auth

package.json

@@ -36,6 +36,7 @@
     "bootstrap": "^4.1.0",
     "bootstrap-select": "^1.13.18",
     "cookie-parser": "^1.4.7",
+    "craftlab-auth": "git+https://git.craftlab.cc/isundil/craftlab-auth.git",
     "datatables.net": "^2.3.4",
     "datatables.net-bs4": "^2.3.4",
     "datatables.net-columncontrol-bs4": "^1.1.0",

src/config.ts

@@ -1,5 +1,6 @@
 import path from "path";
 import os from 'os';
+import { LdapAuthenticationConfiguration } from 'craftlab-auth/dist'
 
 export interface Configuration {
     port: number;
@@ -9,6 +10,7 @@ export interface Configuration {
     masterPrivateKey: string;
     hostname: string;
     apiKeys: string[];
+    ldapAuthentication: LdapAuthenticationConfiguration|null
 }
 
 class ConfigurationManagerLoader {
@@ -32,7 +34,14 @@ class ConfigurationManagerLoader {
             masterPrivateKey: config.masterPrivateKey || "",
 
             apiKeys: config.apiKeys || [],
-            hostname: os.hostname()
+            hostname: os.hostname(),
+
+            ldapAuthentication: config.ldapAuthentication ? <LdapAuthenticationConfiguration>{
+                bindDnField: config.ldapAuthentication.bindDnField,
+                bindBase: config.ldapAuthentication.bindBase,
+                ldapUrl: config.ldapAuthentication.ldapUrl,
+                usernameField: config.ldapAuthentication.usernameField
+            } : null
         };
     }
 }

src/routes/htmlControllers.ts

@@ -1,6 +1,6 @@
 import Express, {Request, Response} from "express"
-import gUserService from "../services/userService";
 import ConfigurationManager from "../config";
+import gAuthenticationService from "../services/authenticationService";
 
 export class UnauthorizedUser extends Error {
     private isLoggedIn: boolean;
@@ -105,8 +105,8 @@ export class SecurityRequirement {
         gSessionManager.remove(req.cookies?.[COOKIE_SESSION]);
         res.cookie(COOKIE_SESSION, null);
     }
-    public static tryLogin(req: Request, res: Response, username: string, password: string): boolean {
-        if (!gUserService.tryLogin(username, password))
+    public static async tryLogin(req: Request, res: Response, username: string, password: string, totp: string|undefined): Promise<boolean> {
+        if (!await gAuthenticationService.getAuthenticationLoader().tryLogin(username, password, totp))
             return false;
         this.setLoggedUser(req, res);
         return true;
@@ -141,8 +141,8 @@ export class HtmlController {
         return res.redirect("/");
     }
 
-    private static postLogin(req: Request, res: Response) {
-        if (SecurityRequirement.tryLogin(req, res, req.body.username, req.body.password)) {
+    private static async postLogin(req: Request, res: Response) {
+        if (await SecurityRequirement.tryLogin(req, res, req.body.username, req.body.password, undefined)) {
             res.redirect("/");
             return;
         }

src/services/authenticationService.ts

@@ -0,0 +1,19 @@
+import { AuthenticationLoader, LdapAuthenticationHandler } from 'craftlab-auth/dist';
+import ConfigurationManager from '../config';
+
+class AuthenticationService {
+    private authenticationLoader: AuthenticationLoader = new AuthenticationLoader();
+
+    public constructor() {
+        if (ConfigurationManager.ldapAuthentication)
+            this.authenticationLoader.addAuthenticationHandler(new LdapAuthenticationHandler(ConfigurationManager.ldapAuthentication));
+    }
+
+    public getAuthenticationLoader(): AuthenticationLoader {
+        return this.authenticationLoader;
+    }
+}
+
+export type { AuthenticationService };
+const gAuthenticationService = new AuthenticationService();
+export default gAuthenticationService;

templates/login.handlebars

@@ -3,5 +3,6 @@
         <input type="text" id="login-username" name="username" />
         <input type="password" id="login-password" name="password" />
         <input type="submit" />
+        {{#if failed}}Wrong password{{/if}}
     </form>
 </section>