0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
ghost/core/server/auth/sync.js
Katharina Irrgang e0cd5b55ce 🎨 fetch user profile by auth id (#8110)
no issue

- this is secured by client credentials
- you can only fetch the user info if the user is connected to your blog (invited, owner)
- passport ghost instance stores the client credentials in the instance, no need to pass them into
- tested on staging
2017-03-13 19:49:30 +00:00

63 lines
1.9 KiB
JavaScript

var debug = require('ghost-ignition').debug('sync'),
models = require('../models'),
ghostAuth = require('./ghost-auth'),
logging = require('../logging'),
errors = require('../errors'),
events = require('../events'),
knex = require('../data/db').knex,
_private = {
syncIntervalInMs: 1000 * 60 * 60,
lastSync: {}
};
/**
* @TODO: support long polling in the ghost auth service
*/
_private.syncUser = function syncUser(loggedInUserModel) {
debug('syncUser');
// CASE: sync every hour for now
if (_private.lastSync[loggedInUserModel.id]) {
if ((_private.lastSync[loggedInUserModel.id] + _private.syncIntervalInMs) > Date.now()) {
debug('too early too sync');
return;
}
}
return ghostAuth.getUser({
id: loggedInUserModel.get('ghost_auth_id')
}).then(function (ghostUser) {
debug('ghost_email', ghostUser.email);
debug('user_email', loggedInUserModel.get('email'));
if (ghostUser.email === loggedInUserModel.get('email')) {
debug('email has not changed');
return;
}
debug('sync email');
// CASE: we update the user in a transaction to avoid collisions
return knex.transaction(function onTransaction(transaction) {
return models.User.edit({
email: ghostUser.email
}, {id: loggedInUserModel.id, transacting: transaction});
});
}).then(function () {
debug('update lastSync');
_private.lastSync[loggedInUserModel.id] = Date.now();
}).catch(function onError(err) {
logging.error(new errors.InternalServerError({
message: 'ghost-auth: sync failed',
err: err
}));
});
};
module.exports.init = function init(options) {
var authType = options.authType;
if (authType === 'ghost') {
events.on('read:users:me', _private.syncUser);
}
};