Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow using LDAP for user login #3068

Draft
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

bojidar-bg
Copy link

@bojidar-bg bojidar-bg commented Mar 26, 2024

Changes: This PR adds a USE_LDAP environment variable which would replace the email-and-password authentication strategy with an LDAP server (using passport-ldapauth).

I have tested the PR with lldap by modifying the docker-compose-development.yml file to look like:

# ...
services:
  # ...
  lldap:
    image: lldap/lldap:stable
    ports:
    - "17170:17170"
    - "3890:3890"
    environment:
    - LLDAP_LDAP_USER_PASS=test1234
  app:
    # ...
    environment:
      - MONGO_URL=mongodb://mongo:27017/p5js-web-editor
      - LDAP_URL=ldap://lldap:3890
      - USE_LDAP=true

(and subsequently logging into lldap at http://localhost:17170/ as admin/test1234 and creating a new test/testpassword user for the editor (as configured in .env.example) and adding it to the lldap_strict_readonly group, and a user/user@example.com/somepass user for testing the login flow itself)

Currently, this PR does not disable changing one's password once logged in, either in the backend or frontend -- however, since passwords are handled by LDAP, such changes are completely ineffective. Likewise, this PR does not currently disable username+password signups, even though they no longer function when LDAP is enabled. Hence, I have marked it as a "draft" for the moment. Please let me know if you are interested in merging this feature, and I'll try to polish the leftover rough edges (:

I have verified that this pull request:

  • has no linting errors (npm run lint)
  • has no test errors (npm run test)
  • is from a uniquely-named feature branch and is up to date with the develop branch.
  • is descriptively named and links to an issue number, i.e. Fixes #123 -- does not have an issue, let me know if I should do this.

Copy link

welcome bot commented Mar 26, 2024

🎉 Thanks for opening this pull request! Please check out our contributing guidelines if you haven't already.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant