atinux
commented
2 months ago I have zero knowledge on LDAP auth actually, do you have any resources to explain it?
Open Dino-Kupinic opened 2 months ago
atinux
commented
2 months ago I have zero knowledge on LDAP auth actually, do you have any resources to explain it?
Dino-Kupinic
commented
2 months ago I have zero knowledge on LDAP auth actually, do you have any resources to explain it?
I'm not an expert on this topic, but I found these articles:
https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol
https://www.redhat.com/en/topics/security/what-is-ldap-authentication
https://jumpcloud.com/blog/what-is-ldap-authentication
I also found this library: https://www.npmjs.com/package/ldap-authentication
LDAP auth would allow users to use the same account they already use with windows, microsoft outlook etc. Big plus for internal apps and getting approval from sys admins
jaketig
commented
2 months ago I am using the ldapts library with this module
Here's a stripped down version of how I'm doing it
/server/api/auth/login.post.js
import { Client } from 'ldapts';
export default defineEventHandler(async (event) => {
const { username, password } = await readBody(event)
const client = new Client({
url: 'ldap://mydomaincontroller.mydomain.local',
});
try {
await client.bind(`mydomain\\${username}`, password);
loginSuccess = true;
}
catch {
throw createError({
statusCode: 403,
statusMessage: 'Invalid Username or Password',
})
}
finally {
await client.unbind();
}
await setUserSession(event, {
user: {
...
},
})
return sendNoContent(event)
})
Are there any plans for LDAP auth? This feature is relevant for Microsoft Windows based infrastructure (Windows Domain Controller), mostly on-prem.
It is still widely used in Enterprise, though rather legacy compared to SAML and OAuth. I think this might make Nuxt more compelling for these larger organizations (even schools etc.)
thoughts?