Dropping the database invalidates cookies

Closes #418. * Moved the app config behind the promise wall (I couldn't reliably assign generated uuid to the ghost object AND have access to an automatically created db from fixtures AND not have circular reference (try including api in ghost.js ;) )) * Added new functionality to `ghost.init()`, which is responsible for the first run bit (I'm thinking plopping a filter or an action in there for future devs) * Modified `.gitignore` so the `.png`s casper generates aren't added * Fixed ambiguity and typos here and there, see code
2025-02-10 23:36:14 -05:00 · 2013-08-24 01:02:01 +01:00 · 2013-08-24 01:02:01 +01:00 · 3ded75ca4f
commit 3ded75ca4f
parent ba8bdf7dd7
3 changed files with 46 additions and 28 deletions
--- a/.gitignore
+++ b/.gitignore
@ -39,4 +39,7 @@ projectFilesBackup
 /_site

 # Changelog, which is autogenerated, not committed
-CHANGELOG.md
+CHANGELOG.md
+
+# Casper generated files
+/core/test/functional/*.png
--- a/core/ghost.js
+++ b/core/ghost.js
@ -16,6 +16,7 @@ var config = require('./../config'),
    plugins = require('./server/plugins'),
    requireTree = require('./server/require-tree'),
    permissions = require('./server/permissions'),
+    uuid = require('node-uuid'),

 // Variables
    appRoot = path.resolve(__dirname, '../'),
@ -83,6 +84,9 @@ Ghost = function () {
        // Holds the available plugins
        instance.availablePlugins = {};

+        // Holds the dbhash (mainly used for cookie secret)
+        instance.dbHash = undefined;
+
        app = express();
        polyglot = new Polyglot();

@ -133,6 +137,20 @@ Ghost.prototype.init = function () {
    }).then(function () {
        // Initialize the permissions actions and objects
        return permissions.init();
+    }).then(function () {
+        // get the settings and whatnot
+        return when(models.Settings.read('dbHash')).then(function (dbhash) {
+            // we already ran this, chill
+            self.dbHash = dbhash.attributes.value;
+            return dbhash.attributes.value;
+        }).otherwise(function (error) {
+            // this is where all the "first run" functionality should go
+            var dbhash = uuid.v4();
+            return when(models.Settings.add({key: 'dbHash', value: dbhash})).then(function (returned) {
+                self.dbHash = dbhash;
+                return dbhash;
+            });
+        });
    }, errors.logAndThrowError);
 };

--- a/index.js
+++ b/index.js
@ -63,7 +63,7 @@ function auth(req, res, next) {

 // While we're here, let's clean up on aisle 5
 // That being ghost.notifications, and let's remove the passives from there
-// plus the local messages, as the have already been added at this point
+// plus the local messages, as they have already been added at this point
 // otherwise they'd appear one too many times
 function cleanNotifications(req, res, next) {
    ghost.notifications = _.reject(ghost.notifications, function (notification) {
@ -177,41 +177,38 @@ function disableCachedResult(req, res, next) {
    next();
 }

-// ##Configuration
-ghost.app().configure(function () {
-    ghost.app().use(isGhostAdmin);
-    ghost.app().use(express.favicon(__dirname + '/content/images/favicon.ico'));
-    ghost.app().use(I18n.load(ghost));
-    ghost.app().use(express.bodyParser({}));
-    ghost.app().use(express.bodyParser({uploadDir: __dirname + '/content/images'}));
-    ghost.app().use(express.cookieParser('try-ghost'));
-    ghost.app().use(express.cookieSession({ cookie: { maxAge: 60000000 }}));
-    ghost.app().use(ghost.initTheme(ghost.app()));
-
-    if (process.env.NODE_ENV !== "development") {
-        ghost.app().use(express.logger());
-        ghost.app().use(express.errorHandler({ dumpExceptions: false, showStack: false }));
-    }
-});
-
-// Development only configuration
-ghost.app().configure("development", function () {
-    ghost.app().use(express.errorHandler({ dumpExceptions: true, showStack: true }));
-    ghost.app().use(express.logger('dev'));
-});
-
-
 // Expose the promise we will resolve after our pre-loading
 ghost.loaded = loading.promise;

 when.all([ghost.init(), filters.loadCoreFilters(ghost), helpers.loadCoreHelpers(ghost)]).then(function () {

+    // ##Configuration
+    ghost.app().configure(function () {
+        ghost.app().use(isGhostAdmin);
+        ghost.app().use(express.favicon(__dirname + '/content/images/favicon.ico'));
+        ghost.app().use(I18n.load(ghost));
+        ghost.app().use(express.bodyParser({}));
+        ghost.app().use(express.bodyParser({uploadDir: __dirname + '/content/images'}));
+        ghost.app().use(express.cookieParser(ghost.dbHash));
+        ghost.app().use(express.cookieSession({ cookie: { maxAge: 60000000 }}));
+        ghost.app().use(ghost.initTheme(ghost.app()));
+        if (process.env.NODE_ENV !== "development") {
+            ghost.app().use(express.logger());
+            ghost.app().use(express.errorHandler({ dumpExceptions: false, showStack: false }));
+        }
+    });
+
+    // Development only configuration
+    ghost.app().configure("development", function () {
+        ghost.app().use(express.errorHandler({ dumpExceptions: true, showStack: true }));
+        ghost.app().use(express.logger('dev'));
+    });
+
    // post init config
    ghost.app().use(ghostLocals);
-    // because science
+    // So on every request we actually clean out reduntant passive notifications from the server side
    ghost.app().use(cleanNotifications);

-
    // ## Routing

    // ### API routes