mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-04-15 03:01:37 -05:00
Renamed middlewares to middleware consistently
- This is a minor bugbare, but it will affect some configuration I'm about to do for c8 - I've been wanting to do it for ages, middleware is plural all on it's own so it's an odd affectation in our codebase - This also only exists in 2 places, everywhere else we use "middleware" - Sadly it did result in a lot of churn as I did a full find and replace, but consistency is king!
This commit is contained in:
Hannah Wolfe
parent
8281388290
commit
4f9b72ff43
54 changed files with 125 additions and 125 deletions
|
|
@ -96,7 +96,7 @@ async function initCore({ghostServer, config, bootLogger}) {
|
|||
const urlService = require('./server/services/url');
|
||||
// Note: there is no await here, we do not wait for the url service to finish
|
||||
// We can return, but the site will remain in (the shared, not global) maintenance mode until this finishes
|
||||
// This is managed on request: https://github.com/TryGhost/Ghost/blob/main/core/server/web/shared/middlewares/maintenance.js#L13
|
||||
// This is managed on request: https://github.com/TryGhost/Ghost/blob/main/core/server/web/shared/middleware/maintenance.js#L13
|
||||
urlService.init({
|
||||
onFinished: () => {
|
||||
bootLogger.log('URL Service Ready');
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ privateRouter
|
|||
.post(
|
||||
bodyParser.urlencoded({extended: true}),
|
||||
middleware.redirectPrivateToHomeIfLoggedIn,
|
||||
web.shared.middlewares.brute.privateBlog,
|
||||
web.shared.middleware.brute.privateBlog,
|
||||
middleware.doLoginToPrivateSite,
|
||||
_renderer
|
||||
);
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ const urlUtils = require('../../../shared/url-utils');
|
|||
const ParentRouter = require('./ParentRouter');
|
||||
|
||||
const controllers = require('./controllers');
|
||||
const middlewares = require('./middlewares');
|
||||
const middleware = require('./middleware');
|
||||
const RSSRouter = require('./RSSRouter');
|
||||
|
||||
/**
|
||||
|
|
@ -70,7 +70,7 @@ class CollectionRouter extends ParentRouter {
|
|||
this.mountRoute(this.route.value, controllers.collection);
|
||||
|
||||
// REGISTER: enable pagination by default
|
||||
this.router().param('page', middlewares.pageParam);
|
||||
this.router().param('page', middleware.pageParam);
|
||||
this.mountRoute(urlUtils.urlJoin(this.route.value, 'page', ':page(\\d+)'), controllers.collection);
|
||||
|
||||
// REGISTER: is rss enabled?
|
||||
|
|
@ -92,7 +92,7 @@ class CollectionRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare index context for further middlewares/controllers.
|
||||
* @description Prepare index context for further middleware/controllers.
|
||||
*/
|
||||
_prepareEntriesContext(req, res, next) {
|
||||
res.routerOptions = {
|
||||
|
|
@ -115,7 +115,7 @@ class CollectionRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare entry context for further middlewares/controllers.
|
||||
* @description Prepare entry context for further middleware/controllers.
|
||||
*/
|
||||
_prepareEntryContext(req, res, next) {
|
||||
res.routerOptions.context = ['post'];
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class EmailRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare context for further middlewares/controllers.
|
||||
* @description Prepare context for further middleware/controllers.
|
||||
* @param {Object} req
|
||||
* @param {Object} res
|
||||
* @param {Function} next
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class PreviewRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare context for further middlewares/controllers.
|
||||
* @description Prepare context for further middleware/controllers.
|
||||
* @param {Object} req
|
||||
* @param {Object} res
|
||||
* @param {Function} next
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ class StaticPagesRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare context for futher middlewares/controllers.
|
||||
* @description Prepare context for futher middleware/controllers.
|
||||
* @param {Object} req
|
||||
* @param {Object} res
|
||||
* @param {Function} next
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ const errors = require('@tryghost/errors');
|
|||
const urlUtils = require('../../../shared/url-utils');
|
||||
const RSSRouter = require('./RSSRouter');
|
||||
const controllers = require('./controllers');
|
||||
const middlewares = require('./middlewares');
|
||||
const middleware = require('./middleware');
|
||||
const ParentRouter = require('./ParentRouter');
|
||||
|
||||
/**
|
||||
|
|
@ -59,14 +59,14 @@ class StaticRoutesRouter extends ParentRouter {
|
|||
this.mountRoute(this.route.value, controllers[this.controller]);
|
||||
|
||||
// REGISTER: pagination
|
||||
this.router().param('page', middlewares.pageParam);
|
||||
this.router().param('page', middleware.pageParam);
|
||||
this.mountRoute(urlUtils.urlJoin(this.route.value, 'page', ':page(\\d+)'), controllers[this.controller]);
|
||||
|
||||
this.routerCreated(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* @description Prepare channel context for further middlewares/controllers.
