TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 09:52:06 +03:00
Code Issues Projects Releases Wiki Activity
8,448 Commits 250 Branches 1,686 Tags 378 MiB
71160da3b5
Commit Graph

4 Commits

Author SHA1 Message Date
Fabien O'Carroll
71160da3b5
🐛 Fixed session auth for blogs running on sub dir (#9986) 
closes #9982

This adds the subdirectory to the path for the session cookie, enabling
cookies to be sent/set/parsed for the session authentication to work.
 2018-10-11 14:11:24 +07:00
Fabien O'Carroll
3516b15f9e
Updated session middleware to support node v6 (#9980) 
closes #9972

* Added breaking test for node v6 session auth
* Updated session middleware to support node v6

This uses the legacy url to obtain the origin rather than the WHATWG
URL class in order to support node <6.14.4
 2018-10-10 20:07:31 +07:00
Fabien O'Carroll
f9c8f2d0da
Included expected and actual origin in csrf error (#9974) 
refs #9865
refs #9972

The previous error message did not have enough information for a user to
self diagnose issues on their blog.
 2018-10-10 14:36:45 +07:00
Fabien O'Carroll
cb0c5dc582
Session auth service (#9910) 
refs #9865

* This service handles the session store and exporting middleware to be
used for creating and managing sessions

* Updates the auth service index.js file in line with how we do things elsewhere

* After wrapping the exports in a getter, the usage of rewire had broken
the authenticate tests, this commit _removes_ rewire from the tests, calls `init` on
the models before the tests (needed because rewire isn't there) and also
cleans up the use of var.
 2018-10-02 15:35:23 +07:00