2021-07-06 11:02:37 +01:00
|
|
|
const debug = require('@tryghost/debug')('members');
|
2020-04-30 17:29:51 +01:00
|
|
|
const cors = require('cors');
|
2020-05-20 14:37:58 +05:30
|
|
|
const bodyParser = require('body-parser');
|
2020-04-30 07:52:22 +01:00
|
|
|
const express = require('../../../shared/express');
|
2021-12-14 15:18:46 +00:00
|
|
|
const sentry = require('../../../shared/sentry');
|
2020-04-30 17:29:51 +01:00
|
|
|
const membersService = require('../../services/members');
|
2022-01-18 17:56:47 +02:00
|
|
|
const stripeService = require('../../services/stripe');
|
2020-04-30 17:29:51 +01:00
|
|
|
const middleware = membersService.middleware;
|
2020-04-30 07:52:22 +01:00
|
|
|
const shared = require('../shared');
|
2021-09-21 12:55:42 +05:30
|
|
|
const labs = require('../../../shared/labs');
|
2021-12-14 15:18:46 +00:00
|
|
|
const errorHandler = require('@tryghost/mw-error-handler');
|
2022-07-14 09:09:53 +02:00
|
|
|
const config = require('../../../shared/config');
|
2020-04-30 07:52:22 +01:00
|
|
|
|
2022-07-05 14:24:28 +02:00
|
|
|
const commentRouter = require('../comments');
|
|
|
|
|
|
2020-04-30 07:52:22 +01:00
|
|
|
module.exports = function setupMembersApp() {
|
2020-04-30 17:29:51 +01:00
|
|
|
debug('Members App setup start');
|
2020-05-01 19:29:42 +01:00
|
|
|
const membersApp = express('members');
|
2020-04-30 07:52:22 +01:00
|
|
|
|
2021-07-06 20:17:59 +05:30
|
|
|
// Members API shouldn't be cached
|
2021-11-16 15:42:02 +00:00
|
|
|
membersApp.use(shared.middleware.cacheControl('private'));
|
2021-07-06 20:17:59 +05:30
|
|
|
|
2020-04-30 17:29:51 +01:00
|
|
|
// Support CORS for requests from the frontend
|
2022-07-14 09:09:53 +02:00
|
|
|
membersApp.use(cors({maxAge: config.get('caching:cors:maxAge')}));
|
2020-04-30 17:29:51 +01:00
|
|
|
|
2020-04-30 07:52:22 +01:00
|
|
|
// Currently global handling for signing in with ?token= magiclinks
|
|
|
|
|
membersApp.use(middleware.createSessionFromMagicLink);
|
|
|
|
|
|
|
|
|
|
// Routing
|
2020-04-30 19:00:37 +01:00
|
|
|
|
|
|
|
|
// Webhooks
|
2022-01-18 17:56:47 +02:00
|
|
|
membersApp.post('/webhooks/stripe', bodyParser.raw({type: 'application/json'}), stripeService.webhookController.handle.bind(stripeService.webhookController));
|
2020-04-30 07:52:22 +01:00
|
|
|
|
2020-04-30 19:00:37 +01:00
|
|
|
// Initializes members specific routes as well as assigns members specific data to the req/res objects
|
2020-05-22 14:25:13 +05:30
|
|
|
// We don't want to add global bodyParser middleware as that interfers with stripe webhook requests on - `/webhooks`.
|
2022-04-28 17:14:17 +05:30
|
|
|
|
|
|
|
|
// Manage newsletter subscription via unsubscribe link
|
|
|
|
|
membersApp.get('/api/member/newsletters', middleware.getMemberNewsletters);
|
2022-05-30 19:23:41 +01:00
|
|
|
membersApp.put('/api/member/newsletters', bodyParser.json({limit: '50mb'}), middleware.updateMemberNewsletters);
|
2022-04-28 17:14:17 +05:30
|
|
|
|
2022-05-13 17:20:09 +05:30
|
|
|
// Get and update member data
|
2020-04-30 19:33:09 +01:00
|
|
|
membersApp.get('/api/member', middleware.getMemberData);
|
2022-05-30 19:23:41 +01:00
|
|
|
membersApp.put('/api/member', bodyParser.json({limit: '50mb'}), middleware.updateMemberData);
|
|
|
|
|
membersApp.post('/api/member/email', bodyParser.json({limit: '50mb'}), (req, res) => membersService.api.middleware.updateEmailAddress(req, res));
|
2022-05-13 17:20:09 +05:30
|
|
|
|
|
|
|
|
// Manage session
|
2020-04-30 19:33:09 +01:00
|
|
|
membersApp.get('/api/session', middleware.getIdentityToken);
|
|
|
|
|
membersApp.delete('/api/session', middleware.deleteSession);
|
2020-04-30 19:00:37 +01:00
|
|
|
|
2020-04-30 17:29:51 +01:00
|
|
|
// NOTE: this is wrapped in a function to ensure we always go via the getter
|
2021-11-16 15:42:02 +00:00
|
|
|
membersApp.post('/api/send-magic-link', bodyParser.json(), shared.middleware.brute.membersAuth, (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));
|
2020-04-30 17:29:51 +01:00
|
|
|
membersApp.post('/api/create-stripe-checkout-session', (req, res, next) => membersService.api.middleware.createCheckoutSession(req, res, next));
|
2020-04-30 19:00:37 +01:00
|
|
|
membersApp.post('/api/create-stripe-update-session', (req, res, next) => membersService.api.middleware.createCheckoutSetupSession(req, res, next));
|
2020-04-30 17:29:51 +01:00
|
|
|
membersApp.put('/api/subscriptions/:id', (req, res, next) => membersService.api.middleware.updateSubscription(req, res, next));
|
2021-09-21 12:55:42 +05:30
|
|
|
membersApp.post('/api/events', labs.enabledMiddleware('membersActivity'), middleware.loadMemberSession, (req, res, next) => membersService.api.middleware.createEvents(req, res, next));
|
2020-04-30 17:29:51 +01:00
|
|
|
|
2022-07-05 14:24:28 +02:00
|
|
|
// Comments
|
|
|
|
|
membersApp.use('/api/comments', commentRouter());
|
|
|
|
|
|
2020-04-30 17:29:51 +01:00
|
|
|
// API error handling
|
2021-12-14 15:18:46 +00:00
|
|
|
membersApp.use('/api', errorHandler.resourceNotFound);
|
2022-05-07 15:28:28 +01:00
|
|
|
membersApp.use('/api', errorHandler.handleJSONResponse(sentry));
|
2020-05-07 22:38:58 +02:00
|
|
|
|
|
|
|
|
// Webhook error handling
|
2021-12-14 15:18:46 +00:00
|
|
|
membersApp.use('/webhooks', errorHandler.resourceNotFound);
|
2022-05-07 15:28:28 +01:00
|
|
|
membersApp.use('/webhooks', errorHandler.handleJSONResponse(sentry));
|
2020-04-30 17:29:51 +01:00
|
|
|
|
|
|
|
|
debug('Members App setup end');
|
|
|
|
|
|
2020-04-30 07:52:22 +01:00
|
|
|
return membersApp;
|
|
|
|
|
};
|
