0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/core/server/services/members/middleware.js
Fabien O'Carroll 046bd652e5 Renamed login middleware to getIdentityToken
no-issue

This name `login` was misleading as this middleware didn't login
members, that was handled by the `authentication` middleware,
specifically `exchangeTokenForSession`
2019-12-04 09:49:13 +02:00

97 lines
2.6 KiB
JavaScript

const common = require('../../lib/common');
const constants = require('../../lib/constants');
const shared = require('../../web/shared');
const labsService = require('../labs');
const membersService = require('./index');
const getIdentityToken = async function (req, res) {
try {
const token = await membersService.ssr.getIdentityTokenForMemberFromSession(req, res);
res.writeHead(200);
res.end(token);
} catch (err) {
common.logging.warn(err.message);
res.writeHead(err.statusCode);
res.end(err.message);
}
};
const logout = async function (req, res) {
try {
await membersService.ssr.deleteSession(req, res);
res.writeHead(204);
res.end();
} catch (err) {
common.logging.warn(err.message);
res.writeHead(err.statusCode);
res.end(err.message);
}
};
const getMemberDataFromSession = async function (req, res, next) {
if (!labsService.isSet('members')) {
req.member = null;
return next();
}
try {
const member = await membersService.ssr.getMemberDataFromSession(req, res);
Object.assign(req, {member});
next();
} catch (err) {
common.logging.warn(err.message);
Object.assign(req, {member: null});
next();
}
};
const exchangeTokenForSession = async function (req, res, next) {
if (!labsService.isSet('members')) {
return next();
}
if (!req.url.includes('token=')) {
return next();
}
try {
const member = await membersService.ssr.exchangeTokenForSession(req, res);
Object.assign(req, {member});
next();
} catch (err) {
common.logging.warn(err.message);
return next();
}
};
const decorateResponse = function (req, res, next) {
res.locals.member = req.member;
next();
};
// @TODO only loads this stuff if members is enabled
// Set req.member & res.locals.member if a cookie is set
module.exports = {
public: [
shared.middlewares.labs.members,
shared.middlewares.servePublicFile.createPublicFileMiddleware(
'public/members.js',
'application/javascript',
constants.ONE_HOUR_S
)
],
authentication: [
getMemberDataFromSession,
exchangeTokenForSession,
decorateResponse
],
getIdentityToken: [
shared.middlewares.labs.members,
getIdentityToken
],
logout: [
shared.middlewares.labs.members,
logout
],
stripeWebhooks: [
shared.middlewares.labs.members,
(req, res, next) => membersService.api.middleware.handleStripeWebhook(req, res, next)
]
};