How do I check for CAS authentication in Node.js?

Question

I have to develop an application where the page should only be accessible if the user has logged in. Our organization uses CAS to secure pages, but I am unsure how to check (I'm using Node.js) if the person has indeed signed in.

I'm new to CAS and trying to understand how to proceed. I know that the user will receive a ticket-granting ticket (TGT) cookie in the browser after logging in, and that somehow CAS will create a service ticket (ST) for the individual page.

How do I know if the user has authenticated? Is there a particular way to verify that the user has a TGT? Do I check for the ST? And if I don't detect any tickets, how do I direct them to the CAS instance for our system?

Thanks for any and all help.

Answer 1

I'm new to CAS and trying to understand how to proceed. I know that the user will receive a ticket-granting ticket (TGT) cookie in the browser after logging in, and that somehow CAS will create a service ticket (ST) for the individual page.

So far, so good.

How do I know if the user has authenticated? Is there a particular way to verify that the user has a TGT? Do I check for the ST? And if I don't detect any tickets, how do I direct them to the CAS instance for our system?

If you don't have a session for your application, you need to redirect the user to the CAS login endpoint with a service parameter that acts as a callback to your application. Once the user logs in, CAS will redirect back to the service parameter with a service ticket. You then need to grab the ticket, ask the CAS server to validate the ticket in exchange for the user info/profile.

Much of this interaction is usually handled using CAS client libraries that you would configure to handle the validation and redirection for you. If you search around, you are likely to find good CAS clients that work well with node.js. This might be a good starting point: https://github.com/casinthecloud/nodejs-cas-client-demo