Commit Graph

891 Commits

Author SHA1 Message Date
Fabien O'Carroll
121b7d200f Improved Members security and performance (#10511)
no-issue

* Corrected function names for rpc methods

* Updated gateway to store tokens locally

* Fixed lint

* Added hardcoded 30 minute expiry for member tokens

* Added default contentApiAccess config;

* Updated validateAudience method

This is required for security, we need to restrict which domains can access
tokens meant for the content api
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
eb94871b6c Added upgrade page to members auth (#10513)
no-issue
2019-05-07 17:35:17 +02:00
Zimo
3b7d35ed0a Applying basic styles to members popups
no issue
2019-05-07 17:35:17 +02:00
Rish
a06d924493 Updated members modal UI structure
no issue
2019-05-07 17:35:17 +02:00
Rishabh Garg
beeedf7005 Updated signup page for members (#10493)
no issue

* Added new subscribe page with stripe integration
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
464caaf5df Updated product hashseed to be hardcoded (#10484)
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
cd674fb470 Added config endpoint to Member API (#10467)
no-issue

* Added getPublicConfig method to stripe payment processor
* Added getPublicConfig method to subscriptions service
* Added initial config endpoint for members api
* Added getConfig method to members gateway
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
88b9f25541 Added initial subscription support with stripe to Members API (#10460)
These changes introduce a new "service" to the members api, which handles getting and creating subscriptions.

This is wired up to get subscription information when creating tokens, and attaching information to the token, so that the Content API can allow/deny access. 

Behind the subscription service we have a Stripe "payment processor", this holds the logic for creating subscriptions etc... in Stripe.

The logic for getting items out of stripe uses a hash of the relevant data as the id to search for, this allows us to forgo keeping stripe data in a db, so that this feature can get out quicker.
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
e1ba916ce6 Refactored auth pages for future flows (#10458)
no-issue

* Used camelCase for gateway method calls
* Added some components for building blocks of forms
* Added input specific components
* Added Form component
    This handles collecting the data to submit and sharing state between forms
* Added Pages component to handle urls
* Added the pages for the popup
* Added MembersProvider component
    This is designed to give its children access to gateway methods
* Added Modal component
    This wraps the pages and handles dispatching form submissions to the members gateway
* Refactored index.js to use new components/pages
* Fixed default page from Signup -> Signin
2019-05-07 17:35:17 +02:00
Rishabh Garg
0b2d70d617 Added new admin API for members (#10435)
no issue

- Added read and browse admin API for members
2019-05-07 17:35:17 +02:00
Rish
740209e2e4 Fixed console getting cleared on dev start
closes https://github.com/TryGhost/Ghost/issues/10409

- Removed `clearConsole` on preact cli
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
5ffdfe9875 Refactored members for management api (#10408)
no-issue
2019-05-07 17:35:17 +02:00
Rish
7ef520c2ea Fixed error handling for members reset password
no-issue

- Both input and form error was shown on submitting reset-password form
- Does not submit form anymore in case of validation errors
2019-05-07 17:35:17 +02:00
Peter Zimon
8d87eedcb4 Members auth ui refinements (#10279)
* Update mobile modal animations
* Member popup input error and placeholder refinements
* Adding close animation to members auth popups
* Improve members auth dialog
* Refine members reset password design
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
99aeda5909 Removed ssoOriginCheck from signout endpoint (#10277)
no-issue

the ssoOriginCheck exists to ensure that we only allow signin/signup to
be called from the specified auth page, this is a very minor security
feature in that it forces signins to go via the page you've designated.
signout however does not need this protection as the call to signout
completely bypasses any UI (this is the same for the call to /token)
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
b219e26ea6 Added members lib module (#10260)
* Added members library inc. gateway

refs #10213

* Added the auth pages and build steps for them

refs #10213

* Cleaned up logs

* Updated gruntfile to run yarn for member auth

* Design refinements on members popups

* UI refinements

* Updated backend call to trigger only if frontend validation passes

* Design refinements for error messages

* Added error message for email failure

* Updated request-password-reset to not attempt to send headers twice

* Updated preact publicPath to relative path

* Build auth pages on init
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
e511fcf4d9 Renamed index.js to app.js
no-issue

