TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 18:01:36 +03:00
Code Issues Projects Releases Wiki Activity
311414ad48
Ghost/core/server/api/canary/authentication.js

218 lines
6.8 KiB
JavaScript
Raw Normal View History

🔒 Added a "reset all passwords" feature (#13005) issue https://github.com/TryGhost/Team/issues/750 - Only accessible by admins - Resets all staff users' passwords and prevents them to log-in - Sends them a reset email password to give them back access to their account - Closes all existing staff user sessions
2021-06-23 15:54:28 +03:00
const Promise = require('bluebird');
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
const api = require('./index');
Moved config from server to shared (#11850) * moved `server/config` to `shared/config` * updated config import paths in server to use shared * updated config import paths in frontend to use shared * updated config import paths in test to use shared * updated config import paths in root to use shared * trigger regression tests * of course the rebase broke tests
2020-05-27 20:47:53 +03:00
const config = require('../../../shared/config');
Replaced i18n.t w/ tpl helper in authentication.js (#13402) refs: #13380
2021-10-04 11:54:15 +03:00
const tpl = require('@tryghost/tpl');
Refactored `common` lib import to use destructuring (#11835) * refactored `core/frontend/apps` to destructure common imports * refactored `core/frontend/services/{apps, redirects, routing}` to destructure common imports * refactored `core/frontend/services/settings` to destructure common imports * refactored remaining `core/frontend/services` to destructure common imports * refactored `core/server/adapters` to destructure common imports * refactored `core/server/data/{db, exporter, schema, validation}` to destructure common imports * refactored `core/server/data/importer` to destructure common imports * refactored `core/server/models/{base, plugins, relations}` to destructure common imports * refactored remaining `core/server/models` to destructure common imports * refactored `core/server/api/canary/utils/serializers/output` to destructure common imports * refactored remaining `core/server/api/canary/utils` to destructure common imports * refactored remaining `core/server/api/canary` to destructure common imports * refactored `core/server/api/shared` to destructure common imports * refactored `core/server/api/v2/utils` to destructure common imports * refactored remaining `core/server/api/v2` to destructure common imports * refactored `core/frontend/meta` to destructure common imports * fixed some tests referencing `common.errors` instead of `@tryghost/errors` - Not all of them need to be updated; only updating the ones that are causing failures * fixed errors import being shadowed by local scope
2020-05-22 21:22:20 +03:00
const errors = require('@tryghost/errors');
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
const web = require('../../web');
const models = require('../../models');
const auth = require('../../services/auth');
const invitations = require('../../services/invitations');
🔒 Added a "reset all passwords" feature (#13005) issue https://github.com/TryGhost/Team/issues/750 - Only accessible by admins - Resets all staff users' passwords and prevents them to log-in - Sends them a reset email password to give them back access to their account - Closes all existing staff user sessions
2021-06-23 15:54:28 +03:00
const dbBackup = require('../../data/db/backup');
const apiMail = require('./index').mail;
const apiSettings = require('./index').settings;
const UsersService = require('../../services/users');
const userService = new UsersService({dbBackup, models, auth, apiMail, apiSettings});
const {deleteAllSessions} = require('../../services/auth/session');
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
Replaced i18n.t w/ tpl helper in authentication.js (#13402) refs: #13380
2021-10-04 11:54:15 +03:00
const messages = {
notTheBlogOwner: 'You are not the site owner.'
};
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
module.exports = {
docName: 'authentication',
setup: {
statusCode: 201,
permissions: false,
Added cache invalidation to the POST authentication/setup route issue https://github.com/TryGhost/Team/issues/859
2021-07-05 17:01:18 +03:00
headers: {
cacheInvalidate: true
},
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
validation: {
docName: 'setup'
},
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(false)();
})
.then(() => {
const setupDetails = {
name: frame.data.setup[0].name,
email: frame.data.setup[0].email,
password: frame.data.setup[0].password,
blogTitle: frame.data.setup[0].blogTitle,
status: 'active'
};
return auth.setup.setupUser(setupDetails);
})
Updated setup flow to rename default product refs https://github.com/TryGhost/Team/issues/667 On clean and existing installs, the default product created should be named the same as the site title instead of the name in fixture. This change updates the default product's name to site title during the site setup. We use the Product name in Portal.
