Error getting user with passport about passport-ldapauth HOT 21 CLOSED

Hi,

The error is coming from this line from a function in passportjs so the cause of the error is not related to the example code above. Have you defined the serializeUser and deserializeUser function as described in the documentation (sessions section), or disabled sessions from your application?

(same issue opened also as jaredhanson/passport#215)

from passport-ldapauth.

I'm having the same error. Should I remove the line return done(e); in passportjs? What's the solution?

Thank you so much.

from passport-ldapauth.

@szimmerman123 Did you define the serializeUser and deserializeUser functions, or did you disable Passport.js sessions?

from passport-ldapauth.

Yes. I did using the following code:

passport.serializeUser(function(user, done) {
console.log('user : ' + user);
console.log('done : ' + done);
console.log('serializeUser was called');
done(null, user.profileID);
});

passport.deserializeUser(function(obj, done) {
console.log('deserializeUser was called');
done(null, obj);
});

from passport-ldapauth.

And you're getting the same error as the OP and also not running the latest version of passport-ldapauth? I really need to go to bed now but I'll try to help you tomorrow. As much related code that would be possible to provide would help (of course, usernames, passwords, ldap uris and such are not needed, mainly interested in the order how you initiate passport and how you construct your Express app.)

from passport-ldapauth.

@szimmerman123 I've now spent some time trying to reproduce but unsuccessfully. If you need assistance please provide enough code to reproduce.

from passport-ldapauth.

I'm bashing my head against this problem now too. I've been updating the letschat code to use LDAP authentication and got stuck with this similar error.

/home/tony/build/lets-chat/node_modules/mongoose/lib/utils.js:413
        throw err;
              ^

TypeError: object is not a function
    at pass (/home/tony/build/lets-chat/node_modules/passport/lib/passport/index.js:273:14)
    at Passport.serializeUser (/home/tony/build/lets-chat/node_modules/passport/lib/passport/index.js:275:5)
    at IncomingMessage.req.login.req.logIn (/home/tony/build/lets-chat/node_modules/passport-ldapauth/node_modules/passport/lib/http/request.js:48:29)
    at /home/tony/build/lets-chat/app/server.js:240:21
    at Context.delegate.success (/home/tony/build/lets-chat/node_modules/passport/lib/passport/middleware/authenticate.js:161:18)
    at Context.actions.success (/home/tony/build/lets-chat/node_modules/passport/lib/passport/context/http/actions.js:21:25)
    at null.<anonymous> (/home/tony/build/lets-chat/node_modules/passport-ldapauth/lib/passport-ldapauth/strategy.js:113:17)
    at Promise.<anonymous> (/home/tony/build/lets-chat/app/server.js:143:28)
    at Promise.<anonymous> (/home/tony/build/lets-chat/node_modules/mongoose/node_modules/mpromise/lib/promise.js:162:8)
    at Promise.EventEmitter.emit (events.js:95:17)

Here is how I'm setting up the passport strategy:

    var OPTS = {
      server: {
        url: 'ldap://localhost:389',
        adminDn: 'XXXXXXX',
        adminPassword: 'XXXXXX',
        searchBase: 'XXXXXX',
        searchFilter: '(uid={{username}})'
      },
      usernameField: 'email',
      passwordField: 'password'
    };

    // Authentication
    passport.use(new LdapStrategy(
        OPTS,
        function(profile, done) {
            models.user.findOne({
                'email': profile.mail
            }).exec(function(err, user) {
                if (err) {
                    return done(null, false,  { message: 'Some fields did not validate.' });
                }

                if (user === null) {
                    var user = new models.user({
                        email: profile.mail,
                        password: profile.userPassword,
                        firstName: profile.givenName,
                        lastName: profile.sn,
                        displayName: profile.cn
                    });

                    user.save(function(err, user) {
                        if (err) {
                            return done(null, false, { message: 'Failed to create user account' });
                        }
                        return done(null, user);
                    });

                } else {

                    return done(null, user);
                }
            });
        }
    ));
    passport.serializeUser(function(user, done) {
        done(null, user._id);
    });
    passport.deserializeUser(function(id, done) {
        models.user.findOne({
            _id: id 
        }).exec(function(err, user) {
            done(err, user);
        });
    });

The login controller I left alone, it looks like this:

        self.app.post('/login', function(req, res) {
            passport.authenticate('ldapauth', function(err, user, info) {
                if (err) {
                    res.send({
                        status: 'error',
                        message: 'Some fields did not validate',
                        errors: err
                    });
                    return;
                }
                if (!user) {
                    res.send({
                        status: 'error',
                        message: 'Incorrect login credentials.'
                    });
                    return;
                }
                req.login(user, function(err) {
                    if (err) {
                        res.send({
                            status: 'error',
                            message: 'There were problems logging you in.'
                        });
                        return;
                    }
                    res.send({
                        status: 'success',
                        message: 'Logging you in...'
                    });
                });
            })(req, res);
        });

I'm new to most of this, but I can see the LDAP user is being returned. As you say the error is on this line - using the debugger, the done variable is indeed an object rather than a function, but I don't know exactly how this pieces together.

Any help would be appreciated. Or let me know if I can give more information.

from passport-ldapauth.

