2018-12-17 14:53:45 +03:00
|
|
|
const url = require('url');
|
2018-12-11 10:57:01 +03:00
|
|
|
const settingsCache = require('../settings/cache');
|
|
|
|
const config = require('../../config');
|
|
|
|
const MembersApi = require('../../lib/members');
|
|
|
|
const models = require('../../models');
|
|
|
|
const mail = require('../mail');
|
|
|
|
|
|
|
|
function createMember({name, email, password}) {
|
|
|
|
return models.Member.add({
|
|
|
|
name,
|
|
|
|
email,
|
|
|
|
password
|
|
|
|
}).then((member) => {
|
|
|
|
return member.toJSON();
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
function updateMember(member, newData) {
|
|
|
|
return models.Member.findOne(member, {
|
|
|
|
require: true
|
|
|
|
}).then(({id}) => {
|
|
|
|
return models.Member.edit(newData, {id});
|
|
|
|
}).then((member) => {
|
|
|
|
return member.toJSON();
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2019-01-30 14:36:09 +03:00
|
|
|
function getMember(data, options) {
|
|
|
|
options = options || {};
|
|
|
|
return models.Member.findOne(data, options).then((model) => {
|
|
|
|
if (!model) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
return model.toJSON(options);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
function listMembers(options) {
|
|
|
|
return models.Member.findPage(options).then((models) => {
|
|
|
|
return {
|
|
|
|
members: models.data.map(model => model.toJSON(options)),
|
|
|
|
meta: models.meta
|
|
|
|
};
|
2018-12-11 10:57:01 +03:00
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
function validateMember({email, password}) {
|
|
|
|
return models.Member.findOne({email}, {
|
|
|
|
require: true
|
|
|
|
}).then((member) => {
|
|
|
|
return member.comparePassword(password).then((res) => {
|
|
|
|
if (!res) {
|
|
|
|
throw new Error('Password is incorrect');
|
|
|
|
}
|
|
|
|
return member;
|
|
|
|
});
|
|
|
|
}).then((member) => {
|
|
|
|
return member.toJSON();
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
const publicKey = settingsCache.get('members_public_key');
|
|
|
|
const privateKey = settingsCache.get('members_private_key');
|
|
|
|
const sessionSecret = settingsCache.get('members_session_secret');
|
|
|
|
const passwordResetUrl = config.get('url');
|
2018-12-17 14:53:45 +03:00
|
|
|
const {protocol, host} = url.parse(config.get('url'));
|
|
|
|
const siteOrigin = `${protocol}//${host}`;
|
2018-12-11 15:45:03 +03:00
|
|
|
const issuer = siteOrigin;
|
|
|
|
const ssoOrigin = siteOrigin;
|
2018-12-11 10:57:01 +03:00
|
|
|
let mailer;
|
|
|
|
|
2019-02-07 12:41:39 +03:00
|
|
|
const membersConfig = config.get('members');
|
|
|
|
|
2019-02-23 06:47:42 +03:00
|
|
|
function validateAudience({audience, origin}) {
|
|
|
|
if (audience === origin) {
|
|
|
|
return Promise.resolve();
|
|
|
|
}
|
|
|
|
if (audience === siteOrigin) {
|
|
|
|
if (membersConfig.contentApiAccess.includes(origin)) {
|
|
|
|
return Promise.resolve();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return Promise.reject();
|
|
|
|
}
|
|
|
|
|
2018-12-11 10:57:01 +03:00
|
|
|
function sendEmail(member, {token}) {
|
|
|
|
if (!(mailer instanceof mail.GhostMailer)) {
|
|
|
|
mailer = new mail.GhostMailer();
|
|
|
|
}
|
|
|
|
const message = {
|
|
|
|
to: member.email,
|
|
|
|
subject: 'Reset password',
|
|
|
|
html: `
|
|
|
|
Hi ${member.name},
|
|
|
|
|
|
|
|
To reset your password, click the following link and follow the instructions:
|
|
|
|
|
|
|
|
${passwordResetUrl}#reset-password?token=${token}
|
|
|
|
|
|
|
|
If you didn't request a password change, just ignore this email.
|
|
|
|
`
|
|
|
|
};
|
|
|
|
|
|
|
|
/* eslint-disable */
|
|
|
|
// @TODO remove this
|
|
|
|
console.log(message.html);
|
|
|
|
/* eslint-enable */
|
|
|
|
return mailer.send(message).catch((err) => {
|
|
|
|
return Promise.reject(err);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
const api = MembersApi({
|
2019-02-07 12:41:39 +03:00
|
|
|
authConfig: {
|
2018-12-11 10:57:01 +03:00
|
|
|
issuer,
|
|
|
|
publicKey,
|
|
|
|
privateKey,
|
|
|
|
sessionSecret,
|
|
|
|
ssoOrigin
|
|
|
|
},
|
2019-02-07 12:41:39 +03:00
|
|
|
paymentConfig: {
|
|
|
|
processors: membersConfig.paymentProcessors
|
|
|
|
},
|
2018-12-11 10:57:01 +03:00
|
|
|
validateAudience,
|
|
|
|
createMember,
|
|
|
|
getMember,
|
2019-01-30 14:36:09 +03:00
|
|
|
listMembers,
|
2018-12-11 10:57:01 +03:00
|
|
|
validateMember,
|
|
|
|
updateMember,
|
|
|
|
sendEmail
|
|
|
|
});
|
|
|
|
|
|
|
|
module.exports = api;
|
|
|
|
module.exports.publicKey = publicKey;
|
2019-02-14 20:17:02 +03:00
|
|
|
module.exports.paymentConfigured = !!membersConfig.paymentProcessors.length;
|