Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes: This PR adds a
USE_LDAP
environment variable which would replace the email-and-password authentication strategy with an LDAP server (usingpassport-ldapauth
).I have tested the PR with
lldap
by modifying thedocker-compose-development.yml
file to look like:(and subsequently logging into lldap at http://localhost:17170/ as
admin/test1234
and creating a newtest/testpassword
user for the editor (as configured in .env.example) and adding it to thelldap_strict_readonly
group, and auser/user@example.com/somepass
user for testing the login flow itself)Currently, this PR does not disable changing one's password once logged in, either in the backend or frontend -- however, since passwords are handled by LDAP, such changes are completely ineffective. Likewise, this PR does not currently disable username+password signups, even though they no longer function when LDAP is enabled. Hence, I have marked it as a "draft" for the moment. Please let me know if you are interested in merging this feature, and I'll try to polish the leftover rough edges (:
I have verified that this pull request:
npm run lint
)npm run test
)develop
branch.Fixes #123
-- does not have an issue, let me know if I should do this.