Merge pull request #42 from Alexandre-io/fix/ldapauth-cache

fix(Auth): fix ldap cache by using a single instance of ldapauth
Alexandre-io · Jul 25, 2018 · fa770cc · fa770cc
2 parents e4ed38c + 9e9be76
commit fa770cc
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 30 deletions.
diff --git a/README.md b/README.md
@@ -33,7 +33,8 @@ auth:
       # Else, if you don't (use one or the other):
       # groupSearchFilter: '(memberUid={{dn}})'
       # 
-      # Optional, default false. If true, then up to 100 credentials at a time will be cached for 5 minutes.
+      # Optional, default false.
+      # If true, then up to 100 credentials at a time will be cached for 5 minutes.
       cache: false
       # Optional
       reconnect: true

diff --git a/index.js b/index.js
@@ -20,6 +20,15 @@ function Auth(config, stuff) {
   // TODO: Set more defaults
   self._config.groupNameAttribute = self._config.groupNameAttribute || 'cn';
 
+  // ldap client
+  self._ldapClient = new LdapAuth(self._config.client_options);
+
+  self._ldapClient.on('error', (err) => {
+    self._logger.warn({
+      err: err,
+    }, `LDAP error ${err}`);
+  });
+
   return self;
 }
 
@@ -29,12 +38,8 @@ module.exports = Auth;
 // Attempt to authenticate user against LDAP backend
 //
 Auth.prototype.authenticate = function (user, password, callback) {
-  const LdapClient = new LdapAuth(this._config.client_options);
-
-  // https://github.com/vesse/node-ldapauth-fork/issues/61
-  LdapClient.on('error', (err) => {});
 
-  LdapClient.authenticateAsync(user, password)
+  this._ldapClient.authenticateAsync(user, password)
     .then((ldapUser) => {
       if (!ldapUser) return [];
 
@@ -54,14 +59,5 @@ Auth.prototype.authenticate = function (user, password, callback) {
 
       return false; // indicates failure
     })
-    .finally((ldapUser) => {
-      LdapClient.closeAsync()
-        .catch((err) => {
-          this._logger.warn({
-            err: err
-          }, `LDAP error on close ${err}`);
-        });
-      return ldapUser;
-    })
     .asCallback(callback);
 };
diff --git a/tests/integration/test.spec.js b/tests/integration/test.spec.js
@@ -1,29 +1,31 @@
 const Auth = require('../../index');
 const should = require('chai').should();
 const bunyan = require('bunyan');
-const log = bunyan.createLogger({ name: 'myapp' });
+const log = bunyan.createLogger({ name: 'verdaccio-ldap' });
 
 
-const auth = new Auth({
-  client_options: {
-    url: "ldap://localhost:4389",
-    searchBase: 'ou=users,dc=myorg,dc=com',
-    searchFilter: '(&(objectClass=posixAccount)(!(shadowExpire=0))(uid={{username}}))',
-    groupDnProperty: 'cn',
-    groupSearchBase: 'ou=groups,dc=myorg,dc=com',
-    // If you have memberOf:
-    searchAttributes: ['*', 'memberOf'],
-    // Else, if you don't:
-    // groupSearchFilter: '(memberUid={{dn}})',
-  }
-}, { logger: log });
-
 describe('ldap auth', function () {
   it('should match user', function (done) {
+
+    const auth = new Auth({
+      client_options: {
+        url: "ldap://localhost:4389",
+        searchBase: 'ou=users,dc=myorg,dc=com',
+        searchFilter: '(&(objectClass=posixAccount)(!(shadowExpire=0))(uid={{username}}))',
+        groupDnProperty: 'cn',
+        groupSearchBase: 'ou=groups,dc=myorg,dc=com',
+        // If you have memberOf:
+        searchAttributes: ['*', 'memberOf'],
+        // Else, if you don't:
+        // groupSearchFilter: '(memberUid={{dn}})',
+      }
+    }, { logger: log });
+
     auth.authenticate('user', 'password', function (err, results) {
       (err === null).should.be.true;
       results[0].should.equal('user');
       done();
     });
+
   });
 });