lianyi/Install passport-ldapauth

## authentication.client.controller.js
// public/modules/users/controllers/authentication.client.controller.js

// ...
// Change $http.post to point to /auth/ldap
$scope.signin = function() {
			$http.post('/auth/ldap', $scope.credentials).success(function(response) {
// ...

## Install passport-ldapauth
npm install -S passport-ldapauth

## ldap.js
// config/env/ldap.js

'use strict';

module.exports = {
  url: process.env.LDAP_URL || '',
  bindDn: process.env.LDAP_BINDDN || '',
  bindCredentials: process.env.LDAP_BINDCREDENTIALS || '',
  searchBase: process.env.LDAP_SEARCHBASE || '',
  searchFilter: process.env.LDAP_SEARCHFILTER || ''
};

## ldapauth.js
// config/strategies/ldapauth.js

'use strict';

/**
 * Module dependencies.
 */
var passport = require('passport'),
	url = require('url'),
	LDAPStrategy = require('passport-ldapauth').Strategy,
	config = require('../config'),
	users = require('../../app/controllers/users.server.controller'),
	ldapConfig = require('../env/ldap');

module.exports = function() {
	// Use LDAP strategy
	passport.use(new LDAPStrategy({
		  server: {
				url: ldapConfig.url,
				bindDn: ldapConfig.bindDn,
				bindCredentials: ldapConfig.bindCredentials,
				searchBase: ldapConfig.searchBase,
				searchFilter: ldapConfig.searchFilter
			},
			passReqToCallback: true
		},
		function(req, user, done) {
			console.log('this gets processed FIRST on success, NEVER on error');

			// Create the user OAuth profile
			var providerUserProfile = {
				displayName: user.cn,
				email: user.mail,
				username: user.sAMAccountName,
				firstName: user.givenName,
				lastName: user.sn,
				provider: 'ldap',
				providerIdentifierField: 'id'
			};

			users.ldapauthSaveUserProfile(req, providerUserProfile, done);
		}
	));
};

## users.authentication.server.controller.js
// app/controllers/users/users.authentication.server.controller.js

var passport = require('passport');

// ...

exports.ldapauth = function() {
	return function(req, res, next) {
		passport.authenticate('ldapauth', function (err, user, info, statusCode) {
			console.log('This gets processed FIRST on error/LAST on success');
			if (err || !user) {
				if (err) {
					return res.status(400).send({
						message: errorHandler.getErrorMessage(err)
					});
				}
				return res.status(statusCode).send({
					message: info.message
				});
			}
			req.login(user, function(err) {
				if (err) {
					// not sure if this should be 400 or 401
					return res.status(401).send({
						message: err.toString()
					});
				}
				return res.json(user);
			});
		})(req, res, next);
	};
};

exports.ldapauthSaveUserProfile = function(req, providerUserProfile, done) {
	User.findOne({
		username: providerUserProfile.username
	}, function(err, user) {
		if (err) {
			return done(err);
		} else {
			if (!user) {
				var possibleUsername = providerUserProfile.username || ((providerUserProfile.email) ? providerUserProfile.email.split('@')[0] : '');

				User.findUniqueUsername(possibleUsername, null, function(availableUsername) {
					user = new User({
						username: possibleUsername,
						displayName: providerUserProfile.displayName,
						email: providerUserProfile.email,
						provider: providerUserProfile.provider,
						firstName: providerUserProfile.firstName,
						lastName: providerUserProfile.lastName,
					});

					// And save the user
					user.save(function(err) {
						return done(err, user);
					});
				});
			} else {
				return done(err, user);
			}
		}
	});
};

// ...

## users.server.routes.js
// app/routes/users.server.routes.js

// ...

app.route('/auth/ldap').post(users.ldapauth());

// ...
	// public/modules/users/controllers/authentication.client.controller.js

	// ...
	// Change $http.post to point to /auth/ldap
	$scope.signin = function() {
	$http.post('/auth/ldap', $scope.credentials).success(function(response) {
	// ...
	// config/env/ldap.js

	'use strict';

	module.exports = {
	url: process.env.LDAP_URL \|\| '',
	bindDn: process.env.LDAP_BINDDN \|\| '',
	bindCredentials: process.env.LDAP_BINDCREDENTIALS \|\| '',
	searchBase: process.env.LDAP_SEARCHBASE \|\| '',
	searchFilter: process.env.LDAP_SEARCHFILTER \|\| ''
	};
	// config/strategies/ldapauth.js

	'use strict';

	/**
	* Module dependencies.
	*/
	var passport = require('passport'),
	url = require('url'),
	LDAPStrategy = require('passport-ldapauth').Strategy,
	config = require('../config'),
	users = require('../../app/controllers/users.server.controller'),
	ldapConfig = require('../env/ldap');

	module.exports = function() {
	// Use LDAP strategy
	passport.use(new LDAPStrategy({
	server: {
	url: ldapConfig.url,
	bindDn: ldapConfig.bindDn,
	bindCredentials: ldapConfig.bindCredentials,
	searchBase: ldapConfig.searchBase,
	searchFilter: ldapConfig.searchFilter
	},
	passReqToCallback: true
	},
	function(req, user, done) {
	console.log('this gets processed FIRST on success, NEVER on error');

	// Create the user OAuth profile
	var providerUserProfile = {
	displayName: user.cn,
	email: user.mail,
	username: user.sAMAccountName,
	firstName: user.givenName,
	lastName: user.sn,
	provider: 'ldap',
	providerIdentifierField: 'id'
	};

	users.ldapauthSaveUserProfile(req, providerUserProfile, done);
	}
	));
	};
	// app/controllers/users/users.authentication.server.controller.js

	var passport = require('passport');

	// ...

	exports.ldapauth = function() {
	return function(req, res, next) {
	passport.authenticate('ldapauth', function (err, user, info, statusCode) {
	console.log('This gets processed FIRST on error/LAST on success');
	if (err \|\| !user) {
	if (err) {
	return res.status(400).send({
	message: errorHandler.getErrorMessage(err)
	});
	}
	return res.status(statusCode).send({
	message: info.message
	});
	}
	req.login(user, function(err) {
	if (err) {
	// not sure if this should be 400 or 401
	return res.status(401).send({
	message: err.toString()
	});
	}
	return res.json(user);
	});
	})(req, res, next);
	};
	};

	exports.ldapauthSaveUserProfile = function(req, providerUserProfile, done) {
	User.findOne({
	username: providerUserProfile.username
	}, function(err, user) {
	if (err) {
	return done(err);
	} else {
	if (!user) {
	var possibleUsername = providerUserProfile.username \|\| ((providerUserProfile.email) ? providerUserProfile.email.split('@')[0] : '');

	User.findUniqueUsername(possibleUsername, null, function(availableUsername) {
	user = new User({
	username: possibleUsername,
	displayName: providerUserProfile.displayName,
	email: providerUserProfile.email,
	provider: providerUserProfile.provider,
	firstName: providerUserProfile.firstName,
	lastName: providerUserProfile.lastName,
	});

	// And save the user
	user.save(function(err) {
	return done(err, user);
	});
	});
	} else {
	return done(err, user);
	}
	}
	});
	};

	// ...
	// app/routes/users.server.routes.js

	// ...

	app.route('/auth/ldap').post(users.ldapauth());

	// ...