{"id":13524357,"url":"https://github.com/shaozi/ldap-authentication","last_synced_at":"2026-01-27T06:01:09.122Z","repository":{"id":43165217,"uuid":"232196180","full_name":"shaozi/ldap-authentication","owner":"shaozi","description":"🔐🔐🔐 A simple Nodejs Async LDAP authentication library","archived":false,"fork":false,"pushed_at":"2025-10-12T03:15:29.000Z","size":328,"stargazers_count":122,"open_issues_count":15,"forks_count":32,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-10-21T17:50:00.864Z","etag":null,"topics":["authentication","ldap","ldap-authentication","ldap-filter","ldap-search","nodejs","passport-ldap","security"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shaozi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-01-06T22:23:38.000Z","updated_at":"2025-10-12T03:14:27.000Z","dependencies_parsed_at":"2024-01-13T22:24:49.454Z","dependency_job_id":"26a75330-274b-408e-84cd-f5539661f390","html_url":"https://github.com/shaozi/ldap-authentication","commit_stats":{"total_commits":86,"total_committers":16,"mean_commits":5.375,"dds":"0.34883720930232553","last_synced_commit":"14754df49ab05b11e4a04d29a2f4a891949f9ce9"},"previous_names":["shaozi/ldap-auth"],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/shaozi/ldap-authentication","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shaozi%2Fldap-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shaozi%2Fldap-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shaozi%2Fldap-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shaozi%2Fldap-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shaozi","download_url":"https://codeload.github.com/shaozi/ldap-authentication/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shaozi%2Fldap-authentication/sbom","scorecard":{"id":816230,"data":{"date":"2025-08-11","repo":{"name":"github.com/shaozi/ldap-authentication","commit":"a1f73c65c429ed9b3a1dee49bf242d2fb3729c36"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.8,"checks":[{"name":"Maintained","score":0,"reason":"1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":4,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Warn: no linked content found","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":2,"reason":"Found 7/28 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/integration-test.yml:1","Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/codeql-analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/integration-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration-test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/npm-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/npm-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/npm-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/shaozi/ldap-authentication/npm-publish.yml/master?enable=pin","Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/devcontainers/typescript-node:20 to mcr.microsoft.com/devcontainers/typescript-node:20@sha256:70aa04661183b1f99a1597a5d8b7ea098464ddb0cd6a8b33be66b4728b480af5","Warn: npmCommand not pinned by hash: .github/workflows/integration-test.yml:50","Info:   0 out of  10 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   2 out of   3 npmCommand dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: BSD 2-Clause \"Simplified\" License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 0 commits out of 23 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T14:19:44.163Z","repository_id":43165217,"created_at":"2025-08-23T14:19:44.164Z","updated_at":"2025-08-23T14:19:44.164Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28805319,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T05:43:52.625Z","status":"ssl_error","status_checked_at":"2026-01-27T05:43:48.957Z","response_time":168,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","ldap","ldap-authentication","ldap-filter","ldap-search","nodejs","passport-ldap","security"],"created_at":"2024-08-01T06:01:09.259Z","updated_at":"2026-01-27T06:01:09.114Z","avatar_url":"https://github.com/shaozi.png","language":"JavaScript","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"readme":"# A Simple node Library that Authenticates a User Against an LDAP/AD Server\n\n[![Integration Tests](https://github.com/shaozi/ldap-authentication/actions/workflows/integration-test.yml/badge.svg)](https://github.com/shaozi/ldap-authentication/actions/workflows/integration-test.yml)\n[![Known Vulnerabilities](https://snyk.io/test/github/shaozi/ldap-authentication/badge.svg?targetFile=package.json)](https://snyk.io/test/github/shaozi/ldap-authentication?targetFile=package.json)\n[![NPM Weekly Downloads](https://img.shields.io/npm/dw/ldap-authentication?logo=npm)](https://img.shields.io/npm/dw/ldap-authentication?logo=npm)\n\n## Goal\n\nMake authentication with an LDAP server easy.\n\n## Description\n\nThis library use `ldapts` as the underneath library. It has three modes of authentications:\n\n1. **Admin authenticate mode**. If an admin user is provided, the library will login (ldap bind) with the admin user,\n   then search for the user to be authenticated, get its DN (distinguish name), then use\n   the user DN and password to login again. If every thing is ok, the user details will\n   be returned.