Commit Graph

437 Commits

Author SHA1 Message Date
Matt Hanley
a9ea792d65
Updated OAuth middleware to use the correct URL helpers
no-ref

Hardcoded redirect URLs were breaking when admin and site URLs were
different, or when Ghost is configured with a subdirectory.
2021-09-23 17:26:29 +01:00
Daniel Lockyer
57664696a4 v4.15.1
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYUxOIgAKCRDSEYbwtHKV
 reO6AQCL2mFdVLBwRbpVQa2Zs9RlYKk88ivLRMpAZPPiElNblQEAqt710wrVbMwm
 hOOWbWdFpPOWCrop9zhO8GJSPeNpJw0=
 =Ff3M
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYUxTawAKCRDSEYbwtHKV
 ra28AQCcambctLCH70Sc7SJmexojA5k6Ti0p3pwOktWY/WygZQEAlMEHSDw89wdY
 3U8R8zY1d1MeXqj51Op95sTYwiDAjg8=
 =HoUL
 -----END PGP SIGNATURE-----

Merged v4.15.1 into main

v4.15.1
2021-09-23 11:13:56 +01:00
Fabien O'Carroll
944c2cc9af
🔒 Fixed member email change vulnerability
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr

This updates the signup/signin flow for members to no longer support the
email address change flow - which had missing authentication. It has
been replaced with a dedicated email change flow, and Portal has been
updated to use it.
2021-09-23 10:49:30 +01:00
Rishabh
1e239de039 Added new ingress endpoint for client-side events
res https://github.com/TryGhost/Team/issues/1064

- adds new events endpoint on members app to capture client side events for member analytics behind the `membersActivity` flag
2021-09-21 23:37:25 +05:30
Fabien O'Carroll
e71114bb8f Added Members bulk actions endpoint
refs https://github.com/TryGhost/Team/issues/946

This adds the initial bulk actions endpoint used for the members
filtering feature. The idea is to eventually move bulk destroy into this
endpoint to and provide a consistent interface for applying bulk actions
to members.

The @tryghost/members-api package has been bumped to include the new
bulkEdit method.

The sinon.restore in tests was moved to an afterEach so that stubs did
not effect other tests.
2021-08-23 16:38:21 +02:00
Fabien 'egg' O'Carroll
8abd344048
Removed non-existent labs file export
refs 9e2b21578a

Since the ref'd commit the labs middleware was moved to the shared labs module
and this require path no longer exists. This does not break anything as any module
still using this would error when reading the labs property
2021-08-13 13:41:38 +01:00
Naz
8fbbd524df Swapped to American English spellings
refs 16728a3ef1
2021-07-27 12:15:19 +04:00
Fabien O'Carroll
f900b4ee78 Moved theme middleware after static middleware
refs https://github.com/TryGhost/Team/issues/907

The theme middleware makes several calls to the content api in order to
populate global theme data for use in templates. By adding this
middleware after the static theme files, we remove redundant calls.
2021-07-21 11:25:02 +01:00
Thibaut Patel
489e470d7b Added a feature flag to the oauth login feature
issue https://github.com/TryGhost/Team/issues/614

- The feature flag was called `oauthLogin` instead of simply `oauth` to avoid clashes in the frontend `feature` service as it is merging the config and labs properties.
2021-07-20 23:16:49 +02:00
Fabien 'egg' O'Carroll
fc754c980f
Added missing comment to members .well-known mount
refs https://github.com/TryGhost/Team/issues/664

This was missed as part of PR review, as it is a non-standard mount location a comment
should be included to help our future selves!

PR: https://github.com/TryGhost/Ghost/pull/13163#discussion_r673066080
2021-07-20 13:58:29 +01:00
Fabien 'egg' O'Carroll
264fb51a87
Exposed Members pub keys on /members/.well-known/ (#13163)
refs https://github.com/TryGhost/Team/issues/664

The new WellKnownController and middleware handles exposing a JSON Web
Key Set for us.

In order to serve the keys on /members/.well-known/jwks.json without a
trailing slash, we must mount the wellKnown middleware before the
frontend.
2021-07-20 13:19:31 +01:00
Fabien 'egg' O'Carroll
1af2b50dcf
Added userAuth brute middleware to members auth endpoint (#13152)
refs https://github.com/TryGhost/Team/issues/696

The userAuth spam prevention logic is reused, but a new piece of
middleware has to be created so that we can use a custom lookup key to
conatin the member email.

We must also add json parsing middleware to the route so that the brute
middleware can read the email.

