IISNode and node-expose-sspi

[alpozgur]

Hi;
I'm using nodejs 22.4.0 and iisnode (for hosting in iis).
I'm trying to implement windows authentication (domain based) to my app. There will be 2 type auth.. One anonymous (users will enter their username and pass) and second windows authencticated... for that reason i can't use directly in app level. I have a controller and want to check if user is logged in to domain or not...
My problem is, I can't get domain logged in users info but i always get null...
sample code

var config = require("../../config");
var ldapAuthUser = require("../lib/ldaps");
var prepServiceToken = require("../lib/wsTokenHelper.js");
var userTokenHelper = require("../lib/tokenHelper.js");
var nVersion = require("../../package.json");
var helper = require("../lib/helper");
var wsAuth = require("../Bl/webServiceDbOperations");
const cryptoHelper = require("../lib/cryptrHelper");
const AD = require("activedirectory2");
const {sso} = require('node-expose-sspi');
const jwt = require('jsonwebtoken');
exports.authenticateUser= async function(req, res) {
try {

console.log(req.headers); //comes full but no user info
console.log('SSO Data:', req.sso); //always undefined
var username = req.headers['x-iisnode-auth_user']; //added iisnode promoteServerVars
var authenticationType = req.headers['x-iisnode-auth_type'];//added iisnode promoteServerVars
console.log(username); //empty
console.log(authenticationType); //eömpty
console.log(req.headers['x-iisnode-logon_user']);
// SSO
sso.auth()(req, res, () => {
if (req.sso && req.sso.user) {
const username = req.sso.user.displayName;
const userId = req.sso.user.sid;

            // JWT token üret
            const token = jwt.sign(
                { username, userId },
                config.secret, 
                { expiresIn: '1h' } 
            );
            res.status(200).json({
                success: true,
                message: 'Authentication successful',
                token,
                username,
            });
        } else {
            res.status(401).json({
                success: false,
                message: 'SSO authentication failed',
            });
        }
    });
} catch (err) {
    console.error('SSO Authentication Error:', err);
    res.status(500).json({
        success: false,
        message: 'An error occurred during authentication',
    });
}

}