|
||||
* @description Prepare channel context for further middleware/controllers.
|
||||
* @param {Object} req
|
||||
* @param {Object} res
|
||||
* @param {Function} next
|
||||
|
|
@ -102,7 +102,7 @@ class StaticRoutesRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare static route context for further middlewares/controllers.
|
||||
* @description Prepare static route context for further middleware/controllers.
|
||||
* @param {Object} req
|
||||
* @param {Object} res
|
||||
* @param {Function} next
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ const ParentRouter = require('./ParentRouter');
|
|||
const RSSRouter = require('./RSSRouter');
|
||||
const urlUtils = require('../../../shared/url-utils');
|
||||
const controllers = require('./controllers');
|
||||
const middlewares = require('./middlewares');
|
||||
const middleware = require('./middleware');
|
||||
|
||||
/**
|
||||
* @description Taxonomies are groupings of posts based on a common relation.
|
||||
|
|
@ -51,7 +51,7 @@ class TaxonomyRouter extends ParentRouter {
|
|||
this.mountRoute(this.permalinks.getValue(), controllers.channel);
|
||||
|
||||
// REGISTER: enable pagination for each taxonomy by default
|
||||
this.router().param('page', middlewares.pageParam);
|
||||
this.router().param('page', middleware.pageParam);
|
||||
this.mountRoute(urlUtils.urlJoin(this.permalinks.value, 'page', ':page(\\d+)'), controllers.channel);
|
||||
|
||||
// REGISTER: edit redirect to admin client e.g. /tag/:slug/edit
|
||||
|
|
@ -63,7 +63,7 @@ class TaxonomyRouter extends ParentRouter {
|
|||
}
|
||||
|
||||
/**
|
||||
* @description Prepare context for routing middlewares/controllers.
|
||||
* @description Prepare context for routing middleware/controllers.
|
||||
* @param {Object} req
|
||||
* @param {Object} res
|
||||
* @param {Function} next
|
||||
|
|
|
|||
|
|
@ -154,19 +154,19 @@ module.exports = function setupSiteApp(options = {}) {
|
|||
debug('Internal apps done');
|
||||
|
||||
// send 503 error page in case of maintenance
|
||||
siteApp.use(shared.middlewares.maintenance);
|
||||
siteApp.use(shared.middleware.maintenance);
|
||||
|
||||
// Add in all trailing slashes & remove uppercase
|
||||
// must happen AFTER asset loading and BEFORE routing
|
||||
siteApp.use(shared.middlewares.prettyUrls);
|
||||
siteApp.use(shared.middleware.prettyUrls);
|
||||
|
||||
// ### Caching
|
||||
siteApp.use(function (req, res, next) {
|
||||
// Site frontend is cacheable UNLESS request made by a member or blog is in private mode
|
||||
if (req.member || res.isPrivateBlog) {
|
||||
return shared.middlewares.cacheControl('private')(req, res, next);
|
||||
return shared.middleware.cacheControl('private')(req, res, next);
|
||||
} else {
|
||||
return shared.middlewares.cacheControl('public', {maxAge: config.get('caching:frontend:maxAge')})(req, res, next);
|
||||
return shared.middleware.cacheControl('public', {maxAge: config.get('caching:frontend:maxAge')})(req, res, next);
|
||||
}
|
||||
});
|
||||
|
||||
|
|
@ -179,7 +179,7 @@ module.exports = function setupSiteApp(options = {}) {
|
|||
siteApp.use(SiteRouter);
|
||||
|
||||
// ### Error handlers
|
||||
siteApp.use(shared.middlewares.errorHandler.pageNotFound);
|
||||
siteApp.use(shared.middleware.errorHandler.pageNotFound);
|
||||
config.get('apps:internal').forEach((appName) => {
|
||||
const app = require(path.join(config.get('paths').internalAppPath, appName));
|
||||
|
||||
|
|
@ -187,7 +187,7 @@ module.exports = function setupSiteApp(options = {}) {
|
|||
app.setupErrorHandling(siteApp);
|
||||
}
|
||||
});
|
||||
siteApp.use(shared.middlewares.errorHandler.handleThemeResponse);
|
||||
siteApp.use(shared.middleware.errorHandler.handleThemeResponse);
|
||||
|
||||
debug('Site setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ module.exports = {
|
|||
options = Object.assign(options, {context: {internal: true}});
|
||||
return auth.passwordreset.doReset(options, tokenParts, api.settings)
|
||||
.then((params) => {
|
||||
web.shared.middlewares.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
||||
web.shared.middleware.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
||||
return params;
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -145,7 +145,7 @@ module.exports = {
|
|||
options = Object.assign(options, {context: {internal: true}});
|
||||
return auth.passwordreset.doReset(options, tokenParts, api.settings)
|
||||
.then((params) => {
|
||||
web.shared.middlewares.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
||||
web.shared.middleware.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
||||
return params;
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -146,7 +146,7 @@ module.exports = {
