mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-27 22:49:56 -05:00
c8e8da4780
closes #2759 closes #3027 - added oauth2orize library for server side oAuth handling - added ember-simple-auth library for admin oAuth handling - added tables for client, accesstoken and refreshtoken - implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant - updated api tests with oAuth - removed session, authentication is now token based Known issues: - Restore spam prevention #3128 - Signin after Signup #3125 - Signin validation #3125 **Attention** - oldClient doesn't work with this PR anymore, session authentication was removed
65 lines
2.7 KiB
JavaScript
65 lines
2.7 KiB
JavaScript
var url = require('url'),
|
|
ApiRouteBase = '/ghost/api/v0.1/',
|
|
host = 'localhost',
|
|
port = '2369',
|
|
schema = 'http://',
|
|
expectedProperties = {
|
|
posts: ['posts', 'meta'],
|
|
users: ['users'],
|
|
pagination: ['page', 'limit', 'pages', 'total', 'next', 'prev'],
|
|
post: ['id', 'uuid', 'title', 'slug', 'markdown', 'html', 'meta_title', 'meta_description',
|
|
'featured', 'image', 'status', 'language', 'created_at', 'created_by', 'updated_at',
|
|
'updated_by', 'published_at', 'published_by', 'page', 'author', 'tags', 'fields'],
|
|
settings: ['settings', 'meta'],
|
|
setting: ['id', 'uuid', 'key', 'value', 'type', 'created_at', 'created_by', 'updated_at', 'updated_by'],
|
|
tag: ['id', 'uuid', 'name', 'slug', 'description', 'parent',
|
|
'meta_title', 'meta_description', 'created_at', 'created_by', 'updated_at', 'updated_by'],
|
|
theme: ['uuid', 'name', 'version', 'active'],
|
|
user: ['id', 'uuid', 'name', 'slug', 'email', 'image', 'cover', 'bio', 'website',
|
|
'location', 'accessibility', 'status', 'language', 'meta_title', 'meta_description', 'last_login',
|
|
'created_at', 'created_by', 'updated_at', 'updated_by'],
|
|
notification: ['type', 'message', 'status', 'id', 'dismissable', 'location'],
|
|
slugs: ['slugs'],
|
|
slug: ['slug'],
|
|
accesstoken: ['access_token', 'refresh_token', 'expires_in', 'token_type']
|
|
};
|
|
|
|
function getApiQuery(route) {
|
|
return url.resolve(ApiRouteBase, route);
|
|
}
|
|
|
|
function getApiURL(route) {
|
|
var baseURL = url.resolve(schema + host + ':' + port, ApiRouteBase);
|
|
return url.resolve(baseURL, route);
|
|
}
|
|
function getSigninURL() {
|
|
return url.resolve(schema + host + ':' + port, 'ghost/signin/');
|
|
}
|
|
function getAdminURL() {
|
|
return url.resolve(schema + host + ':' + port, 'ghost/');
|
|
}
|
|
|
|
// make sure the API only returns expected properties only
|
|
function checkResponseValue(jsonResponse, properties) {
|
|
Object.keys(jsonResponse).length.should.eql(properties.length);
|
|
for (var i = 0; i < properties.length; i = i + 1) {
|
|
// For some reason, settings response objects do not have the 'hasOwnProperty' method
|
|
if (Object.prototype.hasOwnProperty.call(jsonResponse, properties[i])) {
|
|
continue;
|
|
}
|
|
jsonResponse.should.have.property(properties[i]);
|
|
}
|
|
}
|
|
|
|
function checkResponse(jsonResponse, objectType) {
|
|
checkResponseValue(jsonResponse, expectedProperties[objectType]);
|
|
}
|
|
|
|
module.exports = {
|
|
getApiURL: getApiURL,
|
|
getApiQuery: getApiQuery,
|
|
getSigninURL: getSigninURL,
|
|
getAdminURL: getAdminURL,
|
|
checkResponse: checkResponse,
|
|
checkResponseValue: checkResponseValue
|
|
};
|