TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 09:52:06 +03:00
Code Issues Projects Releases Wiki Activity
13,182 Commits 250 Branches 1,686 Tags 378 MiB
35e51e364b
Commit Graph

7 Commits

Author SHA1 Message Date
Sam Lord
35e51e364b Switch to @tryghost/debug, remove ghost-ignition 
no issue
The only pieces of Ghost-Ignition used in Ghost were debug and
logging. Both of these modules have been superceded by the Framework
monorepo, and all usages of Ignition have now been removed, replaced
with @tryghost/debug and @tryghost/logging.
 2021-06-15 17:24:22 +01:00
Thibaut Patel
1d5c8ccf2b Fix the OAuth callback 
https://github.com/TryGhost/Team/issues/614

By binding the user session to the Ghost instance domain
 2021-05-21 10:50:03 +02:00
Thibaut Patel
2bcc934eb4 Disable CSRF on the oauth callback route 
no issue

Keeping CSRF enabled there would prevent oauth from working as users are redirected from the provider domain to the /callback route, where they are logged-in
 2021-05-18 20:44:21 +02:00
Thibaut Patel
14cae4b154 Added notes to oauth code for future improvements 
no issue
 2021-05-14 12:10:27 +02:00
Thibaut Patel
b1e8cd3179 Added oauth parameters to get a refresh token during login 
issue https://github.com/TryGhost/Team/issues/614
 2021-04-23 11:20:40 +02:00
Thibaut Patel
90f5a97c15 Fixed linting error 
commit c471ae11d4
 2021-04-21 19:45:03 +02:00
Thibaut Patel
c471ae11d4 Added oauth login and invitation acceptance 
issue https://github.com/TryGhost/Team/issues/614

- Users who have a password can directly sign-in via oauth
- User who are logged-in get their password disabled
- Users accepting an invitation get their password disabled
- The way we disable password is by setting it to a long random password
 2021-04-21 19:36:27 +02:00