2020-05-20 12:07:58 +03:00
|
|
|
const _ = require('lodash');
|
2020-04-30 22:26:12 +03:00
|
|
|
const {logging} = require('../../lib/common');
|
2020-04-30 21:50:40 +03:00
|
|
|
const config = require('../../config');
|
2019-11-21 06:01:24 +03:00
|
|
|
const labsService = require('../labs');
|
|
|
|
const membersService = require('./index');
|
2020-04-29 20:23:55 +03:00
|
|
|
const urlUtils = require('../../lib/url-utils');
|
2020-04-30 21:50:40 +03:00
|
|
|
const ghostVersion = require('../../lib/ghost-version');
|
|
|
|
const settingsCache = require('../settings/cache');
|
2020-05-20 12:07:58 +03:00
|
|
|
const {formattedMemberResponse} = require('./utils');
|
2019-11-21 06:01:24 +03:00
|
|
|
|
2020-04-30 21:33:09 +03:00
|
|
|
// @TODO: This piece of middleware actually belongs to the frontend, not to the member app
|
|
|
|
// Need to figure a way to separate these things (e.g. frontend actually talks to members API)
|
|
|
|
const loadMemberSession = async function (req, res, next) {
|
|
|
|
if (!labsService.isSet('members')) {
|
|
|
|
req.member = null;
|
|
|
|
return next();
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
const member = await membersService.ssr.getMemberDataFromSession(req, res);
|
|
|
|
Object.assign(req, {member});
|
|
|
|
res.locals.member = req.member;
|
|
|
|
next();
|
|
|
|
} catch (err) {
|
2020-04-30 22:26:12 +03:00
|
|
|
logging.warn(err.message);
|
2020-04-30 21:33:09 +03:00
|
|
|
Object.assign(req, {member: null});
|
|
|
|
next();
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2019-11-26 18:44:25 +03:00
|
|
|
const getIdentityToken = async function (req, res) {
|
2019-11-21 06:01:24 +03:00
|
|
|
try {
|
|
|
|
const token = await membersService.ssr.getIdentityTokenForMemberFromSession(req, res);
|
|
|
|
res.writeHead(200);
|
|
|
|
res.end(token);
|
|
|
|
} catch (err) {
|
2020-04-30 22:26:12 +03:00
|
|
|
logging.warn(err.message);
|
2019-11-21 06:01:24 +03:00
|
|
|
res.writeHead(err.statusCode);
|
|
|
|
res.end(err.message);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2019-11-28 10:53:30 +03:00
|
|
|
const deleteSession = async function (req, res) {
|
2019-11-21 06:01:24 +03:00
|
|
|
try {
|
|
|
|
await membersService.ssr.deleteSession(req, res);
|
|
|
|
res.writeHead(204);
|
|
|
|
res.end();
|
|
|
|
} catch (err) {
|
2020-04-30 22:26:12 +03:00
|
|
|
logging.warn(err.message);
|
2019-11-21 06:01:24 +03:00
|
|
|
res.writeHead(err.statusCode);
|
|
|
|
res.end(err.message);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2020-04-20 09:03:15 +03:00
|
|
|
const getMemberData = async function (req, res) {
|
|
|
|
try {
|
|
|
|
const member = await membersService.ssr.getMemberDataFromSession(req, res);
|
|
|
|
if (member) {
|
2020-05-20 12:07:58 +03:00
|
|
|
res.json(formattedMemberResponse(member));
|
|
|
|
} else {
|
|
|
|
res.json(null);
|
|
|
|
}
|
|
|
|
} catch (err) {
|
|
|
|
logging.warn(err.message);
|
|
|
|
res.writeHead(err.statusCode);
|
|
|
|
res.end(err.message);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
const updateMemberData = async function (req, res) {
|
|
|
|
try {
|
|
|
|
const data = _.pick(req.body, 'email', 'name', 'subscribed');
|
|
|
|
const member = await membersService.ssr.getMemberDataFromSession(req, res);
|
|
|
|
if (member) {
|
|
|
|
