Add basic LDAP bind functionality

app/ldap/middleware/BindUser.middleware.js

@@ -0,0 +1,33 @@
+const LDAPMiddleware = require('./LDAPMiddleware')
+const LDAP = require('ldapjs')
+
+class BindUserMiddleware extends LDAPMiddleware {
+    static get services() {
+        return [...super.services, 'canon', 'output', 'ldap_server']
+    }
+
+    async test(req, res, next) {
+        const bind_dn = req.connection.ldap.bindDN
+
+        if ( bind_dn.equals(this.ldap_server.anonymous()) ) {
+            this.output.warn(`Blocked anonymous LDAP request on user-protected route.`)
+            return next(new LDAP.InsufficientAccessRightsError())
+        }
+
+        const user = this.user_controller().get_uid_from_dn(bind_dn)
+        if ( !user || !user.can('ldap:bind') ) {
+            return next(new LDAP.InvalidCredentialsError())
+        }
+
+        req.user = user
+        req.bindDN = bind_dn
+
+        return next()
+    }
+
+    user_controller() {
+        return this.canon.get('ldap_controller::Users')
+    }
+}
+
+module.exports = exports = BindUserMiddleware

app/ldap/middleware/Logger.middleware.js

@@ -0,0 +1,15 @@
+const LDAPMiddleware = require('./LDAPMiddleware')
+
+class LDAPLoggerMiddleware extends LDAPMiddleware {
+    static get services() {
+        return [...super.services, 'app', 'output']
+    }
+
+    async test(req, res, next) {
+        let bind_dn = req.connection.ldap.bindDN
+        this.output.info(`${req.json.protocolOp} - as ${bind_dn ? bind_dn.format({skipSpace: true}) : 'N/A'} - target ${req.dn.format({skipSpace: true})}`)
+        return next()
+    }
+}
+
+module.exports = exports = LDAPLoggerMiddleware