TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-28 14:03:48 +03:00
Code Issues Projects Releases Wiki Activity
33b959257c
Ghost/ghost/members-api/lib/controllers/router.js

392 lines
13 KiB
JavaScript
Raw Normal View History

Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
const tpl = require('@tryghost/tpl');
Use @tryghost/logging instead of injected argument
2021-12-02 17:46:58 +03:00
const logging = require('@tryghost/logging');
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
const _ = require('lodash');
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
const {BadRequestError, NoPermissionError, UnauthorizedError} = require('@tryghost/errors');
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
const errors = require('@tryghost/errors');
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
const messages = {
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
emailRequired: 'Email is required.',
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
badRequest: 'Bad Request.',
notFound: 'Not Found.',
offerArchived: 'This offer is archived.',
tierArchived: 'This tier is archived.',
existingSubscription: 'A subscription exists for this Member.',
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
unableToCheckout: 'Unable to initiate checkout session',
inviteOnly: 'This site is invite-only, contact the owner for access.',
memberNotFound: 'No member exists with this e-mail address.',
memberNotFoundSignUp: 'No member exists with this e-mail address. Please sign up first.'
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
};
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
module.exports = class RouterController {
Wired up payments service refs https://github.com/TryGhost/Team/issues/1166 By using the PaymentsService to fetch coupon information - we ensure that the coupons are created if they're missing. Like in the case of a Stripe disconnect/connect cycle.
2021-10-21 14:35:29 +03:00
/**
* RouterController
*
* @param {object} deps
* @param {any} deps.offersAPI
* @param {any} deps.paymentsService
* @param {any} deps.memberRepository
* @param {any} deps.StripePrice
Added support for dynamic allowSelfSignup config refs https://github.com/TryGhost/Team/issues/1257 This gets us closer to not having to reload the MembersAPI when config is changed which will help stop bugs arising from multiple instances of the MembersAPI being created.
2022-01-10 12:42:05 +03:00
* @param {() => boolean} deps.allowSelfSignup
Wired up payments service refs https://github.com/TryGhost/Team/issues/1166 By using the PaymentsService to fetch coupon information - we ensure that the coupons are created if they're missing. Like in the case of a Stripe disconnect/connect cycle.
2021-10-21 14:35:29 +03:00
* @param {any} deps.magicLinkService
* @param {import('@tryghost/members-stripe-service')} deps.stripeAPIService
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
* @param {import('@tryghost/member-attribution')} deps.memberAttributionService
Wired up payments service refs https://github.com/TryGhost/Team/issues/1166 By using the PaymentsService to fetch coupon information - we ensure that the coupons are created if they're missing. Like in the case of a Stripe disconnect/connect cycle.
2021-10-21 14:35:29 +03:00
* @param {any} deps.tokenService
Stored geolocation for member on creation (#15320) refs https://github.com/TryGhost/Team/issues/1826 Geolocation was prev. loaded after member was created and updated on existing member. this was mostly due to historical context where we couldn't store data on magic link token. Since email alerts go out at the time of member creation, this flow missed out on attaching member's location to email. This change - - stores request ip when a member asks for magic link in the token - loads request ip from token when member uses magic link, and for new members loads their geolocation and stores it with member creation
2022-08-25 22:15:34 +03:00
* @param {any} deps.sendEmailWithMagicLink
Wired up payments service refs https://github.com/TryGhost/Team/issues/1166 By using the PaymentsService to fetch coupon information - we ensure that the coupons are created if they're missing. Like in the case of a Stripe disconnect/connect cycle.
2021-10-21 14:35:29 +03:00
* @param {{isSet(name: string): boolean}} deps.labsService
*/
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
constructor({
Used OffersAPI over OfferRepository in MembersAPI no-issue The OfferRepository deals with domain objects in the Offers module, and as such is not suitable for use with "external" services. This update means that MembersAPI can deal with POJO DTOs so that there is not a dependency on the internals of the Offers module. Just on the contract it holds with the outside world.
