mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-25 03:44:29 +03:00
Merge pull request #504 from javorszky/iss418
Dropping the database invalidates cookies
This commit is contained in:
commit
60450e8c2a
5
.gitignore
vendored
5
.gitignore
vendored
@ -39,4 +39,7 @@ projectFilesBackup
|
||||
/_site
|
||||
|
||||
# Changelog, which is autogenerated, not committed
|
||||
CHANGELOG.md
|
||||
CHANGELOG.md
|
||||
|
||||
# Casper generated files
|
||||
/core/test/functional/*.png
|
@ -16,6 +16,7 @@ var config = require('./../config'),
|
||||
plugins = require('./server/plugins'),
|
||||
requireTree = require('./server/require-tree'),
|
||||
permissions = require('./server/permissions'),
|
||||
uuid = require('node-uuid'),
|
||||
|
||||
// Variables
|
||||
appRoot = path.resolve(__dirname, '../'),
|
||||
@ -83,6 +84,9 @@ Ghost = function () {
|
||||
// Holds the available plugins
|
||||
instance.availablePlugins = {};
|
||||
|
||||
// Holds the dbhash (mainly used for cookie secret)
|
||||
instance.dbHash = undefined;
|
||||
|
||||
app = express();
|
||||
polyglot = new Polyglot();
|
||||
|
||||
@ -133,6 +137,20 @@ Ghost.prototype.init = function () {
|
||||
}).then(function () {
|
||||
// Initialize the permissions actions and objects
|
||||
return permissions.init();
|
||||
}).then(function () {
|
||||
// get the settings and whatnot
|
||||
return when(models.Settings.read('dbHash')).then(function (dbhash) {
|
||||
// we already ran this, chill
|
||||
self.dbHash = dbhash.attributes.value;
|
||||
return dbhash.attributes.value;
|
||||
}).otherwise(function (error) {
|
||||
// this is where all the "first run" functionality should go
|
||||
var dbhash = uuid.v4();
|
||||
return when(models.Settings.add({key: 'dbHash', value: dbhash})).then(function (returned) {
|
||||
self.dbHash = dbhash;
|
||||
return dbhash;
|
||||
});
|
||||
});
|
||||
}, errors.logAndThrowError);
|
||||
};
|
||||
|
||||
|
51
index.js
51
index.js
@ -73,7 +73,7 @@ function redirectToDashboard(req, res, next) {
|
||||
|
||||
// While we're here, let's clean up on aisle 5
|
||||
// That being ghost.notifications, and let's remove the passives from there
|
||||
// plus the local messages, as the have already been added at this point
|
||||
// plus the local messages, as they have already been added at this point
|
||||
// otherwise they'd appear one too many times
|
||||
function cleanNotifications(req, res, next) {
|
||||
ghost.notifications = _.reject(ghost.notifications, function (notification) {
|
||||
@ -187,41 +187,38 @@ function disableCachedResult(req, res, next) {
|
||||
next();
|
||||
}
|
||||
|
||||
// ##Configuration
|
||||
ghost.app().configure(function () {
|
||||
ghost.app().use(isGhostAdmin);
|
||||
ghost.app().use(express.favicon(__dirname + '/content/images/favicon.ico'));
|
||||
ghost.app().use(I18n.load(ghost));
|
||||
ghost.app().use(express.bodyParser({}));
|
||||
ghost.app().use(express.bodyParser({uploadDir: __dirname + '/content/images'}));
|
||||
ghost.app().use(express.cookieParser('try-ghost'));
|
||||
ghost.app().use(express.cookieSession({ cookie: { maxAge: 60000000 }}));
|
||||
ghost.app().use(ghost.initTheme(ghost.app()));
|
||||
|
||||
if (process.env.NODE_ENV !== "development") {
|
||||
ghost.app().use(express.logger());
|
||||
ghost.app().use(express.errorHandler({ dumpExceptions: false, showStack: false }));
|
||||
}
|
||||
});
|
||||
|
||||
// Development only configuration
|
||||
ghost.app().configure("development", function () {
|
||||
ghost.app().use(express.errorHandler({ dumpExceptions: true, showStack: true }));
|
||||
ghost.app().use(express.logger('dev'));
|
||||
});
|
||||
|
||||
|
||||
// Expose the promise we will resolve after our pre-loading
|
||||
ghost.loaded = loading.promise;
|
||||
|
||||
when.all([ghost.init(), filters.loadCoreFilters(ghost), helpers.loadCoreHelpers(ghost)]).then(function () {
|
||||
|
||||
// ##Configuration
|
||||
ghost.app().configure(function () {
|
||||
ghost.app().use(isGhostAdmin);
|
||||
ghost.app().use(express.favicon(__dirname + '/content/images/favicon.ico'));
|
||||
ghost.app().use(I18n.load(ghost));
|
||||
ghost.app().use(express.bodyParser({}));
|
||||
ghost.app().use(express.bodyParser({uploadDir: __dirname + '/content/images'}));
|
||||
ghost.app().use(express.cookieParser(ghost.dbHash));
|
||||
ghost.app().use(express.cookieSession({ cookie: { maxAge: 60000000 }}));
|
||||
ghost.app().use(ghost.initTheme(ghost.app()));
|
||||
if (process.env.NODE_ENV !== "development") {
|
||||
ghost.app().use(express.logger());
|
||||
ghost.app().use(express.errorHandler({ dumpExceptions: false, showStack: false }));
|
||||
}
|
||||
});
|
||||
|
||||
// Development only configuration
|
||||
ghost.app().configure("development", function () {
|
||||
ghost.app().use(express.errorHandler({ dumpExceptions: true, showStack: true }));
|
||||
ghost.app().use(express.logger('dev'));
|
||||
});
|
||||
|
||||
// post init config
|
||||
ghost.app().use(ghostLocals);
|
||||
// because science
|
||||
// So on every request we actually clean out reduntant passive notifications from the server side
|
||||
ghost.app().use(cleanNotifications);
|
||||
|
||||
|
||||
// ## Routing
|
||||
|
||||
// ### API routes
|
||||
|
Loading…
Reference in New Issue
Block a user