From 856dd1fc2b421ea81ba035974b29981fbc49e676 Mon Sep 17 00:00:00 2001 From: Kevin Ansfield Date: Tue, 29 Oct 2024 17:46:35 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fixed=20"Access=20Denied"=20erro?= =?UTF-8?q?r=20when=20accepting=20staff=20invite?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ref https://app.incident.io/ghost/incidents/117 - the authenticate call made as part of signup was missed as part of the update when we adjusted the params for `cookie` authenticator's `authenticate` method in Admin so it could switch behaviour for 2fa - fixed the authenticate call params and updated our mocked `/session` endpoint to check for expected POST data which would have let tests catch this error --- ghost/admin/app/controllers/signup.js | 2 +- ghost/admin/mirage/config/authentication.js | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/ghost/admin/app/controllers/signup.js b/ghost/admin/app/controllers/signup.js index 68745244dd..68893c9f57 100644 --- a/ghost/admin/app/controllers/signup.js +++ b/ghost/admin/app/controllers/signup.js @@ -104,6 +104,6 @@ export default class SignupController extends Controller { const {email, password} = this.signupDetails; return this.session - .authenticate('authenticator:cookie', email, password); + .authenticate('authenticator:cookie', {identification: email, password}); } } diff --git a/ghost/admin/mirage/config/authentication.js b/ghost/admin/mirage/config/authentication.js index 112d517696..c178278474 100644 --- a/ghost/admin/mirage/config/authentication.js +++ b/ghost/admin/mirage/config/authentication.js @@ -5,7 +5,12 @@ import {isBlank} from '@ember/utils'; export default function mockAuthentication(server) { // Password sign-in - server.post('/session', function () { + server.post('/session', function (schema, request) { + const data = JSON.parse(request.requestBody); + if (!data.username || !data.password) { + return new Response(401); + } + return new Response(201); });