MEAN.js passport-ldapauth integration

authentication.client.controller.js

// public/modules/users/controllers/authentication.client.controller.js

// ...
// Change $http.post to point to /auth/ldap
$scope.signin = function() {
			$http.post('/auth/ldap', $scope.credentials).success(function(response) {
// ...

Install passport-ldapauth

npm install -S passport-ldapauth

ldap.js

// config/env/ldap.js

'use strict';

module.exports = {
  url: process.env.LDAP_URL || '',
  bindDn: process.env.LDAP_BINDDN || '',
  bindCredentials: process.env.LDAP_BINDCREDENTIALS || '',
  searchBase: process.env.LDAP_SEARCHBASE || '',
  searchFilter: process.env.LDAP_SEARCHFILTER || ''
};

ldapauth.js

// config/strategies/ldapauth.js

'use strict';

/**
 * Module dependencies.
 */
var passport = require('passport'),
	url = require('url'),
	LDAPStrategy = require('passport-ldapauth').Strategy,
	config = require('../config'),
	users = require('../../app/controllers/users.server.controller'),
	ldapConfig = require('../env/ldap');

module.exports = function() {
	// Use LDAP strategy
	passport.use(new LDAPStrategy({
		  server: {
				url: ldapConfig.url,
				bindDn: ldapConfig.bindDn,
				bindCredentials: ldapConfig.bindCredentials,
				searchBase: ldapConfig.searchBase,
				searchFilter: ldapConfig.searchFilter
			},
			passReqToCallback: true
		},
		function(req, user, done) {
			console.log('this gets processed FIRST on success, NEVER on error');

			// Create the user OAuth profile
			var providerUserProfile = {
				displayName: user.cn,
				email: user.mail,
				username: user.sAMAccountName,
				firstName: user.givenName,
				lastName: user.sn,
				provider: 'ldap',
				providerIdentifierField: 'id'
			};

			users.ldapauthSaveUserProfile(req, providerUserProfile, done);
		}
	));
};

users.authentication.server.controller.js

// app/controllers/users/users.authentication.server.controller.js

var passport = require('passport');

// ...

exports.ldapauth = function() {
	return function(req, res, next) {
		passport.authenticate('ldapauth', function (err, user, info, statusCode) {
			console.log('This gets processed FIRST on error/LAST on success');
			if (err || !user) {
				if (err) {
					return res.status(400).send({
						message: errorHandler.getErrorMessage(err)
					});
				}
				return res.status(statusCode).send({
					message: info.message
				});
			}
			req.login(user, function(err) {
				if (err) {
					// not sure if this should be 400 or 401
					return res.status(401).send({
						message: err.toString()
					});
				}
				return res.json(user);
			});
		})(req, res, next);
	};
};

exports.ldapauthSaveUserProfile = function(req, providerUserProfile, done) {
	User.findOne({
		username: providerUserProfile.username
	}, function(err, user) {
		if (err) {
			return done(err);
		} else {
			if (!user) {
				var possibleUsername = providerUserProfile.username || ((providerUserProfile.email) ? providerUserProfile.email.split('@')[0] : '');

				User.findUniqueUsername(possibleUsername, null, function(availableUsername) {
					user = new User({
						username: possibleUsername,
						displayName: providerUserProfile.displayName,
						email: providerUserProfile.email,
						provider: providerUserProfile.provider,
						firstName: providerUserProfile.firstName,
						lastName: providerUserProfile.lastName,
					});

					// And save the user
					user.save(function(err) {
						return done(err, user);
					});
				});
			} else {
				return done(err, user);
			}
		}
	});
};

// ...

users.server.routes.js

// app/routes/users.server.routes.js

// ...

app.route('/auth/ldap').post(users.ldapauth());

// ...