ghost/core/server/routes/admin.js

var admin       = require('../controllers/admin'),
    config      = require('../config'),
    express     = require('express'),

    ONE_HOUR_S  = 60 * 60,
    ONE_YEAR_S  = 365 * 24 * ONE_HOUR_S,

    adminRoutes;

adminRoutes = function (middleware) {
    var router = express.Router(),
        subdir = config().paths.subdir;

    // ### Admin routes
    router.get('^/logout/', function redirect(req, res) {
        /*jslint unparam:true*/
        res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});
        res.redirect(301, subdir + '/ghost/signout/');
    });
    router.get('^/signout/', function redirect(req, res) {
        /*jslint unparam:true*/
        res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});
        res.redirect(301, subdir + '/ghost/signout/');
    });
    router.get('^/signin/', function redirect(req, res) {
        /*jslint unparam:true*/
        res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});
        res.redirect(301, subdir + '/ghost/signin/');
    });
    router.get('^/signup/', function redirect(req, res) {
        /*jslint unparam:true*/
        res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});
        res.redirect(301, subdir + '/ghost/signup/');
    });

    // redirect to /ghost and let that do the authentication to prevent redirects to /ghost//admin etc.
    router.get(/^\/((ghost-admin|admin|wp-admin|dashboard|signin)\/?)$/, function (req, res) {
        /*jslint unparam:true*/
        res.redirect(subdir + '/ghost/');
    });

    router.get('/ghost/*', middleware.redirectToSetup, admin.index);

    return router;
};

module.exports = adminRoutes;
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`var admin = require('../controllers/admin'),`
Update config.theme() after every settings edit fixes #1645 - removes server.get('ghost root') as it is only an alias to config.paths().path, and adds unnecessary indirection - removes config.theme().path as its just an alias to config.paths().path, updated all relevant references - update config.theme.update to only require the api/settings object, and no longer need the config object - modify api/settings.edit to call config.theme.update so that the themeObject is ready for next rendering of template 2013-12-09 23:41:58 -05:00			`config = require('../config'),`
Upgrade to Express 4.0 no related issue - Updates package.json packages, adding express middleware packages that have been broken into their own modules - Updates controllers/frontend.js to use the new Layer object that Express 4.0 has. Requires some monkey-patching as the Layer object isn't explicitly surfaced, however it should be safe to do. - Moved the setup of routes into middleware/index.js because they need to be added as a middleware function before the 404 and 500 handlers. This is no longer possible with the old app.use(app.router) as that has been removed. - Cleaned up middleware/index.js to make it compatible with Express 4.0. - Simplified the way themes are activated and enabled when they are activated. The new handling is simpler, yet should still cover all the use cases that previously existed. - The entire flow of activating a theme through middleware should be a little more centralized, letting it be easier to read and maintain. - Moved every routes/*.js file to use an individual express.Router() instance. 2014-04-11 22:46:15 -05:00			`express = require('express'),`
Redirect feed -> rss closes #2261 - reserved 'feed' in the list of reserved keywords for slugs - added a 301 redirect from /feed/ to /rss/ - added a route test, and realised that standard express redirects don't get the right headers - fixed the headers across all 301 redirects & added tests for the admin redirects - removed the redirect from /ghost/login/ to /ghost/signin/ as this happens automatically if you're logged out, and isn't very useful if you're logged in as it just redirects again to /ghost/ 2014-03-23 16:49:43 -05:00
			`ONE_HOUR_S = 60 * 60,`
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData 2014-05-08 07:41:19 -05:00			`ONE_YEAR_S = 365 * 24 * ONE_HOUR_S,`
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData 2014-05-08 07:41:19 -05:00			`adminRoutes;`

Upgrade to Express 4.0 no related issue - Updates package.json packages, adding express middleware packages that have been broken into their own modules - Updates controllers/frontend.js to use the new Layer object that Express 4.0 has. Requires some monkey-patching as the Layer object isn't explicitly surfaced, however it should be safe to do. - Moved the setup of routes into middleware/index.js because they need to be added as a middleware function before the 404 and 500 handlers. This is no longer possible with the old app.use(app.router) as that has been removed. - Cleaned up middleware/index.js to make it compatible with Express 4.0. - Simplified the way themes are activated and enabled when they are activated. The new handling is simpler, yet should still cover all the use cases that previously existed. - The entire flow of activating a theme through middleware should be a little more centralized, letting it be easier to read and maintain. - Moved every routes/*.js file to use an individual express.Router() instance. 2014-04-11 22:46:15 -05:00			`adminRoutes = function (middleware) {`
			`var router = express.Router(),`
			`subdir = config().paths.subdir;`

Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`// ### Admin routes`
Replace the old admin with the ember admin closes #3056 - Remove clientold - Remove clientold tests - Cleanup old admin helpers - Remove old routes from admin and controllers from admin controller - Comment out / remove old and broken tests - Cleanup Gruntfile.js, bower.js, package.json etc Still TODO: - cleanup / add removed tests - do we still need countable? 2014-06-30 18:26:08 -05:00			`router.get('^/logout/', function redirect(req, res) {`
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`/jslint unparam:true/`
Redirect feed -> rss closes #2261 - reserved 'feed' in the list of reserved keywords for slugs - added a 301 redirect from /feed/ to /rss/ - added a route test, and realised that standard express redirects don't get the right headers - fixed the headers across all 301 redirects & added tests for the admin redirects - removed the redirect from /ghost/login/ to /ghost/signin/ as this happens automatically if you're logged out, and isn't very useful if you're logged in as it just redirects again to /ghost/ 2014-03-23 16:49:43 -05:00			`res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});`
Path, url and subdir cleanup & test issue #1754 - remove path (it was only used once, and not needed) - change webroot to subdir - add unit tests for config.paths - various other cleanup - renamed client-side ghostRoot to subdir - added url helper for client 2013-12-28 11:01:08 -05:00			`res.redirect(301, subdir + '/ghost/signout/');`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00			`});`
Replace the old admin with the ember admin closes #3056 - Remove clientold - Remove clientold tests - Cleanup old admin helpers - Remove old routes from admin and controllers from admin controller - Comment out / remove old and broken tests - Cleanup Gruntfile.js, bower.js, package.json etc Still TODO: - cleanup / add removed tests - do we still need countable? 2014-06-30 18:26:08 -05:00			`router.get('^/signout/', function redirect(req, res) {`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00			`/jslint unparam:true/`
Redirect feed -> rss closes #2261 - reserved 'feed' in the list of reserved keywords for slugs - added a 301 redirect from /feed/ to /rss/ - added a route test, and realised that standard express redirects don't get the right headers - fixed the headers across all 301 redirects & added tests for the admin redirects - removed the redirect from /ghost/login/ to /ghost/signin/ as this happens automatically if you're logged out, and isn't very useful if you're logged in as it just redirects again to /ghost/ 2014-03-23 16:49:43 -05:00			`res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});`
Path, url and subdir cleanup & test issue #1754 - remove path (it was only used once, and not needed) - change webroot to subdir - add unit tests for config.paths - various other cleanup - renamed client-side ghostRoot to subdir - added url helper for client 2013-12-28 11:01:08 -05:00			`res.redirect(301, subdir + '/ghost/signout/');`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00			`});`
Replace the old admin with the ember admin closes #3056 - Remove clientold - Remove clientold tests - Cleanup old admin helpers - Remove old routes from admin and controllers from admin controller - Comment out / remove old and broken tests - Cleanup Gruntfile.js, bower.js, package.json etc Still TODO: - cleanup / add removed tests - do we still need countable? 2014-06-30 18:26:08 -05:00			`router.get('^/signin/', function redirect(req, res) {`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00			`/jslint unparam:true/`
Redirect feed -> rss closes #2261 - reserved 'feed' in the list of reserved keywords for slugs - added a 301 redirect from /feed/ to /rss/ - added a route test, and realised that standard express redirects don't get the right headers - fixed the headers across all 301 redirects & added tests for the admin redirects - removed the redirect from /ghost/login/ to /ghost/signin/ as this happens automatically if you're logged out, and isn't very useful if you're logged in as it just redirects again to /ghost/ 2014-03-23 16:49:43 -05:00			`res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});`
Path, url and subdir cleanup & test issue #1754 - remove path (it was only used once, and not needed) - change webroot to subdir - add unit tests for config.paths - various other cleanup - renamed client-side ghostRoot to subdir - added url helper for client 2013-12-28 11:01:08 -05:00			`res.redirect(301, subdir + '/ghost/signin/');`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00			`});`
Replace the old admin with the ember admin closes #3056 - Remove clientold - Remove clientold tests - Cleanup old admin helpers - Remove old routes from admin and controllers from admin controller - Comment out / remove old and broken tests - Cleanup Gruntfile.js, bower.js, package.json etc Still TODO: - cleanup / add removed tests - do we still need countable? 2014-06-30 18:26:08 -05:00			`router.get('^/signup/', function redirect(req, res) {`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00			`/jslint unparam:true/`
Redirect feed -> rss closes #2261 - reserved 'feed' in the list of reserved keywords for slugs - added a 301 redirect from /feed/ to /rss/ - added a route test, and realised that standard express redirects don't get the right headers - fixed the headers across all 301 redirects & added tests for the admin redirects - removed the redirect from /ghost/login/ to /ghost/signin/ as this happens automatically if you're logged out, and isn't very useful if you're logged in as it just redirects again to /ghost/ 2014-03-23 16:49:43 -05:00			`res.set({'Cache-Control': 'public, max-age=' + ONE_YEAR_S});`
Path, url and subdir cleanup & test issue #1754 - remove path (it was only used once, and not needed) - change webroot to subdir - add unit tests for config.paths - various other cleanup - renamed client-side ghostRoot to subdir - added url helper for client 2013-12-28 11:01:08 -05:00			`res.redirect(301, subdir + '/ghost/signup/');`
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`});`
Remove cookie from Frontend closes #1437 closes #1472 - changed cookie to path:'/ghost' - added conditional CSRF middleware - added redirects for signup, signin, signout to /ghost/sign*/ 2013-11-26 04:38:54 -05:00
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`// redirect to /ghost and let that do the authentication to prevent redirects to /ghost//admin etc.`
Replace the old admin with the ember admin closes #3056 - Remove clientold - Remove clientold tests - Cleanup old admin helpers - Remove old routes from admin and controllers from admin controller - Comment out / remove old and broken tests - Cleanup Gruntfile.js, bower.js, package.json etc Still TODO: - cleanup / add removed tests - do we still need countable? 2014-06-30 18:26:08 -05:00			`router.get(/^\/((ghost-admin\|admin\|wp-admin\|dashboard\|signin)\/?)$/, function (req, res) {`
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`/jslint unparam:true/`
Path, url and subdir cleanup & test issue #1754 - remove path (it was only used once, and not needed) - change webroot to subdir - add unit tests for config.paths - various other cleanup - renamed client-side ghostRoot to subdir - added url helper for client 2013-12-28 11:01:08 -05:00			`res.redirect(subdir + '/ghost/');`
Reduce size of ghost.js by moving related Routing code to their own files 2013-11-12 00:27:12 -05:00			`});`
Replace the old admin with the ember admin closes #3056 - Remove clientold - Remove clientold tests - Cleanup old admin helpers - Remove old routes from admin and controllers from admin controller - Comment out / remove old and broken tests - Cleanup Gruntfile.js, bower.js, package.json etc Still TODO: - cleanup / add removed tests - do we still need countable? 2014-06-30 18:26:08 -05:00
			`router.get('/ghost/*', middleware.redirectToSetup, admin.index);`
Upgrade to Express 4.0 no related issue - Updates package.json packages, adding express middleware packages that have been broken into their own modules - Updates controllers/frontend.js to use the new Layer object that Express 4.0 has. Requires some monkey-patching as the Layer object isn't explicitly surfaced, however it should be safe to do. - Moved the setup of routes into middleware/index.js because they need to be added as a middleware function before the 404 and 500 handlers. This is no longer possible with the old app.use(app.router) as that has been removed. - Cleaned up middleware/index.js to make it compatible with Express 4.0. - Simplified the way themes are activated and enabled when they are activated. The new handling is simpler, yet should still cover all the use cases that previously existed. - The entire flow of activating a theme through middleware should be a little more centralized, letting it be easier to read and maintain. - Moved every routes/*.js file to use an individual express.Router() instance. 2014-04-11 22:46:15 -05:00
			`return router;`
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData 2014-05-08 07:41:19 -05:00			`};`

			`module.exports = adminRoutes;`