Commit Graph

275 Commits

Author SHA1 Message Date
Sebastian Gierlinger
17225d4928 Set cookie secure flag
closes #1680
- added secure flag for cookies if SSL is forced
2013-12-21 20:18:13 +00:00
Fabian Becker
c81c43a96a Complete subdir support.
fixes #527
- Fix image upload in backend
- Use config.paths().webroot where necessary
2013-12-21 19:43:58 +00:00
William Dibbern
bf7692b151 Switch from multipart to busboy
Fixes #1227

- Removed deprecated `multipart` references.
- Setup `busboy` to pass along file streams and do a naive parse of form
values.
- Updated logic in file storage and db import to handle file streams
instead of the temporary files created by `multipart`.
2013-12-17 17:24:30 -06:00
Hannah Wolfe
1c52e3a980 Merge pull request #1636 from hswolff/standardize-path-access
Standardize file path access throughout ghost
2013-12-15 06:42:34 -08:00
Hannah Wolfe
db362b30cd Bug fixes, undefined should not be a string 2013-12-15 11:36:01 +00:00
Patrick Garman
a914077145 Add Force SSL Configuration/Middleware
Solves #1300
- Adds forceAdminSSL bool config value
- Adds checkSSL middleware
- Adds redirectSSL helper function
2013-12-15 10:01:02 +00:00
Hannah Wolfe
409cc34c1d Merge pull request #1651 from hswolff/issue-1645
Update config.theme() after every settings edit
2013-12-13 15:05:18 -08:00
Harry Wolff
9090764052 Standardize file path access throughout ghost
resolves #1390

update all string based references to file paths
to use the ./core/server/config/paths file
so that it is the single source of truth
2013-12-12 21:27:07 -05:00
Seb Gotvitch
fef9b4be25 Bug fixes for partial views
closes #1203
- Update express-hbs module to the new version (0.5.2)
- Use two instance of hbs one for the theme and an other for the admin
- Template helpers are register as partial view
- Partial views of the theme are reload when the theme changed

Remove clear partial cache in handlebars

This code will be move in `express-hbs`.
This doesn't cause a problem to remove this line but it is not clean.

Remove unused hbs instance

Resolve conflict
2013-12-12 12:11:02 -05:00
Harry Wolff
058b82bba1 Update config.theme() after every settings edit
fixes #1645

- removes server.get('ghost root') as it is only an alias
to config.paths().path, and adds unnecessary indirection
- removes config.theme().path as its just an alias to
config.paths().path, updated all relevant references
- update config.theme.update to only require the api/settings object,
and no longer need the config object
- modify api/settings.edit to call config.theme.update so that
the themeObject is ready for next rendering of template
2013-12-12 08:25:08 -05:00
Harry Wolff
c8c02a65fa Remove ghost.js
fixes #1575
- Moves most code that was in ghost.js into ./core/server/index.js
- Creates ./core/server/config/theme.js to hold all theme configurations 
(which previously lived on ghost.blogGlobals())
- Removed ghost.server, passing it in as an argument where needed 
and allowing middleware to hold onto a reference for lazy use.
2013-12-07 10:10:02 -05:00
Sebastian Gierlinger
078f464197 remove ghost.settings and ghost.notifications
covers 90% of #755
- moved ghost.settings to api.settings
- moved ghost.notifications to api.notifications
- split up api/index.js to notifications.js, posts.js, settings.js,
tags.js and users.js
- added instance.globals as temp workaround for blogglobals (Known
issue: blog title and blog description are updated after restart only)
- added webroot to config() to remove `var root = ...`
- changed `e` and `url` helper to async
- updated tests
2013-12-06 09:51:35 +01:00
Hannah Wolfe
dedc5d9239 Update activeTheme path on theme switch
fixes #1583

- the active theme path wasn't getting updated when we were switching theme
2013-11-28 16:10:34 +00:00
Hannah Wolfe
7b2bf5b98c Merge pull request #1577 from halfdan/527-subdir-admin
Fix Admin interface with sub directories
2013-11-28 05:14:23 -08:00
Harry Wolff
89154ad997 Restore support for using ghost as a npm module fixes #1326 2013-11-27 17:39:14 +00:00
Fabian Becker
dcd3b192c1 Subdir support for admin interface
refs #527
2013-11-27 09:57:38 +00:00
Sebastian Gierlinger
e95b592028 Remove cookie from Frontend
closes #1437
closes #1472

- changed cookie to path:'/ghost'
- added conditional CSRF middleware
- added redirects for signup, signin, signout to /ghost/sign*/
2013-11-26 10:38:54 +01:00
Hannah Wolfe
330722efdc Merge pull request #1535 from hswolff/create-config-module
Create config module to standardise getting paths and abs URLs
2013-11-25 14:03:29 -08:00
Hannah Wolfe
b7a8ea5945 Merge pull request #1565 from ErisDS/redirect-fixes
Putting back relative redirects
2013-11-25 13:57:07 -08:00
Harry Wolff
b920662790 Create the config module, initially used
to standardise getting paths and absolute URLs.  Easy
to extend for other configurations we may need.
2013-11-25 16:35:16 -05:00
Hannah Wolfe
5ad2d6178b Putting back relative redirects
issue #1523

- also added some comments to indicate the difference between the two custom middleware files.
2013-11-25 21:00:27 +00:00
ali
7946431b8d Issue #1556 - Fix meta_title is undefined
Closes #1556 and #1530

This should also fix meta_description in #1530 as well as the other bug that is not
filed for body_class
2013-11-25 13:47:56 +00:00
Fabian Becker
e210e75e97 Install in sub-directory support.
refs #527
2013-11-24 21:11:34 +00:00
Sebastian Gierlinger
3f2258e95b Replace cookieSession with session
- changed cookieSession to session
- added session.regenerate for login and logout
- added bookshelf session store
- added session table to database
- added import for databaseVersion 001
- added grunt task test-api
- cleanup of gruntfile to start express when needed only
- moved api tests to functional tests
2013-11-24 15:29:36 +01:00
Harry Wolff
985a23f446 Move server middleware configuration to related file 2013-11-19 21:05:57 -05:00