Commit Graph

58 Commits

Author SHA1 Message Date
Sam Lord
20a37bdcd6 Verification trigger: Wrap values in NQL in single quotes
no issue
2022-02-04 11:54:48 +00:00
Sam Lord
771fa0988b Published new versions
- @tryghost/members-api@4.8.12
 - @tryghost/verification-trigger@0.1.2
2022-02-03 16:17:13 +00:00
Sam Lord
dbad2fc0a6 Add API source when verification triggered from API events
no issue

This allows the message to be changed when sending an email to the host administrator about an increase in API usage to add members.
2022-02-03 15:03:47 +00:00
Sam Lord
bf9070f945 Add API verification trigger with new filter
no issue

Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 15:02:33 +00:00
Fabien "egg" O'Carroll
4fde1d2667 Published new versions
- @tryghost/verification-trigger@0.1.1
2022-02-02 17:07:43 +02:00
Fabien 'egg' O'Carroll
96cd96a4f6 Removed API verification logic (#362)
no-issue

There is a bug in the event repository code where filters are not
correctly applied, this results in the api verification being extremely
trigger happy. For now we're removing the logic, with the plan to revert
this commit once the event repository is fixed.
2022-02-02 17:06:31 +02:00
Sam Lord
5e11a2e5c0 Published new versions
- @tryghost/member-analytics-service@0.1.8
 - @tryghost/member-events@0.3.4
 - @tryghost/members-analytics-ingress@0.1.9
 - @tryghost/members-api@4.8.3
 - @tryghost/members-importer@0.5.0
 - @tryghost/verification-trigger@0.1.0
2022-01-27 11:06:21 +00:00
Sam Lord
3c5cf21274 Added email verification trigger package
refs: https://github.com/TryGhost/Toolbox/issues/166

New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports).

The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 10:57:51 +00:00