no-issue
This allows for simple trusted caching. We can still use the primary
cookie to determine whether or not a session exists, the cached cookie
can safely be deleted or ignored. This is an "progressive enhancement"
on top of the existing solution.
* Installed stripe@7.4.0
refs #38
We were relying on stripe being installed in Ghost, this moves the dep
to the correct package.
* Created exponentialBackoff wrapper for stripe api
refs #38https://stripe.com/docs/testing#rate-limits The stripe docs suggest to
use exponential backoff when recieving a rate limit error. This wrapper
will wrap stripe api calls, and retry them after 1s,2s,4s,8s,16s until
eventually failing. This gives a total of 5 retries over 31s.
* Added wrappers around the stripe api calls
refs #38
* Ensured all calls to stripe api go via exp backoff
refs #38
* Scaffolding out the error handling for stripe api
* Forwarding all errors
* Refactored stripe api into modules
* Ensured the ready promise object is not replaced
* Added logging setup
- Sets up common logger structure with custom logger passed through
* Ensure logger is kept in module state
* Renamed updateLogger to setLogger
* Removed `logger` param and exposed setLogger method
* Ensured different ids used for test mode
* Ensure setLogger works for prototype methods
* Removed reconfigureSettings method
* Updated payment processer service to keep static ready promise
* Added eventemitter to member api instance to handle errors
* Moved logging of errors to http level
no-issue
This is to allow support for consumers to dynamically update their
membersApi instance, for example when configuration changes, and not
have to replace the instance of members-ssr
refs #36
This removes the behaviour of forcing the `src` property to change when
opening the auth pages and insteads posts a message "asking" the auth
pages to update the location hash.
refs #36
This will allow the members-browser-auth library to post messages to the
auth-pages iframe, asking it to update the location from inside the
frame.
no-issue
This was the original design, to make it easy to incorporate into
another application, but the URL structure in Ghost did not allow for
it, we've since learnt that the URL structure _should_ be how it is
here, so we can export a router with both the auth endpoints and the
static files for the gateway