If you host on IIS with iisnode https://github.com/auth0/passport-windowsauth , this is great! Passport-windowsauth comes with ad integration, but if you only want a username to implement your own authorship logic, you can do it like this:
web.config:
<system.webServer> <iisnode promoteServerVars="LOGON_USER" /> </system.webServer>
server.js:
var passport = require('passport'); var WindowsStrategy = require('passport-windowsauth'); app.use(passport.initialize()); app.use(passport.session()); passport.serializeUser(function(user, done) { done(null, user); }); passport.deserializeUser(function(user, done) { done(null, user); }); passport.use(new WindowsStrategy({ integrated: true }, function(profile,done) { var user = { id: profile.id, }; done(null, user); })); app.all("*", passport.authenticate("WindowsAuthentication"), function (request,response,next){ next(); });
then you can access the user ID in the request object on other routes:
app.get("/api/testAuthentication", function(request, response){ console.log(request.user.id + " is authenticated"); });
if you want to implement your own authorization logic using a user ID, you can define an intermediate layer function like this:
app.get("/api/testAuthorization", hasRole("a role"), function(request, response, next){ console.log(request.user.id " is authenticated and authorized"); });
where hasRole looks like this:
function hasRole(role) { return function(request,response,next){