2021-05-09 13:12:50 +03:00
.then((data) => {
try {
return auth.setup.doProduct(data, api.products);
} catch (e) {
return data;
}
})
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
.then((data) => {
return auth.setup.doSettings(data, api.settings);
})
.then((user) => {
return auth.setup.sendWelcomeEmail(user.get('email'), api.mail)
.then(() => user);
});
}
},
updateSetup: {
Update cache invalidation on several routes issue https://github.com/TryGhost/Team/issues/859 - Added invalidation to PUT /authentication/setup - Added invalidation to POST /db - Added invalidation to DELETE /db - Added invalidation to GET /slugs/:type/:name - Removed invalidation from PUT /users/:id/token
2021-07-07 19:12:51 +03:00
headers: {
cacheInvalidate: true
},
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
permissions: (frame) => {
return models.User.findOne({role: 'Owner', status: 'all'})
.then((owner) => {
if (owner.id !== frame.options.context.user) {
Replaced i18n.t w/ tpl helper in authentication.js (#13402) refs: #13380
2021-10-04 11:54:15 +03:00
throw new errors.NoPermissionError({message: tpl(messages.notTheBlogOwner)});
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
}
});
},
validation: {
docName: 'setup'
},
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(true)();
})
.then(() => {
const setupDetails = {
name: frame.data.setup[0].name,
email: frame.data.setup[0].email,
password: frame.data.setup[0].password,
blogTitle: frame.data.setup[0].blogTitle,
status: 'active'
};
return auth.setup.setupUser(setupDetails);
})
.then((data) => {
return auth.setup.doSettings(data, api.settings);
});
}
},
isSetup: {
permissions: false,
Fixed function complexity linting warning no issue - Touched this file while looking into use of config.user_name/user_email and it was almost criminal to not do a tiny improvement
2021-08-12 14:38:58 +03:00
async query() {
const isSetup = await auth.setup.checkIsSetup();
return {
status: isSetup,
title: config.title,
name: config.user_name,
email: config.user_email
};
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
}
},
generateResetToken: {
validation: {
docName: 'passwordreset'
},
permissions: true,
options: [
'email'
],
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(true)();
})
.then(() => {
return auth.passwordreset.generateToken(frame.data.passwordreset[0].email, api.settings);
})
.then((token) => {
Removed separate reset/forced-reset emails and updated email copy refs https://github.com/TryGhost/Ghost/pull/11790 - reduced complexity by sticking to one email for both normal reset and forced reset (locked staff accounts) - exposed `siteTitle` for use in any email templates - updated email copy to be suitable for both types of password reset
2020-05-06 15:19:47 +03:00
return auth.passwordreset.sendResetNotification(token, api.mail);
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
});
}
},
resetPassword: {
validation: {
docName: 'passwordreset',
data: {
newPassword: {required: true},
ne2Password: {required: true}
}
},
permissions: false,
options: [
'ip'
],
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(true)();
})
.then(() => {
return auth.passwordreset.extractTokenParts(frame);
})
.then((params) => {
return auth.passwordreset.protectBruteForce(params);
})
.then(({options, tokenParts}) => {
options = Object.assign(options, {context: {internal: true}});
return auth.passwordreset.doReset(options, tokenParts, api.settings)
.then((params) => {
web.shared.middlewares.api.spamPrevention.userLogin().reset(frame.options.ip, `${tokenParts.email}login`);
return params;
});
});
}
},
acceptInvitation: {
validation: {
docName: 'invitations'
},
permissions: false,
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(true)();
})
.then(() => {
return invitations.accept(frame.data);
});
}
},
isInvitation: {
data: [
'email'
],
validation: {
docName: 'invitations'
},
permissions: false,
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(true)();
})
.then(() => {
const email = frame.data.email;
return models.Invite.findOne({email: email, status: 'sent'}, frame.options);
});
}
🔒 Added a "reset all passwords" feature (#13005) issue https://github.com/TryGhost/Team/issues/750 - Only accessible by admins - Resets all staff users' passwords and prevents them to log-in - Sends them a reset email password to give them back access to their account - Closes all existing staff user sessions
2021-06-23 15:54:28 +03:00
},
resetAllPasswords: {
permissions: true,
async query(frame) {
await userService.resetAllPasswords(frame.options);
await deleteAllSessions();
}
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version
2019-08-09 17:11:24 +03:00
}
};
Reference in New Issue Copy Permalink