|
|||
options = Object.assign(options, {context: {internal: true}});
|
||||
return auth.passwordreset.doReset(options, tokenParts, api.settings)
|
||||
.then((params) => {
|
||||
web.shared.middlewares.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
||||
web.shared.middleware.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
|
||||
return params;
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -27,19 +27,19 @@ module.exports = function setupAdminApp() {
|
|||
}
|
||||
|
||||
// Render error page in case of maintenance
|
||||
adminApp.use(shared.middlewares.maintenance);
|
||||
adminApp.use(shared.middleware.maintenance);
|
||||
|
||||
// Force SSL if required
|
||||
// must happen AFTER asset loading and BEFORE routing
|
||||
adminApp.use(shared.middlewares.urlRedirects.adminSSLAndHostRedirect);
|
||||
adminApp.use(shared.middleware.urlRedirects.adminSSLAndHostRedirect);
|
||||
|
||||
// Add in all trailing slashes & remove uppercase
|
||||
// must happen AFTER asset loading and BEFORE routing
|
||||
adminApp.use(shared.middlewares.prettyUrls);
|
||||
adminApp.use(shared.middleware.prettyUrls);
|
||||
|
||||
// Cache headers go last before serving the request
|
||||
// Admin is currently set to not be cached at all
|
||||
adminApp.use(shared.middlewares.cacheControl('private'));
|
||||
adminApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Special redirects for the admin (these should have their own cache-control headers)
|
||||
adminApp.use(adminMiddleware);
|
||||
|
|
@ -47,8 +47,8 @@ module.exports = function setupAdminApp() {
|
|||
// Finally, routing
|
||||
adminApp.get('*', require('./controller'));
|
||||
|
||||
adminApp.use(shared.middlewares.errorHandler.pageNotFound);
|
||||
adminApp.use(shared.middlewares.errorHandler.handleHTMLResponse);
|
||||
adminApp.use(shared.middleware.errorHandler.pageNotFound);
|
||||
adminApp.use(shared.middleware.errorHandler.handleHTMLResponse);
|
||||
|
||||
debug('Admin setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ const debug = require('@tryghost/debug')('web:api:default:app');
|
|||
const config = require('../../../shared/config');
|
||||
const express = require('../../../shared/express');
|
||||
const urlUtils = require('../../../shared/url-utils');
|
||||
const errorHandler = require('../shared/middlewares/error-handler');
|
||||
const errorHandler = require('../shared/middleware/error-handler');
|
||||
|
||||
module.exports = function setupApiApp() {
|
||||
debug('Parent API setup start');
|
||||
|
|
|
|||
|
|
@ -20,21 +20,21 @@ module.exports = function setupApiApp() {
|
|||
apiApp.use(boolParser());
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
apiApp.use(shared.middlewares.maintenance);
|
||||
apiApp.use(shared.middleware.maintenance);
|
||||
|
||||
// Check version matches for API requests, depends on res.locals.safeVersion being set
|
||||
// Therefore must come after themeHandler.ghostLocals, for now
|
||||
apiApp.use(apiMw.versionMatch);
|
||||
|
||||
// Admin API shouldn't be cached
|
||||
apiApp.use(shared.middlewares.cacheControl('private'));
|
||||
apiApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Routing
|
||||
apiApp.use(routes());
|
||||
|
||||
// API error handling
|
||||
apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middlewares.errorHandler.handleJSONResponseV2);
|
||||
apiApp.use(shared.middleware.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middleware.errorHandler.handleJSONResponseV2);
|
||||
|
||||
debug('Admin API canary setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -59,8 +59,8 @@ module.exports.authAdminApi = [
|
|||
auth.authorize.authorizeAdminApi,
|
||||
apiMw.updateUserLastSeen,
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
||||
|
|
@ -73,8 +73,8 @@ module.exports.authAdminApiWithUrl = [
|
|||
auth.authorize.authorizeAdminApi,
|
||||
apiMw.updateUserLastSeen,
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
||||
|
|
@ -83,7 +83,7 @@ module.exports.authAdminApiWithUrl = [
|
|||
*/
|
||||
module.exports.publicAdminApi = [
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
|
|
|||
|
|
@ -204,8 +204,8 @@ module.exports = function apiRoutes() {
|
|||
router.get('/session', mw.authAdminApi, http(api.session.read));
|
||||
// We don't need auth when creating a new session (logging in)
|
||||
router.post('/session',
|
||||
shared.middlewares.brute.globalBlock,
|
||||
shared.middlewares.brute.userLogin,
|
||||
shared.middleware.brute.globalBlock,
|
||||
shared.middleware.brute.userLogin,
|
||||
http(api.session.add)
|
||||
);
|
||||
router.del('/session', mw.authAdminApi, http(api.session.delete));
|
||||
|
|
@ -215,11 +215,11 @@ module.exports = function apiRoutes() {
