Add support for LDAP authentication

[palisadoes]

Talawa-Admin currently authenticates its users against the application’s database. In many cases organizations will want to use some sort of central authentication authority.

We need a Talawa-Admin option that delegates all password management to an external LDAP system.

1. The configuration must clearly show that LDAP is the authentication method of choice.
2. Both LDAP and LDAPS must be supported
3. The appropriate documentation must be created
4. Your code must be 100% tested to maintain our test coverage

[skbhagat0502]

@palisadoes I would like to work on this issue. Please assign me this issue.

[palisadoes]

1. @skbhagat0502 Please work with someone with a DevOps background on this. You will need to understand how to setup an LDAP server to help verify the operation.
2. When this is complete we would need to add a similar feature using Active Directory as the authentication and authorization back end, but as a separate issue

[skbhagat0502]

Ok @palisadoes I will work on the LDAP authentication first and will collaborate with someone with a DevOps background. Active Directory support is on the horizon. Thanks for the direction!

[skbhagat0502]

@palisadoes
Quick update:I have successfylly completed the Frontend implementation for LDAP authentication. Currently I am exploring the backend setup. I am thinking of creating a new issue for backend LDAP authentication in Talawa API. I am struggling to find out a DevOps collaborator, so I'm handling it solo for now. If you have any suggestions or guidelines then please let me know.
For the frontend part I have added separate buttons for Login with Ldap and Register with Ldap as you can see in the image. The buttons will handle the login and registration part using ldap.

I know "Login with Ldap" or "Register with Ldap" should be replaced with a good message that can be understood by anyone. If you have any specific thing in your mind that should be written in place of it then please tell me.

[skbhagat0502]

@noman2002 please tell me if you have any suggestions.Should I go for creating an issue in talawa-api.

[palisadoes]

To provide more clarity, the implementation would have to assume an external third party LDAP server, not the API running LDAP.

What modification were you thinking about for the back end?

[skbhagat0502]

@palisadoes I am considering the implementation of an LDAP client at the backend to enhance security by storing LDAP credentials on the server side. In this setup, when a user initiates a request from the frontend, the request is directed to the backend server. The backend, equipped with the configured LDAP client, handles the LDAP-related operations, such as authentication or registration, on behalf of the user. This approach ensures that LDAP credentials are securely managed within the server environment, reducing the risk of exposure. Once the backend receives a response from the LDAP server, it sends the appropriate data back to the frontend, completing the interaction.
I have never worked on implementing ldap authentication so I do not have much knowledge about it. I have gone through the documentation and I got that from there. Can you please help me in this? If I am wrong then please tell me how should I proceed.

[palisadoes]

That approach makes sense as it will simplify the security of the system by limiting measures to the API server.

[skbhagat0502]

Thanks @palisadoes, for your guidance.Just wanted to share that I've wrapped up the frontend and backend logics! Currently working on a minor issue, but once that's sorted, I'll dive into writing tests for the implemented logics. Planning to create an issue on the Talawa API and then push the changes for review in both repositories.

[palisadoes]

@aashimawadhwa will be handling all issue queries and seeking reviewers for PRs. When necessary, this contributor will contact other contributors who will be able to assist. Please ask them for guidance on your future questions.

[skbhagat0502]

Ok @palisadoes

[skbhagat0502]

@aashimawadhwa , what documentation do I need to create and where?

[github-actions]

This issue did not get any activity in the past 10 days and will be closed in 180 days if no update occurs. Please check if the develop branch has fixed it and report again or close the issue.

[palisadoes]

Closing due to inactivity and other priorities