mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-25 11:55:03 +03:00
🐛 Fixed login problems in Safari on private sites that have front-end/admin on different domains
no issue - if the automatic private site login fails during post-auth setup, don't fully error because that will block Admin from loading properly - the automatic login is a nice-to-have and making it look like it worked won't break anything that wouldn't already be broken when the browser is blocking x-domain requests
This commit is contained in:
parent
93d16dfe56
commit
8b007802d4
@ -27,6 +27,7 @@ export default class FrontendService extends Service {
|
||||
if (this.settings.get('isPrivate') && (this.hasPasswordChanged || !this._hasLoggedIn)) {
|
||||
const privateLoginUrl = this.getUrl('/private/?r=%2F');
|
||||
this._lastPassword = this.settings.get('password');
|
||||
|
||||
return fetch(privateLoginUrl, {
|
||||
method: 'POST',
|
||||
mode: 'cors',
|
||||
@ -38,6 +39,11 @@ export default class FrontendService extends Service {
|
||||
body: `password=${this._lastPassword}`
|
||||
}).then(() => {
|
||||
this._hasLoggedIn = true;
|
||||
}).catch((e) => {
|
||||
// Safari will error when x-site tracking is prevented and frontend/admin are separate
|
||||
// we don't want to break anything else in that case so make it look like it succeeded
|
||||
console.error(e); // eslint-disable-line
|
||||
return true;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
@ -38,7 +38,9 @@ export default class SessionService extends ESASessionService {
|
||||
this.feature.fetch(),
|
||||
this.settings.fetch()
|
||||
]);
|
||||
|
||||
await this.frontend.loginIfNeeded();
|
||||
|
||||
// update Sentry with the full Ghost version which we only get after authentication
|
||||
if (this.config.get('sentry_dsn')) {
|
||||
configureScope((scope) => {
|
||||
|
Loading…
Reference in New Issue
Block a user