diff --git a/src/plugins/auth.js b/src/plugins/auth.js new file mode 100644 index 00000000..e53fb3ee --- /dev/null +++ b/src/plugins/auth.js @@ -0,0 +1,44 @@ +"use strict"; + +const log = require("../log"); +const colors = require("chalk"); + +// The order defines priority: the first available plugin is used. +// Always keep 'local' auth plugin at the end of the list; it should always be enabled. +const plugins = [require("./auth/ldap"), require("./auth/local")]; + +function unimplemented(funcName) { + log.debug( + `Auth module ${colors.bold( + module.exports.moduleName + )} doesn't implement function ${colors.bold(funcName)}` + ); +} + +// Default API implementations +module.exports = { + moduleName: "", + + // Must override: implements authentication mechanism + auth: () => unimplemented("auth"), +}; + +// local auth should always be enabled, but check here to verify +let somethingEnabled = false; + +// Override default API stubs with exports from first enabled plugin found +for (const plugin of plugins) { + if (plugin.isEnabled()) { + somethingEnabled = true; + + for (const name in plugin) { + module.exports[name] = plugin[name]; + } + + break; + } +} + +if (!somethingEnabled) { + log.error("None of the auth plugins is enabled"); +} diff --git a/src/plugins/auth/ldap.js b/src/plugins/auth/ldap.js index 18441e5e..091c892e 100644 --- a/src/plugins/auth/ldap.js +++ b/src/plugins/auth/ldap.js @@ -144,6 +144,7 @@ function isLdapEnabled() { } module.exports = { + moduleName: "ldap", auth: ldapAuth, isEnabled: isLdapEnabled, }; diff --git a/src/plugins/auth/local.js b/src/plugins/auth/local.js index e5ff367c..1b062f31 100644 --- a/src/plugins/auth/local.js +++ b/src/plugins/auth/local.js @@ -46,6 +46,7 @@ function localAuth(manager, client, user, password, callback) { } module.exports = { + moduleName: "local", auth: localAuth, isEnabled: () => true, }; diff --git a/src/server.js b/src/server.js index a5a08c06..59f7e33b 100644 --- a/src/server.js +++ b/src/server.js @@ -17,16 +17,13 @@ const net = require("net"); const Identification = require("./identification"); const changelog = require("./plugins/changelog"); const inputs = require("./plugins/inputs"); +const Auth = require("./plugins/auth"); const themes = require("./plugins/packages/themes"); themes.loadLocalThemes(); const packages = require("./plugins/packages/index"); -// The order defined the priority: the first available plugin is used -// ALways keep local auth in the end, which should always be enabled. -const authPlugins = [require("./plugins/auth/ldap"), require("./plugins/auth/local")]; - // A random number that will force clients to reload the page if it differs const serverHash = Math.floor(Date.now() * Math.random()); @@ -854,18 +851,7 @@ function performAuthentication(data) { } // Perform password checking - let auth = () => { - log.error("None of the auth plugins is enabled"); - }; - - for (let i = 0; i < authPlugins.length; ++i) { - if (authPlugins[i].isEnabled()) { - auth = authPlugins[i].auth; - break; - } - } - - auth(manager, client, data.user, data.password, authCallback); + Auth.auth(manager, client, data.user, data.password, authCallback); } function reverseDnsLookup(ip, callback) {