|
|||
|
||||
// ## Authentication
|
||||
router.post('/authentication/passwordreset',
|
||||
shared.middlewares.brute.globalReset,
|
||||
shared.middlewares.brute.userReset,
|
||||
shared.middleware.brute.globalReset,
|
||||
shared.middleware.brute.userReset,
|
||||
http(api.authentication.generateResetToken)
|
||||
);
|
||||
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(api.authentication.resetPassword));
|
||||
router.put('/authentication/passwordreset', shared.middleware.brute.globalBlock, http(api.authentication.resetPassword));
|
||||
router.post('/authentication/invitation', http(api.authentication.acceptInvitation));
|
||||
router.get('/authentication/invitation', http(api.authentication.isInvitation));
|
||||
router.post('/authentication/setup', http(api.authentication.setup));
|
||||
|
|
|
|||
|
|
@ -18,17 +18,17 @@ module.exports = function setupApiApp() {
|
|||
apiApp.use(boolParser());
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
apiApp.use(shared.middlewares.maintenance);
|
||||
apiApp.use(shared.middleware.maintenance);
|
||||
|
||||
// API shouldn't be cached
|
||||
apiApp.use(shared.middlewares.cacheControl('private'));
|
||||
apiApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Routing
|
||||
apiApp.use(routes());
|
||||
|
||||
// API error handling
|
||||
apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middlewares.errorHandler.handleJSONResponse);
|
||||
apiApp.use(shared.middleware.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middleware.errorHandler.handleJSONResponse);
|
||||
|
||||
debug('Content API canary setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -14,10 +14,10 @@ const shared = require('../../../shared');
|
|||
* Authentication for public endpoints
|
||||
*/
|
||||
module.exports.authenticatePublic = [
|
||||
shared.middlewares.brute.contentApiKey,
|
||||
shared.middleware.brute.contentApiKey,
|
||||
auth.authenticate.authenticateContentApi,
|
||||
auth.authorize.authorizeContentApi,
|
||||
cors(),
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls
|
||||
];
|
||||
|
|
|
|||
|
|
@ -20,21 +20,21 @@ module.exports = function setupApiApp() {
|
|||
apiApp.use(boolParser());
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
apiApp.use(shared.middlewares.maintenance);
|
||||
apiApp.use(shared.middleware.maintenance);
|
||||
|
||||
// Check version matches for API requests, depends on res.locals.safeVersion being set
|
||||
// Therefore must come after themeHandler.ghostLocals, for now
|
||||
apiApp.use(apiMw.versionMatch);
|
||||
|
||||
// Admin API shouldn't be cached
|
||||
apiApp.use(shared.middlewares.cacheControl('private'));
|
||||
apiApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Routing
|
||||
apiApp.use(routes());
|
||||
|
||||
// API error handling
|
||||
apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middlewares.errorHandler.handleJSONResponseV2);
|
||||
apiApp.use(shared.middleware.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middleware.errorHandler.handleJSONResponseV2);
|
||||
|
||||
debug('Admin API v2 setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -55,8 +55,8 @@ module.exports.authAdminApi = [
|
|||
auth.authorize.authorizeAdminApi,
|
||||
apiMw.updateUserLastSeen,
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
||||
|
|
@ -69,8 +69,8 @@ module.exports.authAdminApiWithUrl = [
|
|||
auth.authorize.authorizeAdminApi,
|
||||
apiMw.updateUserLastSeen,
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
||||
|
|
@ -79,7 +79,7 @@ module.exports.authAdminApiWithUrl = [
|
|||
*/
|
||||
module.exports.publicAdminApi = [
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
|
|
|||
|
|
@ -142,19 +142,19 @@ module.exports = function apiRoutes() {
|
|||
router.get('/session', mw.authAdminApi, http(api.session.read));
|
||||
// We don't need auth when creating a new session (logging in)
|
||||
router.post('/session',
|
||||
shared.middlewares.brute.globalBlock,
|
||||
shared.middlewares.brute.userLogin,
|
||||
shared.middleware.brute.globalBlock,
|
||||
shared.middleware.brute.userLogin,
|
||||
http(api.session.add)
|
||||
);
|
||||
router.del('/session', mw.authAdminApi, http(api.session.delete));
|
||||
|
||||
// ## Authentication
|
||||
router.post('/authentication/passwordreset',
|
||||
shared.middlewares.brute.globalReset,
|
||||
shared.middlewares.brute.userReset,
|
||||
shared.middleware.brute.globalReset,
|
||||
shared.middleware.brute.userReset,
|
||||
http(api.authentication.generateResetToken)
|
||||
);
|
||||
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(api.authentication.resetPassword));
|
||||
