Moved members app mount to parent app

- Clarify that the parent app has 2 distinct parts: backend and frontend - Frontend app takes members and site apps + the frontend SSL redirect middleware - Backend app already has admin + API (and the SSL redirect needs significant work) - There's a lot more to do here, but this increases clarity
2025-01-20 22:42:53 -05:00 · 2020-04-30 16:51:04 +01:00 · 2020-04-30 16:51:04 +01:00 · a1f2715135
commit a1f2715135
parent 87fa1db0c0
2 changed files with 14 additions and 9 deletions
--- a/core/server/web/parent/app.js
+++ b/core/server/web/parent/app.js
@ -7,6 +7,7 @@ const netjet = require('netjet');
 const mw = require('./middleware');
 const escapeRegExp = require('lodash.escaperegexp');
 const {URL} = require('url');
+const shared = require('../shared');

 module.exports = function setupParentApp(options = {}) {
    debug('ParentApp setup start');
@ -37,11 +38,11 @@ module.exports = function setupParentApp(options = {}) {
    parentApp.use(mw.ghostLocals);

    // Mount the express apps on the parentApp
-
    const backendHost = config.get('admin:url') ? (new URL(config.get('admin:url')).hostname) : '';
    const frontendHost = new URL(config.get('url')).hostname;
    const hasSeparateBackendHost = backendHost && backendHost !== frontendHost;

+    // BACKEND
    // Wrap the admin and API apps into a single express app for use with vhost
    const backendApp = express();
    backendApp.use('/ghost/api', require('../api')());
@ -53,12 +54,22 @@ module.exports = function setupParentApp(options = {}) {
    const backendVhostArg = hasSeparateBackendHost && backendHost ? backendHost : /.*/;
    parentApp.use(vhost(backendVhostArg, backendApp));

-    // BLOG
+    // FRONTEND
+    const frontendApp = express();
+
+    // Force SSL if blog url is set to https. The redirects handling must happen before asset and page routing,
+    // otherwise we serve assets/pages with http. This can cause mixed content warnings in the admin client.
+    frontendApp.use(shared.middlewares.urlRedirects.frontendSSLRedirect);
+
+    frontendApp.use('/members', require('../members')());
+    frontendApp.use('/', require('../site')(options));
+
+    // SITE + MEMBERS
    // with a separate admin url we adjust the frontend vhost to exclude requests to that host, otherwise serve on all hosts
    const frontendVhostArg = (hasSeparateBackendHost && backendHost) ?
        new RegExp(`^(?!${escapeRegExp(backendHost)}).*`) : /.*/;

-    parentApp.use(vhost(frontendVhostArg, require('../site')(options)));
+    parentApp.use(vhost(frontendVhostArg, frontendApp));

    debug('ParentApp setup end');

--- a/core/server/web/site/app.js
+++ b/core/server/web/site/app.js
@ -91,10 +91,6 @@ module.exports = function setupSiteApp(options = {}) {
    // (Optionally) redirect any requests to /ghost to the admin panel
    siteApp.use(mw.redirectGhostToAdmin());

-    // force SSL if blog url is set to https. The redirects handling must happen before asset and page routing,
-    // otherwise we serve assets/pages with http. This can cause mixed content warnings in the admin client.
-    siteApp.use(shared.middlewares.urlRedirects.frontendSSLRedirect);
-
    // Static content/assets
    // @TODO make sure all of these have a local 404 error handler
    // Favicon
@ -129,8 +125,6 @@ module.exports = function setupSiteApp(options = {}) {
    themeService.loadCoreHelpers();
    debug('Helpers done');

-    siteApp.use('/members', require('../members')());
-
    // Global handling for member session, ensures a member is logged in to the frontend
    siteApp.use(membersMiddleware.loadMemberSession);