From fc8d709afb8a0ff78f649c9ec3b405a68b56a3c0 Mon Sep 17 00:00:00 2001 From: alecdwm Date: Wed, 14 Dec 2016 12:40:54 +0100 Subject: [PATCH] LDAP login improvements - return bad request if no username or password given - return to referer url on auth success - flash error message on auth failure --- app.js | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/app.js b/app.js index 440549617..e3ce93de6 100644 --- a/app.js +++ b/app.js @@ -382,9 +382,15 @@ if (config.google) { } // ldap auth if (config.ldap) { - app.post('/auth/ldap', urlencodedParser, - passport.authenticate('ldapauth', { successRedirect: '/' }) - ); + app.post('/auth/ldap', urlencodedParser, function (req, res, next) { + if (!req.body.username || !req.body.password) return response.errorBadRequest(res); + setReturnToFromReferer(req); + passport.authenticate('ldapauth', { + successReturnToOrRedirect: config.serverurl + '/', + failureRedirect: config.serverurl + '/', + failureFlash: true + })(req, res, next); + }); } // email auth if (config.email) {