The express body-parser middleware handles multiple instances on the
same route, so this doesn't cause problems upstream.

https://github.com/expressjs/body-parser/blob/1.19.0/lib/types/json.js#L99-L103
2021-07-19 09:40:38 +01:00
Hannah Wolfe
9e2b21578a
Moved labs middleware into labs utility
- this middleware isn't used anywhere at the moment
- including it in our labs utility should help to make it moe discoverable
2021-07-08 09:05:41 +01:00
Hannah Wolfe
c29c118fcf
Moved labs utlity to shared
- This isn't really a "service" - it's a set of utilities for working with labs flags
- It's also required all over the place, and doesn't require anything that isn't shared
- Therefore, it should live in shared
2021-07-08 09:05:41 +01:00
Hannah Wolfe
72a1c0b898
Revert "Moved vhost mounts into boot file"
This reverts commit 7e61f73b8c.
2021-07-08 07:10:18 +01:00
Hannah Wolfe
8d38957bd7
Revert "Moved labs utlity to shared"
This reverts commit 782de52678.
2021-07-08 07:09:13 +01:00
Hannah Wolfe
145762485e
Revert "Moved labs middleware into labs utility"
This reverts commit 161ba51d2b.
2021-07-08 07:09:06 +01:00
Hannah Wolfe
161ba51d2b
Moved labs middleware into labs utility
- this middleware isn't used anywhere at the moment
- including it in our labs utility should help to make it moe discoverable
2021-07-07 21:47:19 +01:00
Hannah Wolfe
782de52678
Moved labs utlity to shared
- This isn't really a "service" - it's a set of utilities for working with labs flags
- It's also required all over the place, and doesn't require anything that isn't shared
- Therefore, it should live in shared
2021-07-07 21:41:34 +01:00
Hannah Wolfe
7e61f73b8c
Moved vhost mounts into boot file
- This stops the mounting of the admin and frontend from being buried deep in express initialisation
- Instead it's explicit, which makes two things almost possible:
   1. we can potentially boot the frontend or backend independently
   2. we can pass services and settings loaded during boot into the frontend
- This needs more work, but we can start to group all the frontend code together
- Meanwhile we also need to rip apart the routing and url services to decouple the frontend from the backend fully
- BABY STEPS!
2021-07-07 21:29:14 +01:00
Kevin Ansfield
69bc5a9dfd Fixed error when requesting resize of a blank image
closes https://github.com/TryGhost/Team/issues/819

- adds guard for an empty buffer when reading file from storage for resizing, if a blank image is loaded then redirect to the original file
2021-07-07 19:11:24 +01:00
Hannah Wolfe
61e1b19d46
Added comments to all usages of lib/common/events
- This is a precursor to trying to split apart into:
   - model events + webhooks system which makes sense
   - frontend events which should be independent or removed
   - maybe some concept of a settings manager that we can use in various places to bind logic 🤔
   - other usages of events that should be refactored to not use events
2021-07-07 16:02:44 +01:00
Naz
11f37a9363 Refactor imports in API's routes files
refs https://github.com/TryGhost/Team/issues/856

- There were two problems with routes.js files defining API routes:
- First, the module requires wen too deep into the "api" module and used specific api modules directly. We have an "index.js" file which defines an API for whole API, it should be used as an entry point to anything to do with the API.
- Second, The naming was inconsistent between the routes.js files for "api", "apiV2", "apiCanary" - it is an extra maintenance burden to go on and change each "api" name when the new version is introduced. The only thing that should be changed within these files is a single line on very top that "requires" a specific API version like so: "const api = require('../../../../api').canary;" - way less maintenance to change that canary to v5 instead of doing an extra rename for all "apiCanary" to "apiV5"
2021-07-07 18:33:25 +04:00
Hannah Wolfe
e7b80e50dc
Refactored bootstrap.init to require route settings
- The router bootstrap is no longer allowed to fetch it's own settings, but rather is passed them
- This moves the call to the site routes.js file, which isn't much better but it's a start
- The goal is to always pass these in from the boot process, or from the bridge reloader
2021-07-07 10:25:45 +01:00
Hannah Wolfe
bab5764179
Simplified + unified debug naming conventions
- Reduced the number of levels in our debug naming in the frontend
- Unified components like "themes" and "routing" under one name
- Should help to make debug slightly more useful again
2021-07-07 09:57:14 +01:00
Rishabh
5a1d3b0e95 Added cache control headers to members api
closes https://github.com/TryGhost/Team/issues/846

- members api was missing cacheControl middleware to declare its cache control headers
2021-07-06 20:33:14 +05:30
Naz
607623211a Corrected deprecation comment
no issue

- Ghost 4.0 didn't contain any breaking changes. Breaks like this one will be introduced in 5.0
2021-07-02 13:50:11 +04:00
Hannah Wolfe
bd597db829
Moved settings/cache to shared/settings-cache
- This is part of the quest to separate the frontend and server & get rid of all the places where there are cross-requires
- At the moment the settings cache is one big shared cache used by the frontend and server liberally
- This change doesn't really solve the fundamental problems, as we still depend on events, and requires from inside frontend
- However it allows us to control the misuse slightly better by getting rid of restricted requires and turning on that eslint ruleset
2021-06-30 15:49:10 +01:00
Hannah Wolfe
2c729e99f9
Added reload frontend wrapper to bridge
- Allows for slight decoupling of API and frontend with route settings being updated
- Activate theme now calls the same codepath to reload the frontend
- Yet another step on the path to make it possible to init/reload/run the frontend independently from the server
2021-06-29 18:45:03 +01:00
Daniel Lockyer
1ff4f6ce7d
Added guards against parentPort being null
fixes https://github.com/TryGhost/Team/issues/834

