let ldap = require('ldapjs');
let fs = require('fs');
let tls = require('tls');

let satitm_directory = ldap.createClient({
  url: 'ldaps://ad.satitm.chula.ac.th:636',
  tlsOptions: {
    rejectUnauthorized: false
  }
});

// Save server's certificate to file for same-host verification
satitm_directory.on('connect', function(socket) {
  socket.on('secureConnect', function() {
    if (socket.getPeerCertificate().raw) {
      fs.writeFileSync('certificate.pem', socket.getPeerCertificate().raw);
      satitm_directory.tlsOptions = {
        ca: [fs.readFileSync('certificate.pem')]
      };
    }
  });
});

satitm_directory.bind('CN=SSOManager,OU=Service Accounts,DC=ad,DC=satitm,DC=chula,DC=ac,DC=th', '39BK5LCeU2NY2oG3beeBJH', function (err) {
  if (err) {
    console.log('Error:', err);
  } else {
    console.log('Connected to SATITM Active Directory');
  }
});

module.exports = satitm_directory;