Commit Graph

349 Commits

Author SHA1 Message Date
Renovate Bot
b1fe580834 Update dependency @types/jsonwebtoken to v8.3.5 2019-11-05 16:53:39 +07:00
Fabien O'Carroll
19148dab4e Included subscription information when listing members
no-issue
2019-11-05 16:12:20 +07:00
Renovate Bot
2ce0c5a992 Update Test & linting packages 2019-11-01 13:40:10 +07:00
Renovate Bot
7684ad51c4 Update Node.js to 12 2019-11-01 13:40:00 +07:00
Fabien O'Carroll
a35d947413 Published new versions
- @tryghost/magic-link@0.3.1
 - @tryghost/members-api@0.8.3
 - @tryghost/members-ssr@0.7.2
2019-10-30 15:24:07 +07:00
Fabien O'Carroll
7a3c99886d Added logging for failed webhook verification
no-issue

This gives us some more information about the secret used
2019-10-30 14:40:16 +07:00
Renovate Bot
f233d5fc71 Update dependency cookies to ^0.8.0 2019-10-14 12:38:53 +07:00
Renovate Bot
97c9567744 Update dependency @types/node to v12.7.12 2019-10-14 12:38:19 +07:00
Fabien O'Carroll
123fc7dcd5 Published new versions
- @tryghost/members-ssr@0.7.1
2019-10-11 18:01:21 +07:00
Fabien O'Carroll
2a90d84e9a Added flag for disabling sign cookies
no-issue
2019-10-11 18:00:19 +07:00
Fabien O'Carroll
ebbf4e69f9 Published new versions
- @tryghost/magic-link@0.3.0
 - @tryghost/members-api@0.8.2
2019-10-11 12:03:51 +07:00
Fabien O'Carroll
47ed334597 Updated use of magic-link module to pass subject
no-issue

This takes advantage of magic-links smaller tokens
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
4c4d5aab91 Removed the need for audience and issuer claim
no-issue

This is unecessary as this is a closes system, the tokens are issued and
intended for the same service, using the same secret
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
483654a4b6 Removed user object from magic links
no-issue

This means magic link will rely solely on the `sub` claim for identifying the user
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
d248c909d9 Updated usage of magic-link, passing secret
no-issue
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
7a512f992b Updated to use HS256 signatures for tokens
no-issue

This makes the tokens a little more acceptable in plaintext emails
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
5d2e20fbb7 Published new versions
- @tryghost/magic-link@0.2.2
 - @tryghost/members-api@0.8.1
2019-10-10 20:21:23 +07:00
Fabien O'Carroll
e04898cb3d Pass getSubject option to MagicLink module
no-issue
2019-10-10 20:20:46 +07:00
Fabien O'Carroll
2de53f8571 Support custom subject line with getSubject option
no-issue
2019-10-10 20:20:46 +07:00
Fabien O'Carroll
1e8bac111f Pass email to getHTML and getSubject
no-issue

This will allow email templates to include the recipient
2019-10-10 20:20:46 +07:00
Fabien O'Carroll
2c4732b46d Published new versions
- @tryghost/magic-link@0.2.1
 - @tryghost/members-api@0.8.0
 - @tryghost/members-ssr@0.7.0
2019-10-09 10:51:35 +07:00
Fabien O'Carroll
2d058d8a47 Refactored updateSubscription to fetch payment info
no-issue
2019-10-09 10:48:57 +07:00
Fabien O'Carroll
5a0adce65d Inverted active check for subscriptions
no-issue

This is more explicit about what we consider to be an active subscription
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
5a17327a93 Improved error logging for webhook handling
no-issue
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
310972f73c Updated signatures for get/set metadata
no-issue
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
4c4cc90d05 Added the extra events to the stripe webhook
no-issue

* customer.subscription.deleted - when a subscription is cancelled
* customer.subscription.updated - when a subscription status/plan changes
* invoice.payment_succeeded - when a subscription has successfully renew
* invoice.payment.failed - when a subscription has failed to renew
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
6fc6718735 Renamed addCustomerToMember to updateCustomer
no-issue
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
8829b545a9 Updated handleStripeWebhook middleware
no-issue

This adds the handlers for the new events we want to listen to
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
68d65c905a Added webhook handlers for subscription lifecycle events
no-issue

We will need these to keep our metadata in sync with stripe
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
6806505a4c Updated stripe to store and retrieve from metadata
no-issue

This means that we will not have to make api requests to find out the
customers subscriptions
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
d11a0db726 Refactored some private methods for stripe
no-issue

This is to expose a clearer contract with the outside world
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
e6c8f77d4e Removed cookie based caching
no-issue

This was just a temporary stopgap. The correct solution is to cache in the backend
2019-10-09 10:46:55 +07:00
Renovate Bot
baee3ad0ac Update dependency @types/node to v12.7.11 2019-10-08 18:19:58 +07:00
Renovate Bot
56c892e7ed Update dependency @types/cookies to v0.7.4 2019-10-08 14:34:19 +07:00
Fabien O'Carroll
3d7c28a7f9 Published new versions
- @tryghost/members-api@0.7.7
2019-10-06 21:19:23 +07:00
Fabien O'Carroll
d6cb2ca796 Defaulted allowSelfSignup to true
no-issue

This is to keep backwards compatibility
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
1208b41b9f Added allowSelfSignup options to auth config
no-issue

This flag is used to allow the sendMagicLink middleware to send an email
to members which do not yet exist. When this flag is set to false, the
only way to create members, would be via the stripe webook, or via the
`create` method exposed on the `members` object
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
a643b3ff1f Sent "signup" emails when member created via stripe
no-issue

This is the correct email to send, as they are a new member
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
355dd8b501 Corrected logic to send signin/signup emails
no-issue

This ensures that existing members recieve "signin" emails and new
members recieve "signup" (or "subscribe") emails
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
3550452cd5 Published new versions
- @tryghost/members-api@0.7.6
2019-10-03 17:23:21 +07:00
Fabien O'Carroll
dd566b3d29 Added support for custome success/cancel urls
no-issue

This will allow clients to customise where they are redirecting to after
the stripe checkout session is exited.
2019-10-03 17:22:29 +07:00
Fabien O'Carroll
88832fa923 Published new versions
- @tryghost/members-api@0.7.5
 - @tryghost/members-ssr@0.6.0
2019-10-02 18:21:10 +07:00
Fabien O'Carroll
d02bab7ea8 Made sure we throw an error for invalid session
no-issue
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
a6adfdd92c Protected against missing member for id token
no-issue

If a cookie still exists after a member has been deleted we can have
some strange requests, this just ensures that we check for existence.
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
af25cfb619 Added interval, currency and last4 to stripe data
no-issue

This is attached to each "stripe item" belonging to a member
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
3861bf253c Added options to stripe retrieve request
no-issue

This will allow us to expand sub objects when talking to stripe
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
17a141f271 Published new versions
- @tryghost/members-api@0.7.4
2019-10-02 15:16:32 +07:00
Fabien O'Carroll
018471c07c Fixed usage of updateMember to use id correctly
no-issue
2019-10-02 15:15:20 +07:00
Fabien O'Carroll
e54b61297c Published new versions
- @tryghost/members-api@0.7.3
2019-10-02 15:06:10 +07:00
Fabien O'Carroll
071a54be7d Called cancelAllSubscriptions when destroying member
no-issue
2019-10-02 15:05:12 +07:00