- see referenced issue for context
- there are times when `parentPort` can be null and the job crashes
  because `parentPort.postMessage` won't work
- this commit adds guards around `parentPort`, or moves code inside
  existing guards, to protect against this
2021-06-29 12:14:48 +01:00
Hannah Wolfe
77996d1ee4
Moved vhost arg logic out of the parent app
- Makes the logic for determining the admin and frontend vhost args independent and easier to test
- Moved the tests to specifically test the vhost utils & removed proxyquire as a dependency
- We want to breakdown the current parent app into the existing core/app.js and boot code, allowing us to decouple the backend and frontend further
- This is all part of the refactoring to separate server and frontend completely
2021-06-28 19:38:42 +01:00
Hannah Wolfe
fcce649600
🔥 Removed netjet support
refs: https://github.com/cloudflare/netjet/issues/46

- HTTP2/Push never made it, this module is therefore defunct
2021-06-28 16:13:46 +01:00
Thibaut Patel
f12f64e87b
🔒 Added a "reset all passwords" feature (#13005)
issue https://github.com/TryGhost/Team/issues/750

- Only accessible by admins
- Resets all staff users' passwords and prevents them to log-in
- Sends them a reset email password to give them back access to their account
- Closes all existing staff user sessions
2021-06-23 14:54:28 +02:00
Sam Lord
24332c3d24 Replaced ghost-version.js with @tryghost/version
no issue
Part of the effort to break up the Ghost codebase into smaller, decoupled modules.
2021-06-16 13:16:15 +01:00
Sam Lord
35e51e364b Switch to @tryghost/debug, remove ghost-ignition
no issue
The only pieces of Ghost-Ignition used in Ghost were debug and
logging. Both of these modules have been superceded by the Framework
monorepo, and all usages of Ignition have now been removed, replaced
with @tryghost/debug and @tryghost/logging.
2021-06-15 17:24:22 +01:00
Sam Lord
caea330647 Change to use @tryghost/logging
no issue

Logging is now controlled by a logginrc.js file in the root of the project - and now we can just import @tryghost/logging everywhere
2021-06-15 15:59:11 +01:00
Hannah Wolfe
16728a3ef1
Swapped to American English spellings
- Traditionally all of Ghost's public-facing text was written in British English
 - We're changing that to US English because that's more common
 - US English should also be used in code e.g. properties are called color not colour
 - most of these changes are in comments, but I've changed them so that we have US English in front of us always
 - fixed a few other typos I noticed whilst there
2021-06-09 16:39:06 +01:00
Fabien O'Carroll
83a9a1d0a5 Supported monthly & yearly price in Products API
refs https://github.com/TryGhost/Team/issues/712

- Adds a Content API for products, which can be used by the theme-engine
  middleware to populate the products data.
- Removes Stripe ids from Content API so they cannot be used to
  initiate checkout sessions directly
- The monthly_price and yearly_price are used to create new prices, and
  to set them to the default monthly & yearly price for the product.
2021-06-03 17:08:02 +01:00
Naz
88564751f9 Removed duplicate update check error hanlindg
refs https://github.com/TryGhost/Team/issues/726

- Update check service is self contained and handles errors through logging internally. There is no visible upside to do the same logging in multiple places
2021-05-26 15:52:24 +04:00
Thibaut Patel
1d5c8ccf2b Fix the OAuth callback
https://github.com/TryGhost/Team/issues/614

By binding the user session to the Ghost instance domain
2021-05-21 10:50:03 +02:00
Hannah Wolfe
05a16948a3
Moved testmode routes into a correctly named file
- testmode routing was in an index.js file, this breaks our coding standards
- these routes belong in routes file, same as all other routes
2021-05-20 11:42:27 +01:00
Thibaut Patel
2bcc934eb4 Disable CSRF on the oauth callback route
no issue

Keeping CSRF enabled there would prevent oauth from working as users are redirected from the provider domain to the /callback route, where they are logged-in
2021-05-18 20:44:21 +02:00
Thibaut Patel
14cae4b154 Added notes to oauth code for future improvements
no issue
2021-05-14 12:10:27 +02:00
Hannah Wolfe
273e220327 Moved i18n to shared
refs 829e8ed010

- i18n is used everywhere but only requires shared or external packages, therefore it's a good candidate for living in shared
- this reduces invalid requires across frontend and server, and lets us use it everywhere until we come up with a better option
2021-05-04 13:03:38 +01:00
Hannah Wolfe
829e8ed010 Expanded requires of lib/common i18n and events
- Having these as destructured from the same package is hindering refactoring now
- Events should really only ever be used server-side
- i18n should be a shared module for now so it can be used everywhere until we figure out something better
- Having them seperate also allows us to lint them properly
2021-05-03 17:14:52 +01:00
Daniel Lockyer
15ecfd471b
Merged v4.3.3 into main
v4.3.3
2021-04-29 12:14:39 +01:00
Hannah Wolfe
14b3431de1
🔒 Removed unused and insecure preview endpoint
refs: https://github.com/TryGhost/Ghost/security/advisories/GHSA-9fgx-q25h-jxrg

- This was part of an experiment during the