From 9e9be76918fc2bd311582593bbd8fa5a4b1304eb Mon Sep 17 00:00:00 2001 From: Alexandre-io Date: Wed, 25 Jul 2018 09:38:19 +0200 Subject: [PATCH] fix(Auth): fix ldap cache by using a single instance of ldapauth --- README.md | 3 ++- index.js | 24 ++++++++++-------------- tests/integration/test.spec.js | 32 +++++++++++++++++--------------- 3 files changed, 29 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index c1b87bf..6beeece 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,8 @@ auth: # Else, if you don't (use one or the other): # groupSearchFilter: '(memberUid={{dn}})' # - # Optional, default false. If true, then up to 100 credentials at a time will be cached for 5 minutes. + # Optional, default false. + # If true, then up to 100 credentials at a time will be cached for 5 minutes. cache: false # Optional reconnect: true diff --git a/index.js b/index.js index bdb98a2..6d3d754 100644 --- a/index.js +++ b/index.js @@ -20,6 +20,15 @@ function Auth(config, stuff) { // TODO: Set more defaults self._config.groupNameAttribute = self._config.groupNameAttribute || 'cn'; + // ldap client + self._ldapClient = new LdapAuth(self._config.client_options); + + self._ldapClient.on('error', (err) => { + self._logger.warn({ + err: err, + }, `LDAP error ${err}`); + }); + return self; } @@ -29,12 +38,8 @@ module.exports = Auth; // Attempt to authenticate user against LDAP backend // Auth.prototype.authenticate = function (user, password, callback) { - const LdapClient = new LdapAuth(this._config.client_options); - - // https://github.com/vesse/node-ldapauth-fork/issues/61 - LdapClient.on('error', (err) => {}); - LdapClient.authenticateAsync(user, password) + this._ldapClient.authenticateAsync(user, password) .then((ldapUser) => { if (!ldapUser) return []; @@ -54,14 +59,5 @@ Auth.prototype.authenticate = function (user, password, callback) { return false; // indicates failure }) - .finally((ldapUser) => { - LdapClient.closeAsync() - .catch((err) => { - this._logger.warn({ - err: err - }, `LDAP error on close ${err}`); - }); - return ldapUser; - }) .asCallback(callback); }; diff --git a/tests/integration/test.spec.js b/tests/integration/test.spec.js index fd5938d..8eae420 100644 --- a/tests/integration/test.spec.js +++ b/tests/integration/test.spec.js @@ -1,29 +1,31 @@ const Auth = require('../../index'); const should = require('chai').should(); const bunyan = require('bunyan'); -const log = bunyan.createLogger({ name: 'myapp' }); +const log = bunyan.createLogger({ name: 'verdaccio-ldap' }); -const auth = new Auth({ - client_options: { - url: "ldap://localhost:4389", - searchBase: 'ou=users,dc=myorg,dc=com', - searchFilter: '(&(objectClass=posixAccount)(!(shadowExpire=0))(uid={{username}}))', - groupDnProperty: 'cn', - groupSearchBase: 'ou=groups,dc=myorg,dc=com', - // If you have memberOf: - searchAttributes: ['*', 'memberOf'], - // Else, if you don't: - // groupSearchFilter: '(memberUid={{dn}})', - } -}, { logger: log }); - describe('ldap auth', function () { it('should match user', function (done) { + + const auth = new Auth({ + client_options: { + url: "ldap://localhost:4389", + searchBase: 'ou=users,dc=myorg,dc=com', + searchFilter: '(&(objectClass=posixAccount)(!(shadowExpire=0))(uid={{username}}))', + groupDnProperty: 'cn', + groupSearchBase: 'ou=groups,dc=myorg,dc=com', + // If you have memberOf: + searchAttributes: ['*', 'memberOf'], + // Else, if you don't: + // groupSearchFilter: '(memberUid={{dn}})', + } + }, { logger: log }); + auth.authenticate('user', 'password', function (err, results) { (err === null).should.be.true; results[0].should.equal('user'); done(); }); + }); });