const updatedMember = await membersService.api.members.update(data, {id: member.id});
|
|
|
|
res.json(formattedMemberResponse(updatedMember));
|
2020-04-20 09:03:15 +03:00
|
|
|
} else {
|
|
|
|
res.json(null);
|
|
|
|
}
|
|
|
|
} catch (err) {
|
2020-04-30 22:26:12 +03:00
|
|
|
logging.warn(err.message);
|
2020-04-20 09:03:15 +03:00
|
|
|
res.writeHead(err.statusCode);
|
|
|
|
res.end(err.message);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2020-04-30 21:50:40 +03:00
|
|
|
const getMemberSiteData = async function (req, res) {
|
|
|
|
const response = {
|
|
|
|
title: settingsCache.get('title'),
|
|
|
|
description: settingsCache.get('description'),
|
|
|
|
logo: settingsCache.get('logo'),
|
|
|
|
brand: settingsCache.get('brand'),
|
|
|
|
url: urlUtils.urlFor('home', true),
|
|
|
|
version: ghostVersion.safe,
|
|
|
|
plans: membersService.config.getPublicPlans(),
|
|
|
|
allowSelfSignup: membersService.config.getAllowSelfSignup()
|
|
|
|
};
|
|
|
|
|
|
|
|
// Brand is currently an experimental feature
|
|
|
|
if (!config.get('enableDeveloperExperiments')) {
|
|
|
|
delete response.brand;
|
|
|
|
}
|
|
|
|
|
|
|
|
res.json({site: response});
|
|
|
|
};
|
|
|
|
|
2020-04-29 20:23:55 +03:00
|
|
|
const createSessionFromMagicLink = async function (req, res, next) {
|
2019-11-21 06:01:24 +03:00
|
|
|
if (!req.url.includes('token=')) {
|
|
|
|
return next();
|
|
|
|
}
|
2020-04-29 20:23:55 +03:00
|
|
|
|
2020-05-07 23:55:50 +03:00
|
|
|
// req.query is a plain object, copy it to a URLSearchParams object so we can call toString()
|
|
|
|
const searchParams = new URLSearchParams('');
|
|
|
|
Object.keys(req.query).forEach((param) => {
|
|
|
|
// don't copy the token param
|
|
|
|
if (param !== 'token') {
|
|
|
|
searchParams.set(param, req.query[param]);
|
|
|
|
}
|
|
|
|
});
|
2020-04-29 20:23:55 +03:00
|
|
|
|
2020-05-07 23:55:50 +03:00
|
|
|
// We need to include the subdirectory,
|
|
|
|
// members is already removed from the path by express because it's a mount path
|
2020-05-08 15:03:44 +03:00
|
|
|
let redirectPath = `${urlUtils.getSubdir()}${req.path}`;
|
2020-05-07 23:55:50 +03:00
|
|
|
|
|
|
|
try {
|
|
|
|
await membersService.ssr.exchangeTokenForSession(req, res);
|
2020-04-29 20:23:55 +03:00
|
|
|
|
2020-05-08 15:03:44 +03:00
|
|
|
// Do a standard 302 redirect, with success=true
|
|
|
|
searchParams.set('success', true);
|
2019-11-21 06:01:24 +03:00
|
|
|
} catch (err) {
|
2020-04-30 22:26:12 +03:00
|
|
|
logging.warn(err.message);
|
2020-05-08 15:03:44 +03:00
|
|
|
searchParams.set('success', false);
|
|
|
|
} finally {
|
|
|
|
res.redirect(`${redirectPath}?${searchParams.toString()}`);
|
2019-11-21 06:01:24 +03:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
// Set req.member & res.locals.member if a cookie is set
|
|
|
|
module.exports = {
|
2020-04-29 20:23:55 +03:00
|
|
|
loadMemberSession,
|
|
|
|
createSessionFromMagicLink,
|
2020-04-21 18:48:42 +03:00
|
|
|
getIdentityToken,
|
2020-04-20 09:03:15 +03:00
|
|
|
getMemberData,
|
2020-05-20 12:07:58 +03:00
|
|
|
updateMemberData,
|
2020-04-30 21:50:40 +03:00
|
|
|
getMemberSiteData,
|
2020-04-21 18:48:42 +03:00
|
|
|
deleteSession,
|
|
|
|
stripeWebhooks: (req, res, next) => membersService.api.middleware.handleStripeWebhook(req, res, next)
|
2019-11-21 06:01:24 +03:00
|
|
|
};
|