velveteer/ldap.ls Secret

## ldap.ls
assert  = Meteor.require 'assert'
ldap    = Meteor.require 'ldapjs'
Future  = Meteor.require 'fibers/future'

LDAP = {}
LDAP.url = 'XXXXXXX'
LDAP.cert = Assets.getText 'edir-wildcard.pem'
LDAP.searchOu = 'ou=XXX,o=XXXX'
LDAP.searchQuery = (user) -> filter: "(cn=#{user})", scope: 'sub'

LDAP.checkAccount = (options) ->
  LDAP.client = ldap.createClient do
    url: LDAP.url
    tlsOptions: cert: LDAP.cert

  options = options or {}
  dn = []
  future = new Future!

  if options.password.length is 0 or
  options.username.length is 0
    future['return'] void
    return void

  LDAP.client.search do
    LDAP.searchOu
    LDAP.searchQuery options.username
    (err, search) ->

      assert.ifError err

      do
        entry <- search.on 'searchEntry'
        dn.push entry.objectName
        LDAP.displayName = entry.object.displayName

      do
        err <- search.on 'error'
        throw new Meteor.Error 500, "LDAP server error"

      do
        search.on 'end', ->
          if dn.length == 0
            future['return'] false
            return false
          err <-  LDAP.client.bind dn[0], options.password
          if err
            future['return'] false
            return false
          err <- LDAP.client.unbind!
          assert.ifError err
          future['return'] !err

  future.wait!


Accounts.registerLoginHandler 'ldap', (loginRequest) ->

  if LDAP.checkAccount loginRequest
    user = Meteor.users.findOne username: loginRequest.username
    if user
      userId = user._id
    else
      userId = Meteor.users.insert do
        username: loginRequest.username
        profile: name: LDAP.displayName

    userId: userId
	assert = Meteor.require 'assert'
	ldap = Meteor.require 'ldapjs'
	Future = Meteor.require 'fibers/future'

	LDAP = {}
	LDAP.url = 'XXXXXXX'
	LDAP.cert = Assets.getText 'edir-wildcard.pem'
	LDAP.searchOu = 'ou=XXX,o=XXXX'
	LDAP.searchQuery = (user) -> filter: "(cn=#{user})", scope: 'sub'

	LDAP.checkAccount = (options) ->
	LDAP.client = ldap.createClient do
	url: LDAP.url
	tlsOptions: cert: LDAP.cert

	options = options or {}
	dn = []
	future = new Future!

	if options.password.length is 0 or
	options.username.length is 0
	future['return'] void
	return void

	LDAP.client.search do
	LDAP.searchOu
	LDAP.searchQuery options.username
	(err, search) ->

	assert.ifError err

	do
	entry <- search.on 'searchEntry'
	dn.push entry.objectName
	LDAP.displayName = entry.object.displayName

	do
	err <- search.on 'error'
	throw new Meteor.Error 500, "LDAP server error"

	do
	search.on 'end', ->
	if dn.length == 0
	future['return'] false
	return false
	err <- LDAP.client.bind dn[0], options.password
	if err
	future['return'] false
	return false
	err <- LDAP.client.unbind!
	assert.ifError err
	future['return'] !err

	future.wait!


	Accounts.registerLoginHandler 'ldap', (loginRequest) ->

	if LDAP.checkAccount loginRequest
	user = Meteor.users.findOne username: loginRequest.username
	if user
	userId = user._id
	else
	userId = Meteor.users.insert do
	username: loginRequest.username
	profile: name: LDAP.displayName

	userId: userId