router.put('/authentication/passwordreset', shared.middleware.brute.globalBlock, http(api.authentication.resetPassword));
|
||||
router.post('/authentication/invitation', http(api.authentication.acceptInvitation));
|
||||
router.get('/authentication/invitation', http(api.authentication.isInvitation));
|
||||
router.post('/authentication/setup', http(api.authentication.setup));
|
||||
|
|
|
|||
|
|
@ -18,17 +18,17 @@ module.exports = function setupApiApp() {
|
|||
apiApp.use(boolParser());
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
apiApp.use(shared.middlewares.maintenance);
|
||||
apiApp.use(shared.middleware.maintenance);
|
||||
|
||||
// API shouldn't be cached
|
||||
apiApp.use(shared.middlewares.cacheControl('private'));
|
||||
apiApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Routing
|
||||
apiApp.use(routes());
|
||||
|
||||
// API error handling
|
||||
apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middlewares.errorHandler.handleJSONResponse);
|
||||
apiApp.use(shared.middleware.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middleware.errorHandler.handleJSONResponse);
|
||||
|
||||
debug('Content API v2 setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -14,10 +14,10 @@ const shared = require('../../../shared');
|
|||
* Authentication for public endpoints
|
||||
*/
|
||||
module.exports.authenticatePublic = [
|
||||
shared.middlewares.brute.contentApiKey,
|
||||
shared.middleware.brute.contentApiKey,
|
||||
auth.authenticate.authenticateContentApi,
|
||||
auth.authorize.authorizeContentApi,
|
||||
cors(),
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls
|
||||
];
|
||||
|
|
|
|||
|
|
@ -20,21 +20,21 @@ module.exports = function setupApiApp() {
|
|||
apiApp.use(boolParser());
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
apiApp.use(shared.middlewares.maintenance);
|
||||
apiApp.use(shared.middleware.maintenance);
|
||||
|
||||
// Check version matches for API requests, depends on res.locals.safeVersion being set
|
||||
// Therefore must come after themeHandler.ghostLocals, for now
|
||||
apiApp.use(apiMw.versionMatch);
|
||||
|
||||
// Admin API shouldn't be cached
|
||||
apiApp.use(shared.middlewares.cacheControl('private'));
|
||||
apiApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Routing
|
||||
apiApp.use(routes());
|
||||
|
||||
// API error handling
|
||||
apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middlewares.errorHandler.handleJSONResponseV2);
|
||||
apiApp.use(shared.middleware.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middleware.errorHandler.handleJSONResponseV2);
|
||||
|
||||
debug('Admin API v3 setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -59,8 +59,8 @@ module.exports.authAdminApi = [
|
|||
auth.authorize.authorizeAdminApi,
|
||||
apiMw.updateUserLastSeen,
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
||||
|
|
@ -73,8 +73,8 @@ module.exports.authAdminApiWithUrl = [
|
|||
auth.authorize.authorizeAdminApi,
|
||||
apiMw.updateUserLastSeen,
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
||||
|
|
@ -83,7 +83,7 @@ module.exports.authAdminApiWithUrl = [
|
|||
*/
|
||||
module.exports.publicAdminApi = [
|
||||
apiMw.cors,
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls,
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls,
|
||||
notImplemented
|
||||
];
|
||||
|
|
|
|||
|
|
@ -182,8 +182,8 @@ module.exports = function apiRoutes() {
|
|||
router.get('/session', mw.authAdminApi, http(api.session.read));
|
||||
// We don't need auth when creating a new session (logging in)
|
||||
router.post('/session',
|
||||
shared.middlewares.brute.globalBlock,
|
||||
shared.middlewares.brute.userLogin,
|
||||
shared.middleware.brute.globalBlock,
|
||||
shared.middleware.brute.userLogin,
|
||||
http(api.session.add)
|
||||
);
|
||||
router.del('/session', mw.authAdminApi, http(api.session.delete));
|
||||
|
|
@ -193,11 +193,11 @@ module.exports = function apiRoutes() {
|
|||
|
||||
// ## Authentication
|
||||
router.post('/authentication/passwordreset',
|
||||
shared.middlewares.brute.globalReset,
|
||||
shared.middlewares.brute.userReset,
|
||||
shared.middleware.brute.globalReset,
|
||||
shared.middleware.brute.userReset,
|
||||
http(api.authentication.generateResetToken)
|
||||
);
|
||||
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(api.authentication.resetPassword));
|
||||
router.put('/authentication/passwordreset', shared.middleware.brute.globalBlock, http(api.authentication.resetPassword));
|
||||
router.post('/authentication/invitation', http(api.authentication.acceptInvitation));
|
||||
router.get('/authentication/invitation', http(api.authentication.isInvitation));
|
||||
router.post('/authentication/setup', http(api.authentication.setup));
|
||||
