Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-03 23:00:14 -05:00
Code Issues Activity

fix authentication error if setup/two is re-submitted

Browse source 
closes #6226
- adds calls to oauth middleware on PUT /authentication/setup/
- prevent setup/two from trying to log in again if user is already logged in
This commit is contained in:
Austin Burdine 2015-12-18 12:18:13 -07:00
parent 4cb6ebcaf7
commit ea1e454038
2 changed files with 26 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
core/client/app/controllers/setup/two.js
View file

@ -35,7 +35,7 @@ export default Controller.extend(ValidationEngine, {
return new RSVP.Promise((resolve, reject) => { return new RSVP.Promise((resolve, reject) => {
image.formData = {}; image.formData = {};
image.submit() image.submit()
.success(function (response) { .success((response) => {
user.image = response; user.image = response;
ajax({ ajax({
url: this.get('ghostPaths.url').api('users', user.id.toString()), url: this.get('ghostPaths.url').api('users', user.id.toString()),
@ -68,6 +68,22 @@ export default Controller.extend(ValidationEngine, {
} }
}, },
afterAuthentication(result) {
if (this.get('image')) {
this.sendImage(result.users[0])
.then(() => {
this.toggleProperty('submitting');
this.transitionToRoute('setup.three');
}).catch((resp) => {
this.toggleProperty('submitting');
this.get('notifications').showAPIError(resp, {key: 'setup.blog-details'});
});
} else {
this.toggleProperty('submitting');
this.transitionToRoute('setup.three');
}
},
actions: { actions: {
preValidate(model) { preValidate(model) {
// Only triggers validation if a value has been entered, preventing empty errors on focusOut // Only triggers validation if a value has been entered, preventing empty errors on focusOut
@ -77,9 +93,8 @@ export default Controller.extend(ValidationEngine, {
}, },
setup() { setup() {
let setupProperties = ['blogTitle', 'name', 'email', 'password', 'image']; let setupProperties = ['blogTitle', 'name', 'email', 'password'];
let data = this.getProperties(setupProperties); let data = this.getProperties(setupProperties);
let notifications = this.get('notifications');
let config = this.get('config'); let config = this.get('config');
let method = this.get('blogCreated') ? 'PUT' : 'POST'; let method = this.get('blogCreated') ? 'PUT' : 'POST';
@ -101,23 +116,17 @@ export default Controller.extend(ValidationEngine, {
} }
}).then((result) => { }).then((result) => {
config.set('blogTitle', data.blogTitle); config.set('blogTitle', data.blogTitle);
// don't try to login again if we are already logged in
if (this.get('session.isAuthenticated')) {
return this.afterAuthentication(result);
}
// Don't call the success handler, otherwise we will be redirected to admin // Don't call the success handler, otherwise we will be redirected to admin
this.get('application').set('skipAuthSuccessHandler', true); this.get('application').set('skipAuthSuccessHandler', true);
this.get('session').authenticate('authenticator:oauth2', this.get('email'), this.get('password')).then(() => { this.get('session').authenticate('authenticator:oauth2', this.get('email'), this.get('password')).then(() => {
this.set('blogCreated', true); this.set('blogCreated', true);
if (data.image) { return this.afterAuthentication(result);
this.sendImage(result.users[0])
.then(() => {
this.toggleProperty('submitting');
this.transitionToRoute('setup.three');
}).catch((resp) => {
this.toggleProperty('submitting');
notifications.showAPIError(resp, {key: 'setup.blog-details'});
});
} else {
this.toggleProperty('submitting');
this.transitionToRoute('setup.three');
}
}).catch((error) => { }).catch((error) => {
this._handleAuthenticationError(error); this._handleAuthenticationError(error);
}); });

2
core/server/routes/api.js
View file

@ -95,7 +95,7 @@ apiRoutes = function apiRoutes(middleware) {
router.post('/authentication/invitation', api.http(api.authentication.acceptInvitation)); router.post('/authentication/invitation', api.http(api.authentication.acceptInvitation));
router.get('/authentication/invitation', api.http(api.authentication.isInvitation)); router.get('/authentication/invitation', api.http(api.authentication.isInvitation));
router.post('/authentication/setup', api.http(api.authentication.setup)); router.post('/authentication/setup', api.http(api.authentication.setup));
router.put('/authentication/setup', api.http(api.authentication.updateSetup)); router.put('/authentication/setup', authenticatePrivate, api.http(api.authentication.updateSetup));
router.get('/authentication/setup', api.http(api.authentication.isSetup)); router.get('/authentication/setup', api.http(api.authentication.isSetup));
router.post('/authentication/token', router.post('/authentication/token',
middleware.spamPrevention.signin, middleware.spamPrevention.signin,