From b4e62c84252d09ff478a20a63911b1eb9cb56148 Mon Sep 17 00:00:00 2001 From: Philip Molares Date: Sat, 2 Apr 2022 22:34:54 +0200 Subject: [PATCH] feat: add ldap login to auth controller Signed-off-by: Philip Molares --- src/api/private/auth/auth.controller.ts | 31 ++++++++++++++++++++----- 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/src/api/private/auth/auth.controller.ts b/src/api/private/auth/auth.controller.ts index 72f7099fd..3fc28ea01 100644 --- a/src/api/private/auth/auth.controller.ts +++ b/src/api/private/auth/auth.controller.ts @@ -8,6 +8,7 @@ import { Body, Controller, Delete, + Param, Post, Put, Req, @@ -17,6 +18,8 @@ import { ApiTags } from '@nestjs/swagger'; import { Session } from 'express-session'; import { IdentityService } from '../../../identity/identity.service'; +import { LdapLoginDto } from '../../../identity/ldap/ldap-login.dto'; +import { LdapAuthGuard } from '../../../identity/ldap/ldap.strategy'; import { LocalAuthGuard } from '../../../identity/local/local.strategy'; import { LoginDto } from '../../../identity/local/login.dto'; import { RegisterDto } from '../../../identity/local/register.dto'; @@ -30,6 +33,13 @@ import { OpenApi } from '../../utils/openapi.decorator'; import { RegistrationEnabledGuard } from '../../utils/registration-enabled.guard'; import { RequestUser } from '../../utils/request-user.decorator'; +type RequestWithSession = Request & { + session: { + authProvider: string; + user: string; + }; +}; + @ApiTags('auth') @Controller('auth') export class AuthController { @@ -76,12 +86,7 @@ export class AuthController { @OpenApi(201, 400, 401) login( @Req() - request: Request & { - session: { - authProvider: string; - user: string; - }; - }, + request: RequestWithSession, @Body() loginDto: LoginDto, ): void { // There is no further testing needed as we only get to this point if LocalAuthGuard was successful @@ -89,6 +94,20 @@ export class AuthController { request.session.authProvider = 'local'; } + @UseGuards(LdapAuthGuard) + @Post('ldap/:ldapIdentifier') + @OpenApi(201, 400, 401) + loginWithLdap( + @Req() + request: RequestWithSession, + @Param('ldapIdentifier') ldapIdentifier: string, + @Body() loginDto: LdapLoginDto, + ): void { + // There is no further testing needed as we only get to this point if LocalAuthGuard was successful + request.session.user = loginDto.username; + request.session.authProvider = 'ldap'; + } + @UseGuards(SessionGuard) @Delete('logout') @OpenApi(204, 400, 401)