I am trying to workout how I would incorporate LDAP authentication into my app.
I have searched google and can not find anything related to Adonis. If anyone knows it has already been done, please let me know.
My thought for a simple implementation would be to be add basic LDAP bind method to a UserController.login method.
If the bind is successful then check if the username exists in the local database.
- If it does not exist
– create a new user.
- If the user does exist
– update the local users password with the provided password to ensure the account is protected and the password is in sync with LDAP.
– use auth.attempt as normal to get a json token
– return token to client.
Can anyone see any security issues doing this?