2019-07-17 16:43:07 +02:00
|
|
|
const api = require('./index');
|
2020-05-27 12:47:53 -05:00
|
|
|
const config = require('../../../shared/config');
|
2020-05-22 13:22:20 -05:00
|
|
|
const {i18n} = require('../../lib/common');
|
|
|
|
const errors = require('@tryghost/errors');
|
2019-07-17 16:43:07 +02:00
|
|
|
const web = require('../../web');
|
2019-07-24 14:53:09 +02:00
|
|
|
const models = require('../../models');
|
2019-07-24 12:40:18 +02:00
|
|
|
const auth = require('../../services/auth');
|
|
|
|
const invitations = require('../../services/invitations');
|
2019-07-17 16:43:07 +02:00
|
|
|
|
|
|
|
module.exports = {
|
2019-07-23 18:30:17 +02:00
|
|
|
docName: 'authentication',
|
2019-07-17 16:43:07 +02:00
|
|
|
|
2019-07-24 20:21:42 +02:00
|
|
|
setup: {
|
2019-08-01 13:06:15 +02:00
|
|
|
statusCode: 201,
|
2019-07-24 20:21:42 +02:00
|
|
|
permissions: false,
|
|
|
|
validation: {
|
|
|
|
docName: 'setup'
|
|
|
|
},
|
|
|
|
query(frame) {
|
|
|
|
return Promise.resolve()
|
|
|
|
.then(() => {
|
|
|
|
return auth.setup.assertSetupCompleted(false)();
|
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
const setupDetails = {
|
|
|
|
name: frame.data.setup[0].name,
|
|
|
|
email: frame.data.setup[0].email,
|
|
|
|
password: frame.data.setup[0].password,
|
|
|
|
blogTitle: frame.data.setup[0].blogTitle,
|
|
|
|
status: 'active'
|
|
|
|
};
|
|
|
|
|
|
|
|
return auth.setup.setupUser(setupDetails);
|
|
|
|
})
|
|
|
|
.then((data) => {
|
|
|
|
return auth.setup.doSettings(data, api.settings);
|
2019-07-30 14:44:56 +02:00
|
|
|
})
|
|
|
|
.then((user) => {
|
2019-07-30 16:15:53 +02:00
|
|
|
return auth.setup.sendWelcomeEmail(user.get('email'), api.mail)
|
2019-07-30 14:44:56 +02:00
|
|
|
.then(() => user);
|
2019-07-24 20:21:42 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
2019-07-25 17:10:46 +02:00
|
|
|
updateSetup: {
|
|
|
|
permissions: (frame) => {
|
|
|
|
return models.User.findOne({role: 'Owner', status: 'all'})
|
|
|
|
.then((owner) => {
|
|
|
|
if (owner.id !== frame.options.context.user) {
|
2020-05-22 13:22:20 -05:00
|
|
|
throw new errors.NoPermissionError({message: i18n.t('errors.api.authentication.notTheBlogOwner')});
|
2019-07-25 17:10:46 +02:00
|
|
|
}
|
|
|
|
});
|
|
|
|
},
|
|
|
|
validation: {
|
|
|
|
docName: 'setup'
|
|
|
|
},
|
|
|
|
query(frame) {
|
|
|
|
return Promise.resolve()
|
|
|
|
.then(() => {
|
|
|
|
return auth.setup.assertSetupCompleted(true)();
|
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
const setupDetails = {
|
|
|
|
name: frame.data.setup[0].name,
|
|
|
|
email: frame.data.setup[0].email,
|
|
|
|
password: frame.data.setup[0].password,
|
|
|
|
blogTitle: frame.data.setup[0].blogTitle,
|
|
|
|
status: 'active'
|
|
|
|
};
|
|
|
|
|
2019-07-30 16:52:37 +02:00
|
|
|
return auth.setup.setupUser(setupDetails);
|
|
|
|
})
|
|
|
|
.then((data) => {
|
|
|
|
return auth.setup.doSettings(data, api.settings);
|
2019-07-25 17:10:46 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
2019-07-25 14:36:51 +02:00
|
|
|
isSetup: {
|
|
|
|
permissions: false,
|
|
|
|
query() {
|
|
|
|
return auth.setup.checkIsSetup()
|
|
|
|
.then((isSetup) => {
|
|
|
|
return {
|
|
|
|
status: isSetup,
|
|
|
|
// Pre-populate from config if, and only if the values exist in config.
|
|
|
|
title: config.title || undefined,
|
|
|
|
name: config.user_name || undefined,
|
|
|
|
email: config.user_email || undefined
|
|
|
|
};
|
|
|
|
});
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
2019-07-17 16:43:07 +02:00
|
|
|
generateResetToken: {
|
2019-07-30 22:48:59 +02:00
|
|
|
validation: {
|
|
|
|
docName: 'passwordreset'
|
|
|
|
},
|
2019-07-17 16:43:07 +02:00
|
|
|
permissions: true,
|
|
|
|
options: [
|
|
|
|
'email'
|
|
|
|
],
|
|
|
|
query(frame) {
|
|
|
|
return Promise.resolve()
|
|
|
|
.then(() => {
|
2019-07-24 20:21:42 +02:00
|
|
|
return auth.setup.assertSetupCompleted(true)();
|
2019-07-17 16:43:07 +02:00
|
|
|
})
|
|
|
|
.then(() => {
|
2019-07-30 22:48:59 +02:00
|
|
|
return auth.passwordreset.generateToken(frame.data.passwordreset[0].email, api.settings);
|
2019-07-17 16:43:07 +02:00
|
|
|
})
|
|
|
|
.then((token) => {
|
2020-05-06 13:19:47 +01:00
|
|
|
return auth.passwordreset.sendResetNotification(token, api.mail);
|
2019-07-17 16:43:07 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
},
|
2019-07-24 20:21:42 +02:00
|
|
|
|
2019-07-17 16:43:07 +02:00
|
|
|
resetPassword: {
|
2019-07-23 18:30:17 +02:00
|
|
|
validation: {
|
|
|
|
docName: 'passwordreset',
|
|
|
|
data: {
|
|
|
|
newPassword: {required: true},
|
|
|
|
ne2Password: {required: true}
|
|
|
|
}
|
|
|
|
},
|
2019-07-17 16:43:07 +02:00
|
|
|
permissions: false,
|
|
|
|
options: [
|
|
|
|
'ip'
|
|
|
|
],
|
|
|
|
query(frame) {
|
|
|
|
return Promise.resolve()
|
|
|
|
.then(() => {
|
2019-07-24 20:21:42 +02:00
|
|
|
return auth.setup.assertSetupCompleted(true)();
|
2019-07-17 16:43:07 +02:00
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
return auth.passwordreset.extractTokenParts(frame);
|
|
|
|
})
|
|
|
|
.then((params) => {
|
|
|
|
return auth.passwordreset.protectBruteForce(params);
|
|
|
|
})
|
|
|
|
.then(({options, tokenParts}) => {
|
|
|
|
options = Object.assign(options, {context: {internal: true}});
|
|
|
|
return auth.passwordreset.doReset(options, tokenParts, api.settings)
|
|
|
|
.then((params) => {
|
|
|
|
web.shared.middlewares.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
|
|
|
return params;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
2019-07-24 12:40:18 +02:00
|
|
|
},
|
|
|
|
|
|
|
|
acceptInvitation: {
|
|
|
|
validation: {
|
|
|
|
docName: 'invitations'
|
|
|
|
},
|
|
|
|
permissions: false,
|
|
|
|
query(frame) {
|
|
|
|
return Promise.resolve()
|
|
|
|
.then(() => {
|
2019-07-24 20:21:42 +02:00
|
|
|
return auth.setup.assertSetupCompleted(true)();
|
2019-07-24 12:40:18 +02:00
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
return invitations.accept(frame.data);
|
|
|
|
});
|
|
|
|
}
|
2019-07-24 14:53:09 +02:00
|
|
|
},
|
|
|
|
|
|
|
|
isInvitation: {
|
2019-08-01 13:06:15 +02:00
|
|
|
data: [
|
|
|
|
'email'
|
|
|
|
],
|
2019-07-24 14:53:09 +02:00
|
|
|
validation: {
|
|
|
|
docName: 'invitations'
|
|
|
|
},
|
|
|
|
permissions: false,
|
|
|
|
query(frame) {
|
|
|
|
return Promise.resolve()
|
|
|
|
.then(() => {
|
2019-07-24 20:21:42 +02:00
|
|
|
return auth.setup.assertSetupCompleted(true)();
|
2019-07-24 14:53:09 +02:00
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
const email = frame.data.email;
|
|
|
|
|
2019-07-24 16:18:44 +02:00
|
|
|
return models.Invite.findOne({email: email, status: 'sent'}, frame.options);
|
2019-07-24 14:53:09 +02:00
|
|
|
});
|
|
|
|
}
|
2019-07-17 16:43:07 +02:00
|
|
|
}
|
|
|
|
};
|