\n\n2. **Self authenticate mode**. If the admin user is not provided, then the `userDn` and `userPassword` must be provided.\n   If any of `userSearchBase` or `usernameAttribute` is missing, then the lib simply does a login with\n   the `userDn` and `userPassword` (ldap bind), and returns true if succeeds.\n\n   Otherwise, the lib does a login with the `userDn` and `userPassword` (ldap bind),\n   then does a search on the user and return the user's details.\n\n3. **Verify user exists**. If an `verifyUserExists : true` is provided, the library will login (ldap bind) with the admin user,\n   then search for the user to be verified. If the user exists, user details will be returned (without verifying the user's password).\n\n## Features\n\n- Can use an admin to search and authenticate a user\n- Can also use a regular user and authenticate the user itself\n- Supports ldap, ldaps, and STARTTLS\n- Async/Await Promise\n\n## Usage\n\n### Installation\n\n```sh\nnpm install ldap-authentication --save\n```\n\n### Examples\n\n- An example on how to use with Passport is [passport-ldap-example](https://github.com/shaozi/passport-ldap-example)\n\n- Another simple library [express-passport-ldap-mongoose](https://github.com/shaozi/express-passport-ldap-mongoose) provide turn key solution\n\n#### User authenticate without getting user details\n\n```javascript\nlet authenticated = await authenticate({\n  ldapOpts: { url: 'ldap://ldap.forumsys.com' },\n  userDn: 'uid=gauss,dc=example,dc=com',\n  userPassword: 'password',\n})\n```\n\n#### User authenticate and return user details\n\n```javascript\nlet authenticated = await authenticate({\n  ldapOpts: { url: 'ldap://ldap.forumsys.com' },\n  userDn: 'uid=gauss,dc=example,dc=com',\n  userPassword: 'password',\n  userSearchBase: 'dc=example,dc=com',\n  usernameAttribute: 'uid',\n  username: 'gauss',\n  attributes: ['dn', 'sn', 'cn'],\n})\n```\n\n#### User exists verification and return user details (without user's password)\n\n```javascript\nlet authenticated = await authenticate({\n  ldapOpts: { url: 'ldap://ldap.forumsys.com' },\n  userDn: 'uid=gauss,dc=example,dc=com',\n  verifyUserExists: true,\n  userSearchBase: 'dc=example,dc=com',\n  usernameAttribute: 'uid',\n  username: 'gauss',\n})\n```\n\n#### User authenticate and return user details with groups\n\n```javascript\nlet authenticated = await authenticate({\n  ldapOpts: { url: 'ldap://ldap.forumsys.com' },\n  userDn: 'uid=gauss,dc=example,dc=com',\n  userPassword: 'password',\n  userSearchBase: 'dc=example,dc=com',\n  usernameAttribute: 'uid',\n  username: 'gauss',\n  groupsSearchBase: 'dc=example,dc=com',\n  groupClass: 'groupOfUniqueNames',\n  groupMemberAttribute: 'uniqueMember',\n  // groupMemberUserAttribute: 'dn'\n})\n```\n\n#### Complete example\n\n```javascript\nconst { authenticate } = require('ldap-authentication')\n\nasync function auth() {\n  // auth with admin\n  let options = {\n    ldapOpts: {\n      url: 'ldap://ldap.forumsys.com',\n      // tlsOptions: { rejectUnauthorized: false }\n    },\n    adminDn: 'cn=read-only-admin,dc=example,dc=com',\n    adminPassword: 'password',\n    userPassword: 'password',\n    userSearchBase: 'dc=example,dc=com',\n    usernameAttribute: 'uid',\n    username: 'gauss',\n    // starttls: false\n  }\n\n  let user = await authenticate(options)\n  console.log(user)\n\n  // auth with regular user\n  options = {\n    ldapOpts: {\n      url: 'ldap://ldap.forumsys.com',\n      // tlsOptions: { rejectUnauthorized: false }\n    },\n    userDn: 'uid=einstein,dc=example,dc=com',\n    userPassword: 'password',\n    userSearchBase: 'dc=example,dc=com',\n    usernameAttribute: 'uid',\n    username: 'einstein',\n    // starttls: false\n  }\n\n  user = await authenticate(options)\n  console.log(user)\n}\n\nauth()\n```\n\n### Example with StartTLS\n\n```javascript\nimport { authenticate } from 'ldap-authentication'\n\nasync function auth() {\n  // auth with admin\n  let options = {\n    ldapOpts: {\n      url: 'ldap://ldap.example.com',\n      tlsOptions: {\n        rejectUnauthorized: false, // For self-signed certificates\n        minVersion: 'TLSv1.2',\n        servername: 'ldap.example.com' // For SNI (Server Name Indication)\n      }\n    },\n    starttls: true, // Enable StartTLS\n    adminDn: 'cn=admin,dc=example,dc=com',\n    adminPassword: 'password',\n    userPassword: 'password',\n    userSearchBase: 'dc=example,dc=com',\n    usernameAttribute: 'uid',\n    username: 'testuser'\n  }\n\n  let user = await authenticate(options)\n  console.log(user)\n}\n\nauth()\n```\n\n**Important Notes for StartTLS:**\n- Use `ldap://` URLs with `starttls: true` (not `ldaps://`)\n- For `ldaps://` URLs, omit `starttls` and the connection will use TLS from the start\n- TLS options like `rejectUnauthorized`, `minVersion`, and `servername` can be specified in `ldapOpts.tlsOptions`\n\n## Parameters\n\n- `ldapOpts`: This is passed to `ldapts` client directly\n  - `url`: url of the ldap server. Example: `ldap://ldap.forumsys.com`\n  - `tlsOptions`: options to pass to node tls. Example: `{ rejectUnauthorized: false }`\n  - `connectTimeout`: Int. Default: `5000`. Connect timeout in ms\n- `adminDn`: The DN of the admistrator. Example: `cn=read-only-admin,dc=example,dc=com`,\n- `adminPassword`: The password of the admin.