Passing the Authorization: NTLM in the header for the subsequent request

auth0 / passport-windowsauth

Windows Authentication strategy for Passport.js

MIT License

178 stars 54 forks source link

Passing the Authorization: NTLM in the header for the subsequent request #41

Open manoharank5 opened 8 years ago

manoharank5 commented 8 years ago

I am able to login successfully with the Passport-WindowsAuth. I don't want to pass the credential information every time to the server. Is there any way to use the Authorization header with this library? so that i can pass the token for all the subsequent requests. I haven't seen any code in the library ,Any help will be appreciated

Thanks Manoharan

ajayambre commented 7 years ago

Have a look at this https://github.com/einfallstoll/express-ntlm

Use this middleware before passport

app.use(ntlm({
    debug: function() {
        var args = Array.prototype.slice.apply(arguments);
        console.log.apply(null, args);
    },
    domain: '<yourdomain>',
    domaincontroller: 'ldap://<your ldap server host ip>,
}));

This will set req.ntlm to {UserName, DomainName, Workstation} You will have to set these options in the WindowsStratregy configuration

integrated: true,
passReqToCallback: true,
getUserNameFromHeader: function (req) {
  return req.ntlm['UserName'];  
}

jfromaniello commented 7 years ago

@manoharank5 sorry for the long delay, I missed this notification the first time but I got one with the new comment.

You can ask for authentication in one endpoint, if passport is properly configured with session it will store the user in the session.

Otherwise you can return a token on the endpoint where you request authentication, and then use that token to authenticate to any other endpoint. The trick is that you use passport.authenticate('WindowsAuthentication')' in the endpoint where you want WindowsAuth and then you can usepassport.authenticate('SomeTokenStrategy')` for everything else.