Having trouble with LDAP authentification


#1

I am using the LDAP authentication in my application. So I need to pass the username/password to the server, I used Meteor.methods and Meteor.call but the authentication doesn’t always work.

My JS file client/login.js is like this :

Template.login.events({
‘submit .m-t’(event) {
event.preventDefault();
const target = event.target;
const login = target.login.value;
const password = target.password.value;

  Meteor.call('sendLoginInfo', login, password, function(error, result){
    if(result === 1){
      Router.go('home');
    }else{
      Router.go('login'); //Stay in login page
    }
  });
}

});

My JS file server/ldap.js is like this:

Meteor.methods({
‘sendLoginInfo’: function(login, password){
var ldap = Npm.require(‘ldapjs’);
var ssha = Npm.require(“ssha”);
Future = Npm.require(‘fibers/future’);
var myFuture = new Future();
var result = 0 ;
var client = ldap.createClient({
url: ‘ldap://localhost:389’
});
client.bind(‘cn=xxx’, ‘xxx’, function(err) {
var opts = {
scope: ‘sub’,
attributes: [‘dn’, ‘sn’, ‘cn’]
};
client.search(‘cn=users,cn=accounts,dc=swallow,dc=tn’, opts, function(err, res) {
res.on(‘searchEntry’, function(entry) {
var jsonEntry = JSON.parse(JSON.stringify(entry.object));
console.log('Json entry: ’ + JSON.stringify(entry.object));
console.log('Json entry login(sn) : ’ + jsonEntry.sn);
console.log('Json entry Password(userPassword) : ’ + jsonEntry.userPassword);
if( login === jsonEntry.sn && ssha.verify(password, jsonEntry.userPassword)){
console.log(“Success”);
result = 1;
myFuture.return(result);
}else{
console.log(“Denied”);
}
});
});
});
console.log(“result :”+myFuture.wait());
return myFuture.wait();
}
});

When I enter the wrong information, I get the excepted result (Access denied) so I try entering the correct information in the same page however the login doesn’t seem to work and I have to refresh the page. Basically what happens is that the button click event is just detected once and I have to refresh the page for it to be able to be detected again.

Any help here ! :sweat:


#2

Where does that come from, I can’t find that in your code.

What I suspect is that an error is raised somewhere and that will fail the method. And therefore implicitly gives you the idea that you handled the failed login.

When it’s successful you really check for a result and that won’t happen. So it is likely about the return values from the method.

Can you show the output of the server console?

ps: Could you indent your code, it’s hard to read this way.


#3

Sorry just “Denied” !

Json entry login(sn) : admin
Json entry Password(userPassword) : {SSHA}doUA2BM+Mb+O/LOt1dD0AK4eGE9T1dRgRMfgWw==
Success
result :1

For the correct login/password.


#4

So you don’t really login to Meteor actually, you just send some data to the server and then you return a result, correct?

You problem is in those Futures I assume. Cannot debug it for you but from what I see the future result just doesn’t come back to the client at first sight. You need to debug that. It looks like you use the model as described here:

https://www.discovermeteor.com/patterns/5828399

What do you get back on the client? And doesn’t that console.log(“result :”+myFuture.wait()); conflict because it receives the result? Not sure on that, just some ideas.

Did you try existing packages for LDAP?

Don’t you want a real login? Did you see things like this:


#5

Solved, I have to add in client.search function:

else{
result = 0;
myFuture.return(result);
console.log(“Denied”);
}

Add this 2 lines result = 0; and myFuture.return(result);

Thank you :wink: