Add exposed ldap secret for bind auth

src/settings.js

@@ -190,6 +190,7 @@ const gDefaults = (function () {
     };
     result[exports.EXPOSED_LDAP_KEY] = {
         enabled: false,
+        secret: '',
         allowlist: '' // empty means allow all
     };
     result[exports.REGISTRY_CONFIG_KEY] = {
@@ -515,11 +516,14 @@ async function setExposedLdapConfig(exposedLdapConfig) {
 
     const config = {
         enabled: exposedLdapConfig.enabled,
+        secret: exposedLdapConfig.secret,
         // if list is empty, we allow all IPs
         allowlist: exposedLdapConfig.allowlist || ''
     };
 
     if (config.enabled) {
+        if (!config.secret) throw new BoxError(BoxError.BAD_FIELD, 'secret cannot be empty');
+
         let gotOne = false;
         for (const line of exposedLdapConfig.allowlist.split('\n')) {
             if (!line || line.startsWith('#')) continue;