From 453d2ffb3a584afcb3b1843654c719cbf2c73d97 Mon Sep 17 00:00:00 2001
From: ambeta <cyandrewchen@gmail.com>
Date: Thu, 17 May 2018 10:40:51 +0800
Subject: [PATCH 1/2] feature: add searchFilter option in ldap auth config file

---
 src/controller/modules/ldapauth.js | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/controller/modules/ldapauth.js b/src/controller/modules/ldapauth.js
index 14196df3..fb726521 100644
--- a/src/controller/modules/ldapauth.js
+++ b/src/controller/modules/ldapauth.js
@@ -38,11 +38,12 @@ function* ldapQuery(username, password) {
       }
     });
 
-    search.on('searchReference', (referral) => {
-      if (referral) {
-        deferred.reject(referral);
-      }
-    });
+    // FIXME: do not reject when got searchReference
+    // search.on('searchReference', (referral) => {
+    //   if (referral) {
+    //     deferred.reject(referral);
+    //   }
+    // });
 
     search.on('end', () => {
       if (users.length > 0) {
@@ -69,9 +70,10 @@ function* ldapQuery(username, password) {
     }
 
     const searchDn = simpleParse([login.searchDn, login.baseDn].join(','), { username });
+    const searchFilter = simpleParse(login.searchFilter || '(objectclass=*)', { username });
 
     const opts = {
-      filter: '(objectclass=*)',
+      filter: searchFilter,
       scope: 'sub',
     };
 

From 180df1917c827b2aef81641ad0076db408910008 Mon Sep 17 00:00:00 2001
From: AmBeta <cnxcchenyao@gmail.com>
Date: Thu, 15 Sep 2022 15:41:00 +0800
Subject: [PATCH 2/2] bug: fix issue where basedn set to empty string

---
 src/controller/modules/ldapauth.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/controller/modules/ldapauth.js b/src/controller/modules/ldapauth.js
index fb726521..2e654235 100644
--- a/src/controller/modules/ldapauth.js
+++ b/src/controller/modules/ldapauth.js
@@ -64,12 +64,12 @@ function* ldapQuery(username, password) {
     });
   };
 
-  client.bind([login.bindDn, login.baseDn].join(','), login.bindPassword, (err) => {
+  client.bind([login.bindDn, login.baseDn].filter(Boolean).join(','), login.bindPassword, (err) => {
     if (err) {
       deferred.reject(err);
     }
 
-    const searchDn = simpleParse([login.searchDn, login.baseDn].join(','), { username });
+    const searchDn = simpleParse([login.searchDn, login.baseDn].filter(Boolean).join(','), { username });
     const searchFilter = simpleParse(login.searchFilter || '(objectclass=*)', { username });
 
     const opts = {