2021-10-13 12:11:12 +03:00
offersAPI,
Wired up payments service refs https://github.com/TryGhost/Team/issues/1166 By using the PaymentsService to fetch coupon information - we ensure that the coupons are created if they're missing. Like in the case of a Stripe disconnect/connect cycle.
2021-10-21 14:35:29 +03:00
paymentsService,
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
tiersService,
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
memberRepository,
Updated APIs to use price ids refs https://github.com/TryGhost/Team/issues/637 All the APIs that currently work with price names needs to be updated to work with price ids instead to work with custom prices/products. This change updates APIs to work with Price IDs in `checkout` , `updateSubscription` and other APIs/methods.
2021-05-04 18:57:58 +03:00
StripePrice,
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
allowSelfSignup,
magicLinkService,
stripeAPIService,
tokenService,
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
memberAttributionService,
Passed default URLs when creating checkout session (#235) * Passed default URLs when creating checkout session no-issue This fixes a bug when a checkout session is created without passing custom redirect URLs
2021-01-27 18:19:09 +03:00
sendEmailWithMagicLink,
Moved the last of the Stripe config out of Members refs https://github.com/TryGhost/Team/issues/1322 We no longer restart the Members service based on the Stripe service being updated, which meant that if it was initially configured with missing URL's and later Stripe connected, it would not get the new config until a server restart. This moves the last of Stripe config into the Stripe service, so that all things concerning Stripe can be handled in one place and updated together.
2022-02-09 16:00:39 +03:00
labsService
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}) {
Used OffersAPI over OfferRepository in MembersAPI no-issue The OfferRepository deals with domain objects in the Offers module, and as such is not suitable for use with "external" services. This update means that MembersAPI can deal with POJO DTOs so that there is not a dependency on the internals of the Offers module. Just on the contract it holds with the outside world.
2021-10-13 12:11:12 +03:00
this._offersAPI = offersAPI;
Wired up payments service refs https://github.com/TryGhost/Team/issues/1166 By using the PaymentsService to fetch coupon information - we ensure that the coupons are created if they're missing. Like in the case of a Stripe disconnect/connect cycle.
2021-10-21 14:35:29 +03:00
this._paymentsService = paymentsService;
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
this._tiersService = tiersService;
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
this._memberRepository = memberRepository;
Updated APIs to use price ids refs https://github.com/TryGhost/Team/issues/637 All the APIs that currently work with price names needs to be updated to work with price ids instead to work with custom prices/products. This change updates APIs to work with Price IDs in `checkout` , `updateSubscription` and other APIs/methods.
2021-05-04 18:57:58 +03:00
this._StripePrice = StripePrice;
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
this._allowSelfSignup = allowSelfSignup;
this._magicLinkService = magicLinkService;
this._stripeAPIService = stripeAPIService;
this._tokenService = tokenService;
this._sendEmailWithMagicLink = sendEmailWithMagicLink;
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
this._memberAttributionService = memberAttributionService;
Added 1-day version of Offers refs https://github.com/TryGhost/Team/issues/1090 This 1-day version of Offers allows us to test the full flow of the Offers feature without having to implement all of it. The focus here is that we can pass an Offer ID when creating a Stripe Checkout session and have it apply. Here we use hardcoded Stripe Coupons as we haven't yet got persistence implemented for Offers & their related Stripe Coupons
2021-09-28 14:36:30 +03:00
this.labsService = labsService;
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
async ensureStripe(_req, res, next) {
Fixed checks for if Stripe is configured no-issue
2021-01-26 14:26:28 +03:00
if (!this._stripeAPIService.configured) {
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
res.writeHead(400);
return res.end('Stripe not configured');
}
try {
await this._stripeAPIService.ready();
next();
} catch (err) {
res.writeHead(500);
return res.end('There was an error configuring stripe');
}
}
async createCheckoutSetupSession(req, res) {
const identity = req.body.identity;
Fixed error responses when missing data no-issue We should error early when recieving a request that does not contain the required data.