\n- `userDn`: The DN of the user to be authenticated. This is only needed if `adminDn` and `adminPassword` are not provided.\n  Example: `uid=gauss,dc=example,dc=com`\n- `userPassword`: The password of the user\n- `verifyUserExists` : if `true` user existence will be verified without password\n- `userSearchBase`: The ldap base DN to search the user. Example: `dc=example,dc=com`\n- `usernameAttribute`: The ldap search equality attribute name corresponding to the user's username.\n  It will be used with the value in `username` to construct an ldap filter as `({attribute}={username})`\n  to find the user and get user details in LDAP.\n  In self authenticate mode (`userDn` and `userPassword` are provided, but not `adminDn` and `adminPassword`),\n  if this value is not set, then authenticate will return true right after user bind succeed. No user details\n  from LDAP search will be performed and returned.\n  Example: `uid`\n- `username`: The username to authenticate with. It is used together with the name in `usernameAttribute`\n  to construct an ldap filter as `({attribute}={username})`\n  to find the user and get user details in LDAP. Example: `some user input`\n- `attributes`: A list of attributes of a user details to be returned from the LDAP server.\n  If is set to `[]` or ommited, all details will be returned. Example: `['sn', 'cn']`\n- `starttls`: Boolean. Use `STARTTLS` or not. When `true`, the connection will be upgraded to TLS\n  using the STARTTLS extended operation. TLS options can be specified in `ldapOpts.tlsOptions`.\n  Note: Use `starttls: true` with `ldap://` URLs, not `ldaps://` URLs\n- `groupsSearchBase`: if specified with groupClass, will serve as search base for authenticated user groups\n- `groupClass`: if specified with groupsSearchBase, will be used as objectClass in search filter for authenticated user groups\n- `groupMemberAttribute`: if specified with groupClass and groupsSearchBase, will be used as member name (if not specified this defaults to `member`) in search filter for authenticated user groups\n- `groupMemberUserAttribute`: if specified with groupClass and groupsSearchBase, will be used as the attribute on the user object (if not specified this defaults to `dn`) in search filter for authenticated user groups\n\n## Returns\n\nThe user object if `authenticate()` is success.\n\nIn version 4, a new function is added: `authenticateResult()`. It has the same call signature as `authenticate()` but returns an object `AuthenticationResult` with more details.\n\n\n### AuthenticationResult Object\n\nAuthenticationResult object has the following fields:\n\n- `code`: number. constants:\n  - `AUTH_RESULT_FAILURE` = 0\n  - `AUTH_RESULT_SUCCESS` = 1\n  - `AUTH_RESULT_FAILURE_IDENTITY_NOT_FOUND` = -1\n  - `AUTH_RESULT_FAILURE_IDENTITY_AMBIGUOUS` = -2\n  - `AUTH_RESULT_FAILURE_CREDENTIAL_INVALID` = -3\n  - `AUTH_RESULT_FAILURE_UNCATEGORIZED` = -4\n- `identity`: identity supplied as string\n- `user`: user object if authentication is successful, otherwise null\n- `message`: authentication message array, which contains server messages\n- `client`: ldapClient instance\n\n\n## Old Stuff\n\nIn version 2, The user object has a `raw` field that has the raw data from the LDAP/AD server. It can be used to access buffer objects (profile pics for example).\n\nBuffer data can now be accessed by `user.raw.profilePhoto`, etc, instead of `user.profilePhoto`.\n\nIn version 3, the `raw` field is no longer used. Instead, append `;binary` to the attributes you\nwant to get back as base64-encoded string. Check the following example on how to get a user's profile photo:\n\n```javascript\nexport async function verifyLogin(email: string, password: string) {\n\n  const options = {\n   //...other config options\n    userPassword: password,\n    username: email,\n    attributes: ['thumbnailPhoto;binary', 'givenName', 'sn', 'sAMAccountName', 'userPrincipalName', 'memberOf' ]\n  };\n\n  try {\n    const ldapUser = await authenticate(options);\n\n    if (!ldapUser) {\n      return { error: \"user not found\" };\n    }\n\n    // accessing the image\n    const profilePhoto = ldapUser['thumbnailPhoto;binary'];\n\n    /* using the image\n \u003cimg src={`data:image/*;base64,${profilePhoto}`} /\u003e\n    */\n    return { user: ldapUser };\n  }\n}\n```\n\n## Supported Node Versions\n\nVersion 2 supports Node version 12, 14, 15, 16, 17 and 18.\n\nVersion 3 supports Node version 16, 17, 18, 20 and 22.\n\nVersion 4 supports Node version 20 and above.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshaozi%2Fldap-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshaozi%2Fldap-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshaozi%2Fldap-authentication/lists"}