mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-06 22:40:14 -05:00
e0cd5b55ce
no issue - this is secured by client credentials - you can only fetch the user info if the user is connected to your blog (invited, owner) - passport ghost instance stores the client credentials in the instance, no need to pass them into - tested on staging
63 lines
1.9 KiB
JavaScript
63 lines
1.9 KiB
JavaScript
var debug = require('ghost-ignition').debug('sync'),
|
|
models = require('../models'),
|
|
ghostAuth = require('./ghost-auth'),
|
|
logging = require('../logging'),
|
|
errors = require('../errors'),
|
|
events = require('../events'),
|
|
knex = require('../data/db').knex,
|
|
_private = {
|
|
syncIntervalInMs: 1000 * 60 * 60,
|
|
lastSync: {}
|
|
};
|
|
|
|
/**
|
|
* @TODO: support long polling in the ghost auth service
|
|
*/
|
|
_private.syncUser = function syncUser(loggedInUserModel) {
|
|
debug('syncUser');
|
|
|
|
// CASE: sync every hour for now
|
|
if (_private.lastSync[loggedInUserModel.id]) {
|
|
if ((_private.lastSync[loggedInUserModel.id] + _private.syncIntervalInMs) > Date.now()) {
|
|
debug('too early too sync');
|
|
return;
|
|
}
|
|
}
|
|
|
|
return ghostAuth.getUser({
|
|
id: loggedInUserModel.get('ghost_auth_id')
|
|
}).then(function (ghostUser) {
|
|
debug('ghost_email', ghostUser.email);
|
|
debug('user_email', loggedInUserModel.get('email'));
|
|
|
|
if (ghostUser.email === loggedInUserModel.get('email')) {
|
|
debug('email has not changed');
|
|
return;
|
|
}
|
|
|
|
debug('sync email');
|
|
|
|
// CASE: we update the user in a transaction to avoid collisions
|
|
return knex.transaction(function onTransaction(transaction) {
|
|
return models.User.edit({
|
|
email: ghostUser.email
|
|
}, {id: loggedInUserModel.id, transacting: transaction});
|
|
});
|
|
}).then(function () {
|
|
debug('update lastSync');
|
|
_private.lastSync[loggedInUserModel.id] = Date.now();
|
|
}).catch(function onError(err) {
|
|
logging.error(new errors.InternalServerError({
|
|
message: 'ghost-auth: sync failed',
|
|
err: err
|
|
}));
|
|
});
|
|
};
|
|
|
|
module.exports.init = function init(options) {
|
|
var authType = options.authType;
|
|
|
|
if (authType === 'ghost') {
|
|
events.on('read:users:me', _private.syncUser);
|
|
}
|
|
};
|