ status: "ok" });
}
)(req, res, next);
};