Not sure if this backtrace from the catch is useful:

#0 index.js:273:7
#1 Passport.serializeUser index.js:276:5
#2 req.login.req.logIn request.js:48:29
#3 self.app.namespace.self.app.post.res.send.status server.js:240:21
#4 module.exports.delegate.success authenticate.js:161:18
#5 actions.success actions.js:21:25
#6 b native v8natives.js:1597:37
#7 verify strategy.js:113:17
#8 b native v8natives.js:1597:37
#9 passport.deserializeUser.models.user.findOne._id server.js:143:28

from passport-ldapauth.

I think you may be having this problem due to a passport version mismatch. The signature on the de/serialize methods changed recently I believe. Did you upgrade passport at all? I would try removing your project node_modules folder, then do a $ 'npm cache clean' and try a fresh $ 'npm install'

from passport-ldapauth.

That sounded like a good possibility. I've just removed the node_modules directory, npm cleaned and npm installed but the error persists.

from passport-ldapauth.

Hmm strange; I was getting that error and that fixed it but I had patched a few different things together. Can you paste your package.json for me.

from passport-ldapauth.

Sure, here you go:

{
  "name": "lcb",
  "version": "0.0.1",
  "author": "Houssam Haidar <[email protected]>",
  "contributors": [
    {
      "name": "Jeffery Bain",
      "email": "[email protected]"
    },
    {
      "name": "Ramanan Sivaranjan",
      "email": "[email protected]"
    }
  ],
  "keywords": [
    "chat",
    "group chat"
  ],
  "dependencies": {
    "express": "3.0.6",
    "connect": "2.7.5",
    "express-namespace": "0.1.1",
    "connect-mongo": "0.3.2",
    "mongoose": "3.6.4",
    "swig": "0.14.0",
    "socket.io": "0.9.16 ",
    "underscore": "1.5.2",
    "node_hash": "0.2.0",
    "moment": "1.7.2",
    "validator": "0.5.0",
    "consolidate": "0.9.0",
    "passport": "0.1.16",
    "passport-local": "0.1.6",
    "passport.socketio": "1.0.1",
    "knox": "~0.8.9",
    "passport-ldapauth": "~0.2.0"
  },
  "engine": {
    "node": ">=0.7"
  },
  "scripts": {
    "start": "nodejs app.js"
  }
}

Thanks

from passport-ldapauth.

Actually, I had misread and thought you had this working and then were getting that error. What are you using for a user model? I believe the examples just creates an object in memory. If your user model and the controller I may be able to help.

from passport-ldapauth.

Finally reproduced with that package.json. Either downgrade passport-ldapauth to 0.1.2 or upgrade passport to 0.2.0

from passport-ldapauth.

Yup :)

from passport-ldapauth.

And it's as simple as that. Changed to use passport 0.2.0. Thanks very much both of you.

I've got a new error, but I'm sure this one isn't anything to do with passport-ldapauth so I'll sort that one out myself.

from passport-ldapauth.

You may want to look over how your finding the user, and if you are persisting the user in a local data store as well. For instance, I keep a mongo User collection that holds just usernames/roles -- then I do a standard User.find() on username submitted via form. As long as that matches my Mongo collection, I grab the role, and then set the username to the sAMAccountName, which is used to authenticate with the password.

Goodluck.

from passport-ldapauth.

That's what I'm doing, yeah. When it authenticates over ldap it saves user details to mongo. My new error was simply because mongo was polluted with data from users that I deleted - fresh database and it's all working now.

from passport-ldapauth.

@adamrights -- that sounds like what I'm doing. Is your code on github? (are you using both passport-local and then passport-ldapauth in the verify callback?)

from passport-ldapauth.

The code is on an enterprise github account and I have not had time yet to patch anything related in the open source projects I'm borrowing from.

My use case involved adding LDAP support for a streaming stories app where journalists sign in and the CMS is an overlay on the app. It started as general purpose: admin/editor/ads-ops login, but as more people started using the app we moved it over to use dowjones Active Directory.

So before authenticating with LDAP during a login session I first check Mongo to see if the user's "login" username exits in that collection. If it does not then an administrator still needs to add that employee. After that first check then it's basically following the ldapauth pattern.

You could get away with a redis session but since we had our original users collection in Mongo it was simplest to keep it. Without the check every journalist/employee/etc with active directory would have had the ability to log in.

I currently cache some of the response from LDAP in a redis-session but Mongo would work fine for that as well, depends on the type of app you're building. I do not technically use the passport-local library, but I could. Are you still having any problems @oakley808 ?

from passport-ldapauth.

Thanks @adamrights. I was overcomplicating it, trying to use both a local and ldap strategy. Simplifying it to just do LDAP, and then a mongo lookup in the verify callback helped. Passing the req object to the verify callback helped too.

This worked for me. Hopefully it'll help someone else.
controller for app.post( '/login', ....) :

exports.postlogin = function(req, res, next) {
    passport.authenticate('ldapauth', function(err, user, info) {
        if (err)   {  return next(err);  }
        if (!user) {  return res.redirect('/login');}
        req.logIn(user, function(err) {
            if (err) { return next(err); }
            return res.redirect('/index');
        });
    })(req, res, next);
};

config:

passport.use( new LdapStrategy(
    {
          server: ldapOpts // my server info
        , usernameField: 'username'
        , passwordField: 'password'
        , passReqToCallback: true
    }
    ,function( req, user, done ) {
        db.userModel.findOne({ username: req.body.username }, function(err, user) {
            if (err)   {return done(err);}
            if (!user) {return done(null, false, { message: 'Unknown user in mongo ' + req.body.username });}

            return done(null, user); 
        });
    }
));

from passport-ldapauth.