feat: implemented LDAP authentication

2026-01-09 23:40:06 +00:00 · 2022-09-29 18:41:28 +05:00
parent 375f924f45
commit f915c51b07
21 changed files with 1001 additions and 19 deletions
--- a/api/src/routes/api/authConfig.ts
+++ b/api/src/routes/api/authConfig.ts
@@ -0,0 +1,25 @@
+import express from 'express'
+import { AuthConfigController } from '../../controllers'
+const authConfigRouter = express.Router()
+
+authConfigRouter.get('/', async (req, res) => {
+  const controller = new AuthConfigController()
+  try {
+    const response = controller.getDetail()
+    res.send(response)
+  } catch (err: any) {
+    res.status(500).send(err.toString())
+  }
+})
+
+authConfigRouter.post('/synchronizeWithLDAP', async (req, res) => {
+  const controller = new AuthConfigController()
+  try {
+    const response = await controller.synchronizeWithLDAP()
+    res.send(response)
+  } catch (err: any) {
+    res.status(500).send(err.toString())
+  }
+})
+
+export default authConfigRouter
--- a/api/src/routes/api/group.ts
+++ b/api/src/routes/api/group.ts
@@ -1,12 +1,17 @@
 import express from 'express'
 import { GroupController } from '../../controllers/'
-import { authenticateAccessToken, verifyAdmin } from '../../middlewares'
+import {
+  ldapRestrict,
+  authenticateAccessToken,
+  verifyAdmin
+} from '../../middlewares'
 import { getGroupValidation, registerGroupValidation } from '../../utils'

 const groupRouter = express.Router()

 groupRouter.post(
  '/',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdmin,
  async (req, res) => {
@@ -82,6 +87,7 @@ groupRouter.get(

 groupRouter.post(
  '/:groupId/:userId',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdmin,
  async (req, res) => {
@@ -106,6 +112,7 @@ groupRouter.post(

 groupRouter.delete(
  '/:groupId/:userId',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdmin,
  async (req, res) => {
@@ -130,6 +137,7 @@ groupRouter.delete(

 groupRouter.delete(
  '/:groupId',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdmin,
  async (req, res) => {
--- a/api/src/routes/api/index.ts
+++ b/api/src/routes/api/index.ts
@@ -18,6 +18,7 @@ import clientRouter from './client'
 import authRouter from './auth'
 import sessionRouter from './session'
 import permissionRouter from './permission'
+import authConfigRouter from './authConfig'

 const router = express.Router()

@@ -43,6 +44,14 @@ router.use(
  permissionRouter
 )

+router.use(
+  '/authConfig',
+  desktopRestrict,
+  authenticateAccessToken,
+  verifyAdmin,
+  authConfigRouter
+)
+
 router.use(
  '/',
  swaggerUi.serve,
--- a/api/src/routes/api/user.ts
+++ b/api/src/routes/api/user.ts
@@ -3,7 +3,8 @@ import { UserController } from '../../controllers/'
 import {
  authenticateAccessToken,
  verifyAdmin,
-  verifyAdminIfNeeded
+  verifyAdminIfNeeded,
+  ldapRestrict
 } from '../../middlewares'
 import {
  deleteUserValidation,
@@ -14,18 +15,24 @@ import {

 const userRouter = express.Router()

-userRouter.post('/', authenticateAccessToken, verifyAdmin, async (req, res) => {
-  const { error, value: body } = registerUserValidation(req.body)
-  if (error) return res.status(400).send(error.details[0].message)
+userRouter.post(
+  '/',
+  ldapRestrict,
+  authenticateAccessToken,
+  verifyAdmin,
+  async (req, res) => {
+    const { error, value: body } = registerUserValidation(req.body)
+    if (error) return res.status(400).send(error.details[0].message)

-  const controller = new UserController()
-  try {
-    const response = await controller.createUser(body)
-    res.send(response)
-  } catch (err: any) {
-    res.status(403).send(err.toString())
+    const controller = new UserController()
+    try {
+      const response = await controller.createUser(body)
+      res.send(response)
+    } catch (err: any) {
+      res.status(403).send(err.toString())
+    }
  }
-})
+)

 userRouter.get('/', authenticateAccessToken, async (req, res) => {
  const controller = new UserController()
@@ -70,6 +77,7 @@ userRouter.get('/:userId', authenticateAccessToken, async (req, res) => {

 userRouter.patch(
  '/by/username/:username',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdminIfNeeded,
  async (req, res) => {
@@ -98,6 +106,7 @@ userRouter.patch(

 userRouter.patch(
  '/:userId',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdminIfNeeded,
  async (req, res) => {
@@ -120,6 +129,7 @@ userRouter.patch(

 userRouter.delete(
  '/by/username/:username',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdminIfNeeded,
  async (req, res) => {
@@ -148,6 +158,7 @@ userRouter.delete(

 userRouter.delete(
  '/:userId',
+  ldapRestrict,
  authenticateAccessToken,
  verifyAdminIfNeeded,
  async (req, res) => {