Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-03-04 02:01:58 -05:00
Code Issues Activity

closes #26 - admin login

Browse source 
There is now a login page. Trying to access any authenticated route will redirect you to a login page if you are not logged in.
Logging in works with the same hard-coded username and password & remembers you for a session.
Logging in will redirect you to your original route.
Flashes are present although they don't really appear in the right place.
This commit is contained in:
Hannah Wolfe 2013-05-19 12:19:39 +01:00
parent 27ce297b32
commit 7066593d78
4 changed files with 54 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
app.js
View file

@ -29,9 +29,14 @@
ghost.app().use(I18n.load(ghost)); ghost.app().use(I18n.load(ghost));
ghost.app().use(express.bodyParser()); ghost.app().use(express.bodyParser());
ghost.app().use(express.cookieParser('try-ghost')); ghost.app().use(express.cookieParser('try-ghost'));
ghost.app().use(express.session({ cookie: { maxAge: 60000 }})); ghost.app().use(express.cookieSession({ cookie: { maxAge: 60000 }}));
ghost.app().use(flash());
ghost.app().use(ghost.initTheme(ghost.app())); ghost.app().use(ghost.initTheme(ghost.app()));
ghost.app().use(flash());
// bind locals - options which appear in every view - perhaps this should be admin only
ghost.app().use(function (req, res, next) {
res.locals.messages = req.flash();
next();
});
}); });
/** /**
@ -40,7 +45,14 @@
* *
* @type {*} * @type {*}
*/ */
auth = express.basicAuth('ghostadmin', 'Wh0YouGonnaCall?'); auth = function (req, res, next) {
if (!req.session.user) {
req.flash('warn', "Please login");
res.redirect('/ghost/login/?redirect=' + encodeURIComponent(req.path));
} else {
next();
}
};
helpers.loadCoreHelpers(ghost); helpers.loadCoreHelpers(ghost);
@ -59,6 +71,10 @@
* Admin routes.. * Admin routes..
* @todo put these somewhere in admin * @todo put these somewhere in admin
*/ */
ghost.app().get(/^\/logout\/?$/, admin.logout);
ghost.app().get('/ghost/login/', admin.login);
ghost.app().post('/ghost/login/', admin.auth);
ghost.app().get('/ghost/editor/:id', auth, admin.editor); ghost.app().get('/ghost/editor/:id', auth, admin.editor);
ghost.app().get('/ghost/editor', auth, admin.editor); ghost.app().get('/ghost/editor', auth, admin.editor);
ghost.app().get('/ghost/blog', auth, admin.blog); ghost.app().get('/ghost/blog', auth, admin.blog);
@ -82,9 +98,4 @@
ghost.app().listen(3333, function () { ghost.app().listen(3333, function () {
console.log("Express server listening on port " + 3333); console.log("Express server listening on port " + 3333);
}); });
// }, function (e) {
// console.log(e.toString());
// }).then(null, function (e) {
// console.log(e.stack);
// });
}()); }());

24
core/admin/controllers/index.js
View file

@ -53,6 +53,26 @@
} }
adminControllers = { adminControllers = {
'login': function (req, res) {
res.render('login', {
bodyClass: 'ghost-login',
hideNavbar: true,
adminNav: setSelected(adminNavbar, 'login')
});
},
'auth': function (req, res) {
if (req.body.email === 'ghostadmin' && req.body.password === 'Wh0YouGonnaCall?') {
req.session.user = "ghostadmin";
res.redirect(req.query.redirect || '/ghost/');
} else {
res.redirect('/ghost/login/');
}
},
'logout': function (req, res) {
delete req.session.user;
req.flash('success', "You were successfully logged out");
res.redirect('/ghost/login/');
},
'index': function (req, res) { 'index': function (req, res) {
res.render('dashboard', { res.render('dashboard', {
bodyClass: 'dashboard', bodyClass: 'dashboard',
@ -97,9 +117,7 @@
index: function (req, res) { index: function (req, res) {
res.render('debug', { res.render('debug', {
bodyClass: 'settings', bodyClass: 'settings',
adminNav: setSelected(adminNavbar, 'settings'), adminNav: setSelected(adminNavbar, 'settings')
messages: req.flash(),
test: 'Hello world'
}); });
}, },
'dbdelete': function (req, res) { 'dbdelete': function (req, res) {

5
core/admin/views/default.hbs
View file

@ -16,7 +16,6 @@
<meta name="apple-mobile-web-app-capable" content="yes" /> <meta name="apple-mobile-web-app-capable" content="yes" />
<link rel="shortcut icon" href="/favicon.ico"> <link rel="shortcut icon" href="/favicon.ico">
<link rel="logo" type="image/svg" href="/core/admin/assets/img/logo.svg"/>
<meta http-equiv="cleartype" content="on"> <meta http-equiv="cleartype" content="on">
<link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Lato:300,400,700"> <link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Lato:300,400,700">
@ -32,7 +31,9 @@
{{{block "headScripts"}}} {{{block "headScripts"}}}
</head> </head>
<body class="{{bodyClass}}"> <body class="{{bodyClass}}">
{{> navbar}} {{#unless hideNavbar}}
{{> navbar}}
{{/unless}}
<main role="main"> <main role="main">
{{> flashes}} {{> flashes}}

11
core/admin/views/login.hbs Normal file
View file

@ -0,0 +1,11 @@
{{!< default}}
<img class="login-logo" src="/core/admin/assets/img/logo.png" alt="" />
<form id="login" method="post">
<div class="email-wrap">
<input class="email" type="text" placeholder="Email Address" name="email">
</div>
<div class="password-wrap">
<input class="password" type="password" placeholder="Password" name="password">
</div>
<button class="button-save" type="submit">Log in</button>
</form>