2021-01-19 13:42:39 +03:00
if (!identity) {
res.writeHead(400);
return res.end();
}
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
let email;
try {
if (!identity) {
email = null;
} else {
const claims = await this._tokenService.decodeToken(identity);
email = claims && claims.sub;
}
} catch (err) {
res.writeHead(401);
return res.end('Unauthorized');
}
const member = email ? await this._memberRepository.get({email}) : null;
if (!member) {
res.writeHead(403);
return res.end('Bad Request.');
}
🐛 Fixed issues when updating payment method (#247) refs https://github.com/TryGhost/Team/issues/479 * Fixed updating payment method for canceled subscriptions Stripe considers canceled subscriptions as non-existent, so any attempts to update them will fail with a 404 not found. Prior to this change we were attempting to update *all* subscriptions for a customer, including those which were canceled. This would cause an error and the loop to break. * 🐛 Fixed errors for members with multiple active customers Members with multiple active customers would have their first active customer found updated with the new payment method. We would then iterate through *all* active subscription, and attempt to update their payment method. If a subscription was not owned by the customer that was just updated, it would error and cause the loop to break out. * Added ability to update a specific subscription's payment method In order to remove ambiguity we add the ability to update the payment method for a specific subscription. This will remove room for errors as we will not have to worry about if a subscription belong to the customer or not.
2021-02-23 14:19:21 +03:00
let customer;
if (!req.body.subscription_id) {
customer = await this._stripeAPIService.getCustomerForMemberCheckoutSession(member);
} else {
const subscriptions = await member.related('stripeSubscriptions').fetch();
const subscription = subscriptions.models.find((sub) => {
return sub.get('subscription_id') === req.body.subscription_id;
});
if (!subscription) {
Added missing `return` in create-stripe-update-session no issue - Return was missing for `res.end` if an invalid subscription_id was passed - Added explicit `text/plain` `Content-Type` headers to error messages to avoid MIME sniffing Signed-off-by: Elijah Conners <business@elijahpepe.com> Co-authored-by: Simon Backx <simon@ghost.org>
2022-08-29 15:02:58 +03:00
res.writeHead(404, {
'Content-Type': 'text/plain;charset=UTF-8'
});
return res.end(`Could not find subscription ${req.body.subscription_id}`);
🐛 Fixed issues when updating payment method (#247) refs https://github.com/TryGhost/Team/issues/479 * Fixed updating payment method for canceled subscriptions Stripe considers canceled subscriptions as non-existent, so any attempts to update them will fail with a 404 not found. Prior to this change we were attempting to update *all* subscriptions for a customer, including those which were canceled. This would cause an error and the loop to break. * 🐛 Fixed errors for members with multiple active customers Members with multiple active customers would have their first active customer found updated with the new payment method. We would then iterate through *all* active subscription, and attempt to update their payment method. If a subscription was not owned by the customer that was just updated, it would error and cause the loop to break out. * Added ability to update a specific subscription's payment method In order to remove ambiguity we add the ability to update the payment method for a specific subscription. This will remove room for errors as we will not have to worry about if a subscription belong to the customer or not.
2021-02-23 14:19:21 +03:00
}
customer = await this._stripeAPIService.getCustomer(subscription.get('customer_id'));
}
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
const session = await this._stripeAPIService.createCheckoutSetupSession(customer, {
Moved the last of the Stripe config out of Members refs https://github.com/TryGhost/Team/issues/1322 We no longer restart the Members service based on the Stripe service being updated, which meant that if it was initially configured with missing URL's and later Stripe connected, it would not get the new config until a server restart. This moves the last of Stripe config into the Stripe service, so that all things concerning Stripe can be handled in one place and updated together.
2022-02-09 16:00:39 +03:00
successUrl: req.body.successUrl,
cancelUrl: req.body.cancelUrl,
🐛 Fixed issues when updating payment method (#247) refs https://github.com/TryGhost/Team/issues/479 * Fixed updating payment method for canceled subscriptions Stripe considers canceled subscriptions as non-existent, so any attempts to update them will fail with a 404 not found. Prior to this change we were attempting to update *all* subscriptions for a customer, including those which were canceled. This would cause an error and the loop to break. * 🐛 Fixed errors for members with multiple active customers Members with multiple active customers would have their first active customer found updated with the new payment method. We would then iterate through *all* active subscription, and attempt to update their payment method. If a subscription was not owned by the customer that was just updated, it would error and cause the loop to break out. * Added ability to update a specific subscription's payment method In order to remove ambiguity we add the ability to update the payment method for a specific subscription. This will remove room for errors as we will not have to worry about if a subscription belong to the customer or not.
2021-02-23 14:19:21 +03:00
subscription_id: req.body.subscription_id
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
});
const publicKey = this._stripeAPIService.getPublicKey();
const sessionInfo = {
sessionId: session.id,
publicKey
};
res.writeHead(200, {
'Content-Type': 'application/json'
});
res.end(JSON.stringify(sessionInfo));
}
async createCheckoutSession(req, res) {
Applied Offers when creating Stripe Checkout Session refs https://github.com/TryGhost/Team/issues/1090 Instead of the hardcoded 1-day version for Offers, we can now talk directly to the Offers repository and use the real values for Stripe Checkout.
2021-10-06 16:01:04 +03:00
let ghostPriceId = req.body.priceId;
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
const tierId = req.body.tierId;
🐛 Fixed checkout sessions when using Offers closes https://github.com/TryGhost/Team/issues/2195 The issue here is two-fold, and specific to using Offers so was not caught by any automated tests. First, we were incorrectly comparing the tier.id to the offer.tier.id - this is because the Tier objects id property is an instance of ObjectID rather than a string. Secondly we were passing through the cadence parameter from the request body, but when using Offers this is not including in the request, so we must pull the data off of the Offer object instead and pass that to the payments service.
2022-11-01 17:47:49 +03:00
let cadence = req.body.cadence;
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
const identity = req.body.identity;
Added 1-day version of Offers refs https://github.com/TryGhost/Team/issues/1090 This 1-day version of Offers allows us to test the full flow of the Offers feature without having to implement all of it. The focus here is that we can pass an Offer ID when creating a Stripe Checkout session and have it apply. Here we use hardcoded Stripe Coupons as we haven't yet got persistence implemented for Offers & their related Stripe Coupons
2021-09-28 14:36:30 +03:00
const offerId = req.body.offerId;
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
const metadata = req.body.metadata ?? {};
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
if (!ghostPriceId && !offerId && !tierId && !cadence) {
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
throw new BadRequestError({
message: tpl(messages.badRequest)
});
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
if (offerId && (ghostPriceId || (tierId && cadence))) {
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
throw new BadRequestError({
message: tpl(messages.badRequest)
});
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
}
if (ghostPriceId && tierId && cadence) {
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
throw new BadRequestError({
message: tpl(messages.badRequest)
});
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
}
if (tierId && !cadence) {
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
throw new BadRequestError({
message: tpl(messages.badRequest)
});
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
}
Fixed checkout session creation with just offer id - In case of an offer id present in stripe checkout session, the cadence and tier id values can be null - this fixes the invalid 400 thrown on missing cadence value while creating stripe checkout session for offer
2022-05-18 10:42:40 +03:00
if (cadence && cadence !== 'month' && cadence !== 'year') {
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
throw new BadRequestError({
message: tpl(messages.badRequest)
});
Applied Offers when creating Stripe Checkout Session refs https://github.com/TryGhost/Team/issues/1090 Instead of the hardcoded 1-day version for Offers, we can now talk directly to the Offers repository and use the real values for Stripe Checkout.
2021-10-06 16:01:04 +03:00
}
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
let tier;
let offer;
let member;
let options = {};
Removed references to Offers labs flag refs https://github.com/TryGhost/Team/issues/1115 This flag is now enabled by default - so we can clean up all uses of it.
2021-11-03 17:13:11 +03:00
if (offerId) {
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
offer = await this._offersAPI.getOffer({id: offerId});
tier = await this._tiersService.api.read(offer.tier.id);
🐛 Fixed checkout sessions when using Offers closes https://github.com/TryGhost/Team/issues/2195 The issue here is two-fold, and specific to using Offers so was not caught by any automated tests. First, we were incorrectly comparing the tier.id to the offer.tier.id - this is because the Tier objects id property is an instance of ObjectID rather than a string. Secondly we were passing through the cadence parameter from the request body, but when using Offers this is not including in the request, so we must pull the data off of the Offer object instead and pass that to the payments service.
2022-11-01 17:47:49 +03:00
cadence = offer.cadence;
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
} else {
offer = null;
tier = await this._tiersService.api.read(tierId);
}
Applied Offers when creating Stripe Checkout Session refs https://github.com/TryGhost/Team/issues/1090 Instead of the hardcoded 1-day version for Offers, we can now talk directly to the Offers repository and use the real values for Stripe Checkout.
2021-10-06 16:01:04 +03:00
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
if (tier.status === 'archived') {
throw new NoPermissionError({
message: tpl(messages.tierArchived)
});
}
Restricted archived Offers from being used refs https://github.com/TryGhost/Team/issues/1133 An archived Offer is intended to be disabled from a redemption point of view. This ensures that we do not allow Stripe Checkout Sessions to be created for them.
2021-10-13 12:19:35 +03:00
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
if (identity) {
try {
const claims = await this._tokenService.decodeToken(identity);
const email = claims && claims.sub;
if (email) {
member = await this._memberRepository.get({
email
}, {
withRelated: ['stripeCustomers', 'products']
});
}
} catch (err) {
throw new UnauthorizedError({err});
Handled stripe setup for free trial offers refs https://github.com/TryGhost/Team/issues/1726 - free trial offers don't need a stripe coupon created for them - checkout sessions for free trial offers ignore stripe coupon and directly pass the trial days value - trial days of an offer take precedence over trial days added as default to a tier
2022-08-09 12:13:31 +03:00
}
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
} else if (req.body.customerEmail) {
member = await this._memberRepository.get({
email: req.body.customerEmail
}, {
withRelated: ['stripeCustomers', 'products']
});
Applied Offers when creating Stripe Checkout Session refs https://github.com/TryGhost/Team/issues/1090 Instead of the hardcoded 1-day version for Offers, we can now talk directly to the Offers repository and use the real values for Stripe Checkout.
2021-10-06 16:01:04 +03:00
}
Updated Frontend API to work with Tier & Cadence (#399) refs https://github.com/TryGhost/Team/issues/1575 Since we are not exposing the underlying Price data anymore, we need to update the API to work with Tier and Cadence.
2022-05-16 21:27:23 +03:00
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
// Don't allow to set the source manually
delete metadata.attribution_id;
delete metadata.attribution_url;
delete metadata.attribution_type;
Allowed comped members to go through checkout flow refs https://github.com/TryGhost/Team/issues/1728 - allows comped members to go through the stripe checkout flow and become a paid member
2022-08-17 12:07:41 +03:00
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
if (metadata.urlHistory) {
// The full attribution history doesn't fit in the Stripe metadata (can't store objects + limited to 50 keys and 500 chars values)
// So we need to add top-level attributes with string values
const urlHistory = metadata.urlHistory;
delete metadata.urlHistory;
Wired up member attribution from email clicks (#15407) refs https://github.com/TryGhost/Team/issues/1899 - Added `addEmailAttributionToUrl` method to MemberAttributionService. This adds both the source attribution (`rel=newsletter`) and member attribution (`?attribution_id=123&attribution_type=post`) to a URL. - The URLHistory can now contain a new sort of items: `{type: 'post', id: 'post-id', time: 123}`. - Updated frontend script to read `?attribution_id=123&attribution_type=post` from the URL and add it to the URLHistory + clear it from the URL. - Wired up some external dependencies to LinkReplacementService and added some dummy code. - Increased test coverage of attribution service - Moved all logic that removes the subdirectory from a URL to the UrlTranslator instead of the AttributionBuilder - The UrlTranslator now parses a URLHistoryItem to an object that can be used to build an Attribution instance - Excluded sites with different domain from member id and attribution tracking
2022-09-14 22:50:54 +03:00
const attribution = await this._memberAttributionService.getAttribution(urlHistory);
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
// Don't set null properties
if (attribution.id) {
metadata.attribution_id = attribution.id;
}
if (attribution.url) {
metadata.attribution_url = attribution.url;
}
if (attribution.type) {
metadata.attribution_type = attribution.type;
}
Updated stripe checkout session metadata for referrer data - adds referrer source, medium and url to stripe checkout metadata for later storage
2022-09-19 09:46:16 +03:00
Updated naming for referrer attribution (#15486) - renames `refSource`, `refMedium` and `refUrl` to `referrerSource`, `referrerMedium` and `referrerUrl` respectively for consistent naming across files and usages
2022-09-27 22:28:06 +03:00
if (attribution.referrerSource) {
metadata.referrer_source = attribution.referrerSource;
Updated stripe checkout session metadata for referrer data - adds referrer source, medium and url to stripe checkout metadata for later storage
2022-09-19 09:46:16 +03:00
}
Updated naming for referrer attribution (#15486) - renames `refSource`, `refMedium` and `refUrl` to `referrerSource`, `referrerMedium` and `referrerUrl` respectively for consistent naming across files and usages
2022-09-27 22:28:06 +03:00
if (attribution.referrerMedium) {
metadata.referrer_medium = attribution.referrerMedium;
Updated stripe checkout session metadata for referrer data - adds referrer source, medium and url to stripe checkout metadata for later storage
2022-09-19 09:46:16 +03:00
}
Updated naming for referrer attribution (#15486) - renames `refSource`, `refMedium` and `refUrl` to `referrerSource`, `referrerMedium` and `referrerUrl` respectively for consistent naming across files and usages
2022-09-27 22:28:06 +03:00
if (attribution.referrerUrl) {
metadata.referrer_url = attribution.referrerUrl;
Updated stripe checkout session metadata for referrer data - adds referrer source, medium and url to stripe checkout metadata for later storage
2022-09-19 09:46:16 +03:00
}
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
}
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
options.successUrl = req.body.successUrl;
options.cancelUrl = req.body.cancelUrl;
Fixed Stripe Checkout not having the email prefilled from Portal (#15703) We need to pass the customerEmail param along so that Stripe Checkout will prefill it for us, this was missed in the refactor.
2022-10-27 07:00:21 +03:00
options.email = req.body.customerEmail;
Added alpha version of auto-login for Members refs https://github.com/TryGhost/Team/issues/1067 This is the MVP for auto-login of Members, it does not support custom redirects, and will always just redirect to the same place that the signin & signup links do. Behind a feature flag whilst we iron out the functionality.
2021-11-03 11:57:28 +03:00
Removed `membersAutoLogin` labs flag refs https://github.com/TryGhost/Team/issues/1258 - feature is GA so conditionals are no longer needed
2022-01-04 17:50:24 +03:00
if (!member && req.body.customerEmail && !req.body.successUrl) {
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
options.successUrl = await this._magicLinkService.getMagicLink({
tokenData: {
email: req.body.customerEmail,
attribution: {
id: metadata.attribution_id ?? null,
type: metadata.attribution_type ?? null,
url: metadata.attribution_url ?? null
}
},
type: 'signup'
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
});
}
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
const restrictCheckout = member?.get('status') === 'paid';
Allowed comped members to go through checkout flow refs https://github.com/TryGhost/Team/issues/1728 - allows comped members to go through the stripe checkout flow and become a paid member
2022-08-17 12:07:41 +03:00
if (restrictCheckout) {
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
if (!identity && req.body.customerEmail) {
try {
await this._sendEmailWithMagicLink({email: req.body.customerEmail, requestedType: 'signin'});
} catch (err) {
logging.warn(err);
}
}
throw new NoPermissionError({
message: messages.existingSubscription,
code: 'CANNOT_CHECKOUT_WITH_EXISTING_SUBSCRIPTION'
});
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
try {
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
const paymentLink = await this._paymentsService.getPaymentLink({
tier,
cadence,
offer,
member,
metadata,
options
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
});
res.writeHead(200, {
'Content-Type': 'application/json'
});
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
return res.end(JSON.stringify({url: paymentLink}));
Fixed checkout session creation for existing members (#403) refs https://github.com/TryGhost/Team/issues/1526 We weren't using the `req.body.customerEmail` to load a member and check their existing tiers, this meant that existing members which were signed out and attempted to create a stripe checkout session were able to.
2022-06-01 12:40:52 +03:00
} catch (err) {
throw new BadRequestError({
err,
message: tpl(messages.unableToCheckout)
});
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
}
async sendMagicLink(req, res) {
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
const {email, autoRedirect} = req.body;
let {emailType} = req.body;
✨ Added optional data-attribute to enable and disable auto redirection. (#15335) closes https://github.com/TryGhost/Ghost/issues/15104 https://github.com/TryGhost/Team/issues/1800 - On custom sign up and login forms, creators often wouldn't want their members to be redirected to that page after signing in. - This takes a new data-attribute value (eg `data-members-autoredirect="false"`) that can be set on [custom sign up / login forms](https://ghost.org/docs/themes/members/#signup-forms) into account before parsing the referrer on the magic link URL that gets sent to the member for login.
2022-09-06 15:36:06 +03:00
let referer = req.get('referer');
if (autoRedirect === false){
referer = null;
}
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
if (!email) {
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
throw new errors.BadRequestError({
message: tpl(messages.emailRequired)
});
}
if (!emailType) {
// Default to subscribe form that also allows to login (safe fallback for older clients)
if (!this._allowSelfSignup()) {
emailType = 'signin';
} else {
emailType = 'subscribe';
}
}
if (!['signin', 'signup', 'subscribe'].includes(emailType)) {
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
res.writeHead(400);
return res.end('Bad Request.');
}
try {
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
if (emailType === 'signup' || emailType === 'subscribe') {
if (!this._allowSelfSignup()) {
throw new errors.BadRequestError({
message: tpl(messages.inviteOnly)
});
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
// Someone tries to signup with a user that already exists
// -> doesn't really matter: we'll send a login link
Handled newsletters preference for free members signup refs https://github.com/TryGhost/Team/issues/1490 With multiple newsletters, free members can choose their newsletter subscription preference while signing up. This change - - includes newsletters data in magic link token creation - attaches newsletter data to new members created via magic link
2022-04-13 12:25:56 +03:00
const tokenData = _.pick(req.body, ['labels', 'name', 'newsletters']);
Stored geolocation for member on creation (#15320) refs https://github.com/TryGhost/Team/issues/1826 Geolocation was prev. loaded after member was created and updated on existing member. this was mostly due to historical context where we couldn't store data on magic link token. Since email alerts go out at the time of member creation, this flow missed out on attaching member's location to email. This change - - stores request ip when a member asks for magic link in the token - loads request ip from token when member uses magic link, and for new members loads their geolocation and stores it with member creation
2022-08-25 22:15:34 +03:00
if (req.ip) {
tokenData.reqIp = req.ip;
}
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
// Save attribution data in the tokenData
Wired up member attribution from email clicks (#15407) refs https://github.com/TryGhost/Team/issues/1899 - Added `addEmailAttributionToUrl` method to MemberAttributionService. This adds both the source attribution (`rel=newsletter`) and member attribution (`?attribution_id=123&attribution_type=post`) to a URL. - The URLHistory can now contain a new sort of items: `{type: 'post', id: 'post-id', time: 123}`. - Updated frontend script to read `?attribution_id=123&attribution_type=post` from the URL and add it to the URLHistory + clear it from the URL. - Wired up some external dependencies to LinkReplacementService and added some dummy code. - Increased test coverage of attribution service - Moved all logic that removes the subdirectory from a URL to the UrlTranslator instead of the AttributionBuilder - The UrlTranslator now parses a URLHistoryItem to an object that can be used to build an Attribution instance - Excluded sites with different domain from member id and attribution tracking
2022-09-14 22:50:54 +03:00
tokenData.attribution = await this._memberAttributionService.getAttribution(req.body.urlHistory);
Added member attribution events and storage (#15243) refs https://github.com/TryGhost/Team/issues/1808 refs https://github.com/TryGhost/Team/issues/1809 refs https://github.com/TryGhost/Team/issues/1820 refs https://github.com/TryGhost/Team/issues/1814 ### Changes in `member-events` package - Added MemberCreatedEvent (event, not model) - Added SubscriptionCreatedEvent (event, not model) ### Added `member-attribution` package (new) - Added the AttributionBuilder class which is able to convert a url history to an attribution object (exposed as getAttribution on the service itself, which handles the dependencies) ``` [{ "path": "/", "time": 123 }] ``` to ``` { "url": "/", "id": null, "type": "url" } ``` - event handler listens for MemberCreatedEvent and SubscriptionCreatedEvent and creates the corresponding models in the database. ### Changes in `members-api` package - Added urlHistory to `sendMagicLink` endpoint body + convert the urlHistory to an attribution object that is stored in the tokenData of the magic link (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added urlHistory to `createCheckoutSession` endpoint + convert the urlHistory to attribution keys that are saved in the Stripe Session metadata (sent by Portal in this PR: https://github.com/TryGhost/Portal/pull/256). - Added attribution data property to member repository's create method (when a member is created) - Dispatch MemberCreatedEvent with attribution ### Changes in `members-stripe-service` package (`ghost/stripe`) - Dispatch SubscriptionCreatedEvent in WebhookController on subscription checkout (with attribution from session metadata)
2022-08-18 18:38:42 +03:00
✨ Added optional data-attribute to enable and disable auto redirection. (#15335) closes https://github.com/TryGhost/Ghost/issues/15104 https://github.com/TryGhost/Team/issues/1800 - On custom sign up and login forms, creators often wouldn't want their members to be redirected to that page after signing in. - This takes a new data-attribute value (eg `data-members-autoredirect="false"`) that can be set on [custom sign up / login forms](https://ghost.org/docs/themes/members/#signup-forms) into account before parsing the referrer on the magic link URL that gets sent to the member for login.
2022-09-06 15:36:06 +03:00
await this._sendEmailWithMagicLink({email, tokenData, requestedType: emailType, referrer: referer});
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
res.writeHead(201);
return res.end('Created.');
}
// Signin
const member = await this._memberRepository.get({email});
if (member) {
const tokenData = {};
await this._sendEmailWithMagicLink({email, tokenData, requestedType: emailType, referrer: referer});
res.writeHead(201);
return res.end('Created.');
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
Wired up the payment service to create stripe checkout sessions refs https://github.com/TryGhost/Team/issues/2078
2022-10-21 12:28:09 +03:00
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
throw new errors.BadRequestError({
message: this._allowSelfSignup() ? tpl(messages.memberNotFoundSignUp) : tpl(messages.memberNotFound)
});
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
} catch (err) {
Handled EENVELOPE errors when generating magic link refs https://github.com/TryGhost/Team/issues/1259 These errors are thrown by nodemailer and can occur when an invalid email address is used. Without special handling these cause a 500 error.
2021-12-16 10:25:32 +03:00
if (err.code === 'EENVELOPE') {
logging.error(err);
res.writeHead(400);
return res.end('Bad Request.');
}
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
// Let the normal error middleware handle this error
throw err;
Refactor members-api (#231) no-issue This refactors the members-api module so that it is easier to test going forward, as well as easier to understand & navigate. The Stripe API no longer contains storage code, this is all handled via the member repository. And we have dedicated services for webhooks, and stripe plans initialisation.
2021-01-18 16:55:40 +03:00
}
}
};
Reference in New Issue Copy Permalink