🐛 Fixed login problems in Safari on private sites that have front-end/admin on different domains

no issue

- if the automatic private site login fails during post-auth setup, don't fully error because that will block Admin from loading properly
- the automatic login is a nice-to-have and making it look like it worked won't break anything that wouldn't already be broken when the browser is blocking x-domain requests
This commit is contained in:
Kevin Ansfield 2021-11-09 15:38:48 +00:00
parent 93d16dfe56
commit 8b007802d4
2 changed files with 8 additions and 0 deletions

View File

@ -27,6 +27,7 @@ export default class FrontendService extends Service {
if (this.settings.get('isPrivate') && (this.hasPasswordChanged || !this._hasLoggedIn)) { if (this.settings.get('isPrivate') && (this.hasPasswordChanged || !this._hasLoggedIn)) {
const privateLoginUrl = this.getUrl('/private/?r=%2F'); const privateLoginUrl = this.getUrl('/private/?r=%2F');
this._lastPassword = this.settings.get('password'); this._lastPassword = this.settings.get('password');
return fetch(privateLoginUrl, { return fetch(privateLoginUrl, {
method: 'POST', method: 'POST',
mode: 'cors', mode: 'cors',
@ -38,6 +39,11 @@ export default class FrontendService extends Service {
body: `password=${this._lastPassword}` body: `password=${this._lastPassword}`
}).then(() => { }).then(() => {
this._hasLoggedIn = true; this._hasLoggedIn = true;
}).catch((e) => {
// Safari will error when x-site tracking is prevented and frontend/admin are separate
// we don't want to break anything else in that case so make it look like it succeeded
console.error(e); // eslint-disable-line
return true;
}); });
} }
} }

View File

@ -38,7 +38,9 @@ export default class SessionService extends ESASessionService {
this.feature.fetch(), this.feature.fetch(),
this.settings.fetch() this.settings.fetch()
]); ]);
await this.frontend.loginIfNeeded(); await this.frontend.loginIfNeeded();
// update Sentry with the full Ghost version which we only get after authentication // update Sentry with the full Ghost version which we only get after authentication
if (this.config.get('sentry_dsn')) { if (this.config.get('sentry_dsn')) {
configureScope((scope) => { configureScope((scope) => {