2020-04-22 15:33:35 +02:00
|
|
|
"use strict";
|
|
|
|
|
|
|
|
const log = require("../log");
|
|
|
|
const colors = require("chalk");
|
|
|
|
|
|
|
|
// The order defines priority: the first available plugin is used.
|
|
|
|
// Always keep 'local' auth plugin at the end of the list; it should always be enabled.
|
|
|
|
const plugins = [require("./auth/ldap"), require("./auth/local")];
|
|
|
|
|
|
|
|
function unimplemented(funcName) {
|
|
|
|
log.debug(
|
|
|
|
`Auth module ${colors.bold(
|
|
|
|
module.exports.moduleName
|
|
|
|
)} doesn't implement function ${colors.bold(funcName)}`
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Default API implementations
|
|
|
|
module.exports = {
|
|
|
|
moduleName: "<module with no name>",
|
|
|
|
|
|
|
|
// Must override: implements authentication mechanism
|
|
|
|
auth: () => unimplemented("auth"),
|
2020-04-22 15:33:09 +02:00
|
|
|
|
|
|
|
// Optional to override: implements filter for loading users at start up
|
|
|
|
// This allows an auth plugin to check if a user is still acceptable, if the plugin
|
|
|
|
// can do so without access to the user's unhashed password.
|
|
|
|
// Returning 'false' triggers fallback to default behaviour of loading all users
|
|
|
|
loadUsers: () => false,
|
2020-04-22 15:33:35 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
// local auth should always be enabled, but check here to verify
|
|
|
|
let somethingEnabled = false;
|
|
|
|
|
|
|
|
// Override default API stubs with exports from first enabled plugin found
|
|
|
|
for (const plugin of plugins) {
|
|
|
|
if (plugin.isEnabled()) {
|
|
|
|
somethingEnabled = true;
|
|
|
|
|
|
|
|
for (const name in plugin) {
|
|
|
|
module.exports[name] = plugin[name];
|
|
|
|
}
|
|
|
|
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!somethingEnabled) {
|
|
|
|
log.error("None of the auth plugins is enabled");
|
|
|
|
}
|