Merge pull request #178 from larrabee/master

[bugfix] Fix LDAP issue with OpenLDAP/MS AD

config/default.toml

@@ -112,6 +112,8 @@ host="localhost"
 port=3002
 baseDN="ou=users,dc=company"
 filter="(|(username={{username}})(mail={{username}}))"
+#Username field in LDAP (uid/cn/username)
+uidTag="username"
 passwordresetlink=""
 
 [postfixbounce]

lib/passport.js

@@ -16,7 +16,9 @@ let LdapStrategy;
 try {
     LdapStrategy = require('passport-ldapjs').Strategy; // eslint-disable-line global-require
 } catch (E) {
-    // ignore
+    if (config.ldap.enabled) {
+      log.info('LDAP', 'Module "passport-ldapjs" not installed. LDAP auth will fail.');
+    }
 }
 
 module.exports.csrfProtection = csrf({
@@ -80,27 +82,28 @@ if (config.ldap.enabled && LdapStrategy) {
         base: config.ldap.baseDN,
         search: {
             filter: config.ldap.filter,
-            attributes: ['username', 'mail'],
+            attributes: [config.ldap.uidTag, 'mail'],
             scope: 'sub'
-        }
+        },
+        uidTag: config.ldap.uidTag
     };
 
     passport.use(new LdapStrategy(opts, (profile, done) => {
-        users.findByUsername(profile.username, (err, user) => {
+        users.findByUsername(profile[config.ldap.uidTag], (err, user) => {
             if (err) {
                 return done(err);
             }
 
             if (!user) {
                 // password is empty for ldap
-                users.add(profile.username, '', profile.mail, (err, id) => {
+                users.add(profile[config.ldap.uidTag], '', profile.mail, (err, id) => {
                     if (err) {
                         return done(err);
                     }
 
                     return done(null, {
                         id,
-                        username: profile.username
+                        username: profile[config.ldap.uidTag]
                     });
                 });
             } else {