|
|
|
|||
|
|
@ -18,17 +18,17 @@ module.exports = function setupApiApp() {
|
|||
apiApp.use(boolParser());
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
apiApp.use(shared.middlewares.maintenance);
|
||||
apiApp.use(shared.middleware.maintenance);
|
||||
|
||||
// API shouldn't be cached
|
||||
apiApp.use(shared.middlewares.cacheControl('private'));
|
||||
apiApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Routing
|
||||
apiApp.use(routes());
|
||||
|
||||
// API error handling
|
||||
apiApp.use(shared.middlewares.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middlewares.errorHandler.handleJSONResponse);
|
||||
apiApp.use(shared.middleware.errorHandler.resourceNotFound);
|
||||
apiApp.use(shared.middleware.errorHandler.handleJSONResponse);
|
||||
|
||||
debug('Content API v3 setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -14,10 +14,10 @@ const shared = require('../../../shared');
|
|||
* Authentication for public endpoints
|
||||
*/
|
||||
module.exports.authenticatePublic = [
|
||||
shared.middlewares.brute.contentApiKey,
|
||||
shared.middleware.brute.contentApiKey,
|
||||
auth.authenticate.authenticateContentApi,
|
||||
auth.authorize.authorizeContentApi,
|
||||
cors(),
|
||||
shared.middlewares.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middlewares.prettyUrls
|
||||
shared.middleware.urlRedirects.adminSSLAndHostRedirect,
|
||||
shared.middleware.prettyUrls
|
||||
];
|
||||
|
|
|
|||
|
|
@ -14,10 +14,10 @@ module.exports = function setupMembersApp() {
|
|||
const membersApp = express('members');
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
membersApp.use(shared.middlewares.maintenance);
|
||||
membersApp.use(shared.middleware.maintenance);
|
||||
|
||||
// Members API shouldn't be cached
|
||||
membersApp.use(shared.middlewares.cacheControl('private'));
|
||||
membersApp.use(shared.middleware.cacheControl('private'));
|
||||
|
||||
// Support CORS for requests from the frontend
|
||||
const siteUrl = new URL(urlUtils.getSiteUrl());
|
||||
|
|
@ -42,19 +42,19 @@ module.exports = function setupMembersApp() {
|
|||
membersApp.get('/api/site', middleware.getMemberSiteData);
|
||||
|
||||
// NOTE: this is wrapped in a function to ensure we always go via the getter
|
||||
membersApp.post('/api/send-magic-link', bodyParser.json(), shared.middlewares.brute.membersAuth, (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));
|
||||
membersApp.post('/api/send-magic-link', bodyParser.json(), shared.middleware.brute.membersAuth, (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));
|
||||
membersApp.post('/api/create-stripe-checkout-session', (req, res, next) => membersService.api.middleware.createCheckoutSession(req, res, next));
|
||||
membersApp.post('/api/create-stripe-update-session', (req, res, next) => membersService.api.middleware.createCheckoutSetupSession(req, res, next));
|
||||
membersApp.put('/api/subscriptions/:id', (req, res, next) => membersService.api.middleware.updateSubscription(req, res, next));
|
||||
membersApp.post('/api/events', labs.enabledMiddleware('membersActivity'), middleware.loadMemberSession, (req, res, next) => membersService.api.middleware.createEvents(req, res, next));
|
||||
|
||||
// API error handling
|
||||
membersApp.use('/api', shared.middlewares.errorHandler.resourceNotFound);
|
||||
membersApp.use('/api', shared.middlewares.errorHandler.handleJSONResponseV2);
|
||||
membersApp.use('/api', shared.middleware.errorHandler.resourceNotFound);
|
||||
membersApp.use('/api', shared.middleware.errorHandler.handleJSONResponseV2);
|
||||
|
||||
// Webhook error handling
|
||||
membersApp.use('/webhooks', shared.middlewares.errorHandler.resourceNotFound);
|
||||
membersApp.use('/webhooks', shared.middlewares.errorHandler.handleJSONResponseV2);
|
||||
membersApp.use('/webhooks', shared.middleware.errorHandler.resourceNotFound);
|
||||
membersApp.use('/webhooks', shared.middleware.errorHandler.handleJSONResponseV2);
|
||||
|
||||
debug('Members App setup end');
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ module.exports = function setupOAuthApp() {
|
|||
oauthApp.use(labsMiddleware);
|
||||
|
||||
// send 503 json response in case of maintenance
|
||||
oauthApp.use(shared.middlewares.maintenance);
|
||||
oauthApp.use(shared.middleware.maintenance);
|
||||
|
||||
/**
|
||||
* Configure the passport.authenticate middleware
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ module.exports = (options) => {
|
|||
|
||||
// Force SSL if blog url is set to https. The redirects handling must happen before asset and page routing,
|
||||
// otherwise we serve assets/pages with http. This can cause mixed content warnings in the admin client.
