feat(server) nt password authentication in ldap backend

[levkohimins]

If you are using FreeAPI as your ldap backend and two-factor authentication is enabled in FreeAPI, the users will not be able to authenticate using login and password on the Authelia login page when ldap binding is used as an authentication method.

The reason is that two-factor authentication is also used for binding in 389 Directory Server that FreeAPI uses. Depending on the type of two-factor authentication activated in FreeIPA, if it's OTP, then the user must input Password+OTP on the Authelia login page.

The solution is to use the NT Password from user DN instead of trying to check the password by ldap binding.

The PR adds two new configuration options into ldap backend.

authentication_backend:
  ldap:
    authentication_method: 
    nt_password_attribute: 

authentication_method - takes bind or nt_password. By default bind.
nt_password_attribute - has a default value of ipaNTHash when implementation is set to freeipa.

If you decide to accept these changes, perhaps you should improve the documentation I added.

[authelia]

Thanks for choosing to contribute @levkoburburas. We lint all PR's with golangci-lint and eslint, I may add a review to your PR with some suggestions.

You are free to apply the changes if you're comfortable, alternatively you are welcome to ask a team member for advice.

Artifacts

These changes once approved by a team member will be published for testing on Buildkite, DockerHub and GitHub Container Registry.

Docker Container

• docker pull authelia/authelia:PR4672
• docker pull ghcr.io/authelia/authelia:PR4672

[james-d-elliott]

I have to really think about this, I appreciate the PR I just have to figure out how we can best support something like this long term.