This is so when requiring the module we don't require a preact app in
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
adf8da686a Updated package.json to match packages
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
07e15b8f68 Added blank index.js
no-issue

This is to ensue the module is a valid node module
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
2731953423 Included dist and index.js in package files array
no-issue

This is to ensure the dist directory is including the the tarball for
npm, and that the module has an index.js file so it can be
requires/resolved
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
3679f10783 Fixed clean script to use dist directory
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
fd07779c1e Renamed index.js to app.js
no-issue

This is so when requiring the module we don't require a preact app in
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
3f71eccc77 Updated output public path to use root
no-issue

When installing this module in another project, we want to serve the
entire `dist` directory as-is, on whichever path we want, rather than
enforicing a /static after the relative part.
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
b31162b182 Renamed package to @tryghost/members-auth-pages
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
341d4294fc Updated to preact-cli@next
no-issue

This version includes support for workspaces
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
31d8ab12d7 Disabled linting temporarily
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
1bad6dee4e Fixed linting for auth-pages
no-issue
2019-05-07 17:15:50 +02:00
Zimo
d805f93c14 Updated members payment failed copy and style
no-issue
2019-05-07 17:15:50 +02:00
Rish
0872ff4e9b Updated signup flow to handle invalid payments
no issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
946514d630 Updated members auth pages to use gateway-protocol (#10695)
no-issue

This swaps out a hand copied library with the published one on npm
2019-05-07 17:15:50 +02:00
Zimo
0db210ab68 Added close event on member pages background click 2019-05-07 17:15:50 +02:00
Peter Zimon
25e5a31d91 Members refine buttons (#10692)
* Members: disabled signup button during signup

* Members: disabled non-Stripe signup button during signup

* Members: added check to Log in button logged in state
2019-05-07 17:15:50 +02:00
Zimo
e163f527a0 Updated mobile styles for members upgrade screen 2019-05-07 17:15:50 +02:00
Fabien O'Carroll
ce68df5462 Fixed subscription issue with null coupons
no-issue

Coupons were being sent as null to the api, so we support non required fields
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
9692a0f066 Added default disabled state of false to FormInput
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
9a842cab7c Removed unused onClick handler in StripeSubscribePage
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
eb0463b119 Added coupon support to StripeSubscribePage
no-issue

Only shows the (disabled) input when a coupon is available
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
5cb9850784 Cleaned up render{Subscribe,Upgrade}Page
no-issue

- ensured promises are returned
- removed unused prop
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
f0f1583817 Added CouponInput component
no-issue

This can be used in the subscribe pages to pass coupon info through
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
5b063659d0 Added support for disabled form elements
no-issue

This can be used for a coupon input in future
2019-05-07 17:15:50 +02:00
Rish
f3722b6979 Added spinner on member signup pages
no issue
2019-05-07 17:15:50 +02:00
Rish
ab2f65e5a5 Updated member signin page to show logged in status
no issue
2019-05-07 17:15:50 +02:00
Zimo
26728c50a8 Added fade in for signup complete page 2019-05-07 17:15:50 +02:00
Peter Zimon
09fde87ad9 Members refinements (#10689)
* Updated close animation speed for members pages
* Updated responsive styles for members mobile screens 
* Adding spinner CSS to members pages
* Adding members signup complete page
2019-05-07 17:15:50 +02:00
Rish
19f243aed1 Refactored members auth flow with dynamic settings
no issue

- Updated members auth flow UI
- Updated members settings and routing to be dynamic
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
33c574f257 Added support for serverside rendering of members content (#10522)
no-issue

- Added member auth middleware to siteApp
- Passed member as context in routing service
- set Cache-Control: private for member requests
- fucked up some tests
- Added member as global template variable
- Updated tokens to have expiry of subscription_period_end
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
b51b6b1d43 Added upgrade page to members auth (#10513)
no-issue
2019-05-07 17:15:50 +02:00
Zimo
3fbe1981d0 Applying basic styles to members popups
no issue
2019-05-07 17:15:50 +02:00
Rish
84d09e7dc6 Updated members modal UI structure
no issue
2019-05-07 17:15:50 +02:00
Rishabh Garg
7d826c4b44 Updated signup page for members (#10493)
no issue

* Added new subscribe page with stripe integration
2019-05-07 17:15:50 +02:00