0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
ghost/ghost/mw-session-from-token/README.md
Daniel Lockyer 0a5f600dfe
Tidied up package README and LICENSE files
- we shouldn't need individual LICENSE files because these packages
  won't be published, so the top-level one applies
- also cleaned up README files to remove mentions of Lerna monorepos and
  install instructions
2022-07-26 15:22:10 +02:00

953 B

Session From Token Middleware

Middleware to handle generating sessions from tokens, for example like with magic links, or SSO flows similar to SAML.

Usage

const sessionFromTokenMiddleware = require('@tryghost/mw-session-from-token')({
    callNextWithError: true,
    async createSession(req, res, user) {
        req.session.user_id = user.id;
    },
    async getTokenFromRequest(res) {
        return req.headers['some-cool-header'];
    },
    async getLookupFromToken(token) {
        await someTokenService.validate(token);
        const data = await someTokenService.getData(token);
        return data.email;
    },
    async findUserByLookup(lookup) {
        return await someUserModel.findOne({email: lookup});
    }
});

someExpressApp.get('/some/sso/url', someSessionMiddleware, sessionFromTokenMiddleware, (req, res, next) => {
    res.redirect('/loggedin');
}, (err, res, res, next) => {
    res.redirect('/error');
});