Skip to content

Commit 3487297

Browse files
rubentalstrarubentalstra
authored
🚀 feat: Add support for LDAP STARTTLS in LDAP Auth (danny-avila#6438)
1 parent 69ff9cc commit 3487297

File tree

2 files changed

+4
-0
lines changed

2 files changed

+4
-0
lines changed

‎.env.example

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -444,6 +444,7 @@ LDAP_USER_SEARCH_BASE=
444444
LDAP_SEARCH_FILTER=mail={{username}}
445445
LDAP_CA_CERT_PATH=
446446
# LDAP_TLS_REJECT_UNAUTHORIZED=
447+
# LDAP_STARTTLS=
447448
# LDAP_LOGIN_USES_USERNAME=true
448449
# LDAP_ID=
449450
# LDAP_USERNAME=

‎api/strategies/ldapStrategy.js

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ const {
1818
LDAP_USERNAME,
1919
LDAP_EMAIL,
2020
LDAP_TLS_REJECT_UNAUTHORIZED,
21+
LDAP_STARTTLS,
2122
} = process.env;
2223

2324
// Check required environment variables
@@ -50,6 +51,7 @@ if (LDAP_EMAIL) {
5051
searchAttributes.push(LDAP_EMAIL);
5152
}
5253
const rejectUnauthorized = isEnabled(LDAP_TLS_REJECT_UNAUTHORIZED);
54+
const startTLS = isEnabled(LDAP_STARTTLS);
5355

5456
const ldapOptions = {
5557
server: {
@@ -72,6 +74,7 @@ const ldapOptions = {
7274
})(),
7375
},
7476
}),
77+
...(startTLS && { starttls: true }),
7578
},
7679
usernameField: 'email',
7780
passwordField: 'password',

0 commit comments

Comments
 (0)