Ghost/core/server/api/canary/membersStripeConnect.js

const membersService = require('../../services/members');
const config = require('../../../shared/config');
const urlUtils = require('../../../shared/url-utils');
const {BadRequestError} = require('@tryghost/errors');

module.exports = {
    docName: 'members_stripe_connect',
    auth: {
        permissions: true,
        options: [
            'mode'
        ],
        validation: {
            options: {
                mode: {
                    values: ['live', 'test']
                }
            }
        },
        query(frame) {
            const siteUrl = urlUtils.getSiteUrl();
            const productionMode = config.get('env') === 'production';
            const siteUrlUsingSSL = /^https/.test(siteUrl);
            const cannotConnectToStripe = productionMode && !siteUrlUsingSSL;
            if (cannotConnectToStripe) {
                throw new BadRequestError('Cannot connect to stripe unless site is using https://');
            }
            // This is something you have to do if you want to use the "framework" with access to the raw req/res
            frame.response = async function (req, res) {
                function setSessionProp(prop, val) {
                    req.session[prop] = val;
                }
                const mode = frame.options.mode || 'live';
                const stripeConnectAuthURL = await membersService.stripeConnect.getStripeConnectOAuthUrl(setSessionProp, mode);
                return res.redirect(stripeConnectAuthURL);
            };
        }
    }
};
Added membersStripeConnect controller auth method no-issue In order to issue a redirect we need access to the "raw" req/res objects, which is why we must return the function which gets access to them. The members service is used to create the auth url and to update the users session. 2020-05-28 13:40:51 +03:00			`const membersService = require('../../services/members');`
Added precondition for Stripe Connect Admin API refs https://github.com/TryGhost/Team/issues/598 Stripe Webhooks require SSL in production, and so we should not be allowing connecting to Stripe in production mode unless the site is running with SSL. 2021-05-13 13:06:54 +03:00			`const config = require('../../../shared/config');`
			`const urlUtils = require('../../../shared/url-utils');`
			`const {BadRequestError} = require('@tryghost/errors');`
Added membersStripeConnect controller auth method no-issue In order to issue a redirect we need access to the "raw" req/res objects, which is why we must return the function which gets access to them. The members service is used to create the auth url and to update the users session. 2020-05-28 13:40:51 +03:00
			`module.exports = {`
			`docName: 'members_stripe_connect',`
			`auth: {`
			`permissions: true,`
Supported test mode in members_stripe_connect API no-issue We've added a "mode" query param to the members_stripe_connect api auth method, allowing the client to easily switch between live and test mode. 2020-06-10 14:23:04 +03:00			`options: [`
			`'mode'`
			`],`
			`validation: {`
			`options: {`
			`mode: {`
			`values: ['live', 'test']`
			`}`
			`}`
			`},`
Added membersStripeConnect controller auth method no-issue In order to issue a redirect we need access to the "raw" req/res objects, which is why we must return the function which gets access to them. The members service is used to create the auth url and to update the users session. 2020-05-28 13:40:51 +03:00			`query(frame) {`
Added precondition for Stripe Connect Admin API refs https://github.com/TryGhost/Team/issues/598 Stripe Webhooks require SSL in production, and so we should not be allowing connecting to Stripe in production mode unless the site is running with SSL. 2021-05-13 13:06:54 +03:00			`const siteUrl = urlUtils.getSiteUrl();`
			`const productionMode = config.get('env') === 'production';`
			`const siteUrlUsingSSL = /^https/.test(siteUrl);`
			`const cannotConnectToStripe = productionMode && !siteUrlUsingSSL;`
			`if (cannotConnectToStripe) {`
			`throw new BadRequestError('Cannot connect to stripe unless site is using https://');`
			`}`
Added membersStripeConnect controller auth method no-issue In order to issue a redirect we need access to the "raw" req/res objects, which is why we must return the function which gets access to them. The members service is used to create the auth url and to update the users session. 2020-05-28 13:40:51 +03:00			`// This is something you have to do if you want to use the "framework" with access to the raw req/res`
			`frame.response = async function (req, res) {`
			`function setSessionProp(prop, val) {`
			`req.session[prop] = val;`
			`}`
Supported test mode in members_stripe_connect API no-issue We've added a "mode" query param to the members_stripe_connect api auth method, allowing the client to easily switch between live and test mode. 2020-06-10 14:23:04 +03:00			`const mode = frame.options.mode \|\| 'live';`
			`const stripeConnectAuthURL = await membersService.stripeConnect.getStripeConnectOAuthUrl(setSessionProp, mode);`
Added membersStripeConnect controller auth method no-issue In order to issue a redirect we need access to the "raw" req/res objects, which is why we must return the function which gets access to them. The members service is used to create the auth url and to update the users session. 2020-05-28 13:40:51 +03:00			`return res.redirect(stripeConnectAuthURL);`
			`};`
			`}`
			`}`
			`};`