|
||||
frontendApp.use(shared.middlewares.urlRedirects.frontendSSLRedirect);
|
||||
frontendApp.use(shared.middleware.urlRedirects.frontendSSLRedirect);
|
||||
|
||||
frontendApp.lazyUse('/members', require('../members'));
|
||||
frontendApp.use('/', require('../../../frontend/web')(options));
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
module.exports = {
|
||||
get middlewares() {
|
||||
return require('./middlewares');
|
||||
get middleware() {
|
||||
return require('./middleware');
|
||||
}
|
||||
};
|
||||
|
|
|
|||
|
|
@ -2,9 +2,9 @@ const should = require('should');
|
|||
const sinon = require('sinon');
|
||||
const errors = require('@tryghost/errors');
|
||||
const urlUtils = require('../../../../../../core/shared/url-utils');
|
||||
const middlewares = require('../../../../../../core/frontend/services/routing/middlewares');
|
||||
const middleware = require('../../../../../../core/frontend/services/routing/middleware');
|
||||
|
||||
describe('UNIT: services/routing/middlewares/page-param', function () {
|
||||
describe('UNIT: services/routing/middleware/page-param', function () {
|
||||
let req;
|
||||
let res;
|
||||
let next;
|
||||
|
|
@ -27,7 +27,7 @@ describe('UNIT: services/routing/middlewares/page-param', function () {
|
|||
req.originalUrl = 'http://localhost:2368/blog/page/2/';
|
||||
req.url = '/blog/page/2/';
|
||||
|
||||
middlewares.pageParam(req, res, next, 2);
|
||||
middleware.pageParam(req, res, next, 2);
|
||||
|
||||
urlUtils.redirect301.called.should.be.false();
|
||||
next.calledOnce.should.be.true();
|
||||
|
|
@ -38,7 +38,7 @@ describe('UNIT: services/routing/middlewares/page-param', function () {
|
|||
req.originalUrl = 'http://localhost:2368/blog/page/1/';
|
||||
req.url = '/blog/page/1/';
|
||||
|
||||
middlewares.pageParam(req, res, next, 1);
|
||||
middleware.pageParam(req, res, next, 1);
|
||||
|
||||
urlUtils.redirect301.calledOnce.should.be.true();
|
||||
next.called.should.be.false();
|
||||
|
|
@ -48,7 +48,7 @@ describe('UNIT: services/routing/middlewares/page-param', function () {
|
|||
req.originalUrl = 'http://localhost:2368/blog/page/0/';
|
||||
req.url = '/blog/page/0/';
|
||||
|
||||
middlewares.pageParam(req, res, next, 0);
|
||||
middleware.pageParam(req, res, next, 0);
|
||||
|
||||
urlUtils.redirect301.called.should.be.false();
|
||||
next.calledOnce.should.be.true();
|
||||
|
|
@ -59,7 +59,7 @@ describe('UNIT: services/routing/middlewares/page-param', function () {
|
|||
req.originalUrl = 'http://localhost:2368/blog/page/something/';
|
||||
req.url = '/blog/page/something/';
|
||||
|
||||
middlewares.pageParam(req, res, next, 'something');
|
||||
middleware.pageParam(req, res, next, 'something');
|
||||
|
||||
urlUtils.redirect301.called.should.be.false();
|
||||
next.calledOnce.should.be.true();
|
||||
|
|
@ -70,7 +70,7 @@ describe('UNIT: services/routing/middlewares/page-param', function () {
|
|||
req.originalUrl = 'http://localhost:2368/blog/rss/page/1/';
|
||||
req.url = '/blog/rss/page/1/';
|
||||
|
||||
middlewares.pageParam(req, res, next, 1);
|
||||
middleware.pageParam(req, res, next, 1);
|
||||
|
||||
urlUtils.redirect301.calledOnce.should.be.true();
|
||||
next.called.should.be.false();
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ describe('Content Api canary middleware', function () {
|
|||
describe('authenticatePublic', function () {
|
||||
it('uses brute content api middleware as the first middleware in the chain', function () {
|
||||
const firstMiddleware = middleware.authenticatePublic[0];
|
||||
const brute = require('../../../../../../../core/server/web/shared/middlewares/brute');
|
||||
const brute = require('../../../../../../../core/server/web/shared/middleware/brute');
|
||||
|
||||
should.equal(firstMiddleware, brute.contentApiKey);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ describe('Content Api v2 middleware', function () {
|
|||
describe('authenticatePublic', function () {
|
||||
it('uses brute content api middleware as the first middleware in the chain', function () {
|
||||
const firstMiddleware = middleware.authenticatePublic[0];
|
||||
const brute = require('../../../../../../../core/server/web/shared/middlewares/brute');
|
||||
const brute = require('../../../../../../../core/server/web/shared/middleware/brute');
|
||||
|
||||
should.equal(firstMiddleware, brute.contentApiKey);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ describe('Content Api v3 middleware', function () {
|
|||
describe('authenticatePublic', function () {
|
||||
it('uses brute content api middleware as the first middleware in the chain', function () {
|
||||
const firstMiddleware = middleware.authenticatePublic[0];
|
||||
const brute = require('../../../../../../../core/server/web/shared/middlewares/brute');
|
||||
const brute = require('../../../../../../../core/server/web/shared/middleware/brute');
|
||||
|
||||
should.equal(firstMiddleware, brute.contentApiKey);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
const should = require('should');
|
||||
const spamPrevention = require('../../../../../../../core/server/web/shared/middlewares/api/spam-prevention');
|
||||
const spamPrevention = require('../../../../../../../core/server/web/shared/middleware/api/spam-prevention');
|
||||
|
||||
describe('Spam Prevention', function () {
|
||||
it('exports a contentApiKey method', function () {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const should = require('should');
|
||||
const sinon = require('sinon');
|
||||
const brute = require('../../../../../../core/server/web/shared/middlewares/brute');
|
||||
const brute = require('../../../../../../core/server/web/shared/middleware/brute');
|
||||
|
||||
describe('brute middleware', function () {
|
||||
after(function () {
|
||||
|
|
@ -13,7 +13,7 @@ describe('brute middleware', function () {
|
|||
|
||||
describe('contentApiKey', function () {
|
||||
it('calls the contentApiKey method of spam prevention', function () {
|
||||
const spamPrevention = require('../../../../../../core/server/web/shared/middlewares/api/spam-prevention');
|
||||
const spamPrevention = require('../../../../../../core/server/web/shared/middleware/api/spam-prevention');
|
||||
const contentApiKeyStub = sinon.stub(spamPrevention, 'contentApiKey');
|
||||
|
||||
// CASE: we don't care about what params it takes
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const should = require('should');
|
||||
const sinon = require('sinon');
|
||||
const cacheControl = require('../../../../../../core/server/web/shared/middlewares/cache-control');
|
||||
const cacheControl = require('../../../../../../core/server/web/shared/middleware/cache-control');
|
||||
|
||||
describe('Middleware: cacheControl', function () {
|
||||
let res;
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const should = require('should');
|
||||
const sinon = require('sinon');
|
||||
const uncapitalise = require('../../../../../../core/server/web/shared/middlewares/uncapitalise');
|
||||
const uncapitalise = require('../../../../../../core/server/web/shared/middleware/uncapitalise');
|
||||
|
||||
// NOTE: all urls will have had trailing slashes added before uncapitalise is called
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ const sinon = require('sinon');
|
|||
const rewire = require('rewire');
|
||||
const urlUtils = require('../../../../../utils/urlUtils');
|
||||
const configUtils = require('../../../../../utils/configUtils');
|
||||
const urlRedirects = rewire('../../../../../../core/server/web/shared/middlewares/url-redirects');
|
||||
const urlRedirects = rewire('../../../../../../core/server/web/shared/middleware/url-redirects');
|
||||
const {frontendSSLRedirect, adminSSLAndHostRedirect} = urlRedirects;
|
||||
const getAdminRedirectUrl = urlRedirects.__get__('_private.getAdminRedirectUrl');
|
||||
const getFrontendRedirectUrl = urlRedirects.__get__('_private.getFrontendRedirectUrl');
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue