2021-06-23 15:54:28 +03:00
|
|
|
const util = require('util');
|
2020-04-06 12:49:14 +03:00
|
|
|
const session = require('express-session');
|
2020-08-11 14:51:16 +03:00
|
|
|
const constants = require('@tryghost/constants');
|
2020-05-27 20:47:53 +03:00
|
|
|
const config = require('../../../../shared/config');
|
2021-06-30 16:56:57 +03:00
|
|
|
const settingsCache = require('../../../../shared/settings-cache');
|
2020-04-06 12:49:14 +03:00
|
|
|
const models = require('../../../models');
|
2020-05-28 13:57:02 +03:00
|
|
|
const urlUtils = require('../../../../shared/url-utils');
|
2020-04-06 12:49:14 +03:00
|
|
|
|
|
|
|
const SessionStore = require('./store');
|
2021-06-23 15:54:28 +03:00
|
|
|
const sessionStore = new SessionStore(models.Session);
|
2020-04-06 12:49:14 +03:00
|
|
|
|
2021-07-12 13:00:08 +03:00
|
|
|
let unoExpressSessionMiddleware;
|
|
|
|
|
|
|
|
function getExpressSessionMiddleware() {
|
|
|
|
if (!unoExpressSessionMiddleware) {
|
|
|
|
unoExpressSessionMiddleware = session({
|
|
|
|
store: sessionStore,
|
|
|
|
secret: settingsCache.get('session_secret'),
|
|
|
|
resave: false,
|
|
|
|
saveUninitialized: false,
|
|
|
|
name: 'ghost-admin-api-session',
|
|
|
|
cookie: {
|
|
|
|
maxAge: constants.SIX_MONTH_MS,
|
|
|
|
httpOnly: true,
|
|
|
|
path: urlUtils.getSubdir() + '/ghost',
|
|
|
|
sameSite: 'lax',
|
|
|
|
secure: urlUtils.isSSL(config.get('url'))
|
|
|
|
}
|
|
|
|
});
|
2020-04-06 12:49:14 +03:00
|
|
|
}
|
2021-07-12 13:00:08 +03:00
|
|
|
return unoExpressSessionMiddleware;
|
|
|
|
}
|
2020-04-06 12:49:14 +03:00
|
|
|
|
2021-06-23 15:54:28 +03:00
|
|
|
module.exports.getSession = async function getSession(req, res) {
|
2020-04-06 12:49:14 +03:00
|
|
|
if (req.session) {
|
|
|
|
return req.session;
|
|
|
|
}
|
2021-07-12 13:00:08 +03:00
|
|
|
const expressSessionMiddleware = getExpressSessionMiddleware();
|
2020-04-06 12:49:14 +03:00
|
|
|
return new Promise((resolve, reject) => {
|
|
|
|
expressSessionMiddleware(req, res, function (err) {
|
|
|
|
if (err) {
|
|
|
|
return reject(err);
|
|
|
|
}
|
|
|
|
resolve(req.session);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
2021-06-23 15:54:28 +03:00
|
|
|
|
|
|
|
module.exports.deleteAllSessions = util.promisify(sessionStore.clear.bind(sessionStore));
|