Updated members-ssr to work with members-api

no-issue This updaes the ssr package to work with the new magic link signin method
2024-11-23 22:11:09 +03:00 · 2019-09-03 12:34:59 +08:00 · 2019-09-03 12:34:59 +08:00 · 75a6ccf669
commit 75a6ccf669
parent af6c897a14
1 changed files with 30 additions and 34 deletions
--- a/ghost/members-ssr/index.js
+++ b/ghost/members-ssr/index.js
@ -1,10 +1,8 @@
 const concat = require('concat-stream');
 const Cookies = require('cookies');
-const jwt = require('jsonwebtoken');
 const ignition = require('ghost-ignition');

 const {
-    UnauthorizedError,
    BadRequestError
 } = ignition.errors;

@ -60,22 +58,9 @@ module.exports = function create(options = EMPTY) {
        secure: cookieSecure
    };

-    const verifyJwt = token => get(membersApi).getPublicConfig().then(({publicKey, issuer}) => {
-        return new Promise((resolve, reject) => {
-            jwt.verify(token, publicKey, {
-                algorithms: ['RS512'],
-                issuer,
-                audience: issuer
-            }, (err, claims) => {
-                if (err) {
-                    reject(new UnauthorizedError({err}));
-                }
-                resolve(claims);
-            });
-        });
-    });
+    const getMemberDataFromToken = token => get(membersApi).getMemberDataFromMagicLinkToken(token);

-    const exchangeTokenForSession = withBodyAndCookies((req, res, {body, cookies}) => {
+    const exchangeTokenForSession = withBodyAndCookies(async (_req, _res, {body, cookies}) => {
        const token = body;
        if (!body || typeof body !== 'string') {
            return Promise.reject(new BadRequestError({
@ -83,18 +68,17 @@ module.exports = function create(options = EMPTY) {
            }));
        }

-        return verifyJwt(token).then(() => {
-            cookies.set(cookieName, token, {
-                signed: true,
-                httpOnly: true,
-                sameSite: 'lax',
-                maxAge: cookieMaxAge,
-                path: cookiePath
-            });
+        const member = await getMemberDataFromToken(token);
+        cookies.set(cookieName, member.email, {
+            signed: true,
+            httpOnly: true,
+            sameSite: 'lax',
+            maxAge: cookieMaxAge,
+            path: cookiePath
        });
    }, cookieConfig);

-    const deleteSession = withCookies((req, res, {cookies}) => {
+    const deleteSession = withCookies((_req, _res, {cookies}) => {
        cookies.set(cookieName, {
            signed: true,
            httpOnly: true,
@ -104,24 +88,36 @@ module.exports = function create(options = EMPTY) {
        });
    }, cookieConfig);

-    const getMemberDataFromSession = withCookies((req, res, {cookies}) => {
+    const getMemberDataFromSession = withCookies(async (_req, _res, {cookies}) => {
        try {
-            const token = cookies.get(cookieName, {
+            const email = cookies.get(cookieName, {
                signed: true
            });
-            return verifyJwt(token).then((claims) => {
-                return get(membersApi).getMember(claims.sub, token);
-            });
+            return get(membersApi).getMemberIdentityData(email);
        } catch (e) {
-            return Promise.reject(new BadRequestError({
+            throw new BadRequestError({
                message: `Cookie ${cookieName} not found`
-            }));
+            });
        }
    }, cookieConfig);

+    const getIdentityTokenForMemberFromSession = withCookies(async (_req, _res, {cookies}) => {
+        try {
+            const email = cookies.get(cookieName, {
+                signed: true
+            });
+            return get(membersApi).getMemberIdentityToken(email);
+        } catch (e) {
+            throw new BadRequestError({
+                message: `Cookie ${cookieName} not found`
+            });
+        }
+    });
+
    return {
        exchangeTokenForSession,
        deleteSession,
-        getMemberDataFromSession
+        getMemberDataFromSession,
+        getIdentityTokenForMemberFromSession
    };
 };