我能夠通過LDAP進行身份驗證,但似乎無法弄清楚當用戶輸入無效的用戶名/密碼時如何捕獲錯誤。我有failureRedirect和其他東西設置,但是當錯誤發生時,它不會到達authenticate函數中的那一步。我試圖把沒有運氣的try catch函數放進去。無法通過passport-activedirectory捕獲InvalidCredentialsError
這裏是正在使用的鏈路到認證策略: https://www.npmjs.com/package/passport-activedirectory
前端 -I試圖改變的{{的#if錯誤}}到{{的#if failWithError}},以及。被顯示給用戶
{{#if error}}
<div class="alert alert-danger">
Warning! {{error}}
</div>
{{/if}}
**錯誤消息**在代碼
InvalidCredentialsError: 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580
at messageCallback (d:\........\node_modules\ldapjs\lib\client\client.js:1419:45)
at Parser.onMessage (d:\........\node_modules\ldapjs\lib\client\client.js:1089:14)
at emitOne (events.js:96:13)
at Parser.emit (events.js:188:7)
at Parser.write (d:\........\node_modules\ldapjs\lib\messages\parser.js:111:8)
at Socket.onData (d:\........\node_modules\ldapjs\lib\client\client.js:1076:22)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
at readableAddChunk (_stream_readable.js:176:18)
at Socket.Readable.push (_stream_readable.js:134:10)
塊.. \ node_modules \ ldapjs \ lib中\客戶\ client.js線1419
if (expect.indexOf(msg.status) === -1) {
return sendResult('error', errors.getError(msg));
}
auth.js
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
個
passport.js
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};