This is simple PassportJS strategy for NTLM auth in Active Directory Domain.
Active Directory support is heavily inspired by express-ntlm.
npm i passport-ad --save
const PassportStrategy = require('passport-ad');
passport.use(new PassportStrategy({
domain: process.env.DOMAIN,
domaincontroller: process.env.DOMAINCONTROLLER
}, function(user, verified) {
return verified(null, user, null);
}));
app.use(passport.initialize({session: false}));
app.use(passport.authenticate('ntlm', {session: false}));
app.use(session({
secret: 'test-passport-ad',
resave: true,
saveUninitialized: true
}));
passport.use(new NtlmStrategy({
domain: process.env.DOMAIN,
domaincontroller: process.env.DOMAINCONTROLLER,
domainuser: {
user: process.env.USER,
pass: process.env.PSWD
},
session: true,
ttl: 1000
}, function(user, verified) {
return verified(null, user, null);
}));
app.use(passport.initialize({session: false}));
app.use(passport.authenticate('ntlm', {session: false}));
domain
- domain namedomaincontroller
- ldap url for domain controllerttl
- msec to store unused credentials.domainuser.user
- domain userdomainuser.user
- domain usersession
- is use session for store credentials
If a domainuser
is specified, then this user will be prompted for a domain for extended information.