mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-20 22:42:53 -05:00
c3fcb3105f
no issue - adds a ghost-backup client - adds a client authenticated endpoint to export blog for ghost-backup client only - allows some additional overrides during import - allows for an import by file to override locking a user and double hashing the password
47 lines
1.2 KiB
JavaScript
47 lines
1.2 KiB
JavaScript
var prettyURLs = require('../middleware/pretty-urls'),
|
|
cors = require('../middleware/api/cors'),
|
|
auth = require('../auth');
|
|
|
|
/**
|
|
* Auth Middleware Packages
|
|
*
|
|
* IMPORTANT
|
|
* - cors middleware MUST happen before pretty urls, because otherwise cors header can get lost
|
|
* - cors middleware MUST happen after authenticateClient, because authenticateClient reads the trusted domains
|
|
*/
|
|
|
|
/**
|
|
* Authentication for public endpoints
|
|
*/
|
|
module.exports.authenticatePublic = [
|
|
auth.authenticate.authenticateClient,
|
|
auth.authenticate.authenticateUser,
|
|
// This is a labs-enabled middleware
|
|
auth.authorize.requiresAuthorizedUserPublicAPI,
|
|
cors,
|
|
prettyURLs
|
|
];
|
|
|
|
/**
|
|
* Authentication for private endpoints
|
|
*/
|
|
module.exports.authenticatePrivate = [
|
|
auth.authenticate.authenticateClient,
|
|
auth.authenticate.authenticateUser,
|
|
auth.authorize.requiresAuthorizedUser,
|
|
cors,
|
|
prettyURLs
|
|
];
|
|
|
|
/**
|
|
* Authentication for client endpoints
|
|
*/
|
|
module.exports.authenticateClient = function authenticateClient(client) {
|
|
return [
|
|
auth.authenticate.authenticateClient,
|
|
auth.authenticate.authenticateUser,
|
|
auth.authorize.requiresAuthorizedClient(client),
|
|
cors,
|
|
prettyURLs
|
|
];
|
|
};
|