Added new members/api/site endpoint

- easy way to access public settings needed for building members clients
- no auth means this is for public info only

core/server/api/canary/site.js

@@ -2,7 +2,6 @@ const ghostVersion = require('../../lib/ghost-version');
 const settingsCache = require('../../services/settings/cache');
 const urlUtils = require('../../lib/url-utils');
 const config = require('../../config');
-const membersService = require('../../services/members');
 
 const site = {
     docName: 'site',
@@ -16,10 +15,7 @@ const site = {
                 logo: settingsCache.get('logo'),
                 brand: settingsCache.get('brand'),
                 url: urlUtils.urlFor('home', true),
-                version: ghostVersion.safe,
-                // @TODO: move these to a members API
-                plans: membersService.config.getPublicPlans(), // these are new members features that probably won't live here
-                allowSelfSignup: membersService.config.getAllowSelfSignup() // these are new members features that probably won't live here
+                version: ghostVersion.safe
             };
 
             // Brand is currently an experimental feature

core/server/services/members/middleware.js

@@ -1,7 +1,10 @@
 const common = require('../../lib/common');
+const config = require('../../config');
 const labsService = require('../labs');
 const membersService = require('./index');
 const urlUtils = require('../../lib/url-utils');
+const ghostVersion = require('../../lib/ghost-version');
+const settingsCache = require('../settings/cache');
 
 // @TODO: This piece of middleware actually belongs to the frontend, not to the member app
 // Need to figure a way to separate these things (e.g. frontend actually talks to members API)
@@ -69,6 +72,26 @@ const getMemberData = async function (req, res) {
     }
 };
 
+const getMemberSiteData = async function (req, res) {
+    const response = {
+        title: settingsCache.get('title'),
+        description: settingsCache.get('description'),
+        logo: settingsCache.get('logo'),
+        brand: settingsCache.get('brand'),
+        url: urlUtils.urlFor('home', true),
+        version: ghostVersion.safe,
+        plans: membersService.config.getPublicPlans(),
+        allowSelfSignup: membersService.config.getAllowSelfSignup()
+    };
+
+    // Brand is currently an experimental feature
+    if (!config.get('enableDeveloperExperiments')) {
+        delete response.brand;
+    }
+
+    res.json({site: response});
+};
+
 const createSessionFromMagicLink = async function (req, res, next) {
     if (!req.url.includes('token=')) {
         return next();
@@ -102,6 +125,7 @@ module.exports = {
     createSessionFromMagicLink,
     getIdentityToken,
     getMemberData,
+    getMemberSiteData,
     deleteSession,
     stripeWebhooks: (req, res, next) => membersService.api.middleware.handleStripeWebhook(req, res, next)
 };

core/server/web/members/app.js

@@ -30,6 +30,7 @@ module.exports = function setupMembersApp() {
     membersApp.get('/api/member', middleware.getMemberData);
     membersApp.get('/api/session', middleware.getIdentityToken);
     membersApp.delete('/api/session', middleware.deleteSession);
+    membersApp.get('/api/site', middleware.getMemberSiteData);
 
     // NOTE: this is wrapped in a function to ensure we always go via the getter
     membersApp.post('/api/send-magic-link', (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));

test/frontend-acceptance/members_spec.js

@@ -65,6 +65,11 @@ describe('Basic Members Routes', function () {
                     .expect(400);
             });
 
+            it('should serve member site endpoint', function () {
+                return request.get('/members/api/site')
+                    .expect(200);
+            });
+
             it('should error for invalid data on member magic link endpoint', function () {
                 return request.post('/members/api/send-magic-link')
                     .expect(400);
@@ -132,6 +137,11 @@ describe('Basic Members Routes', function () {
                     .expect(404);
             });
 
+            it('should not serve member site endpoint', function () {
+                return request.get('/members/api/site')
+                    .expect(404);
+            });
+
             it('should not serve member magic link endpoint', function () {
                 return request.post('/members/api/send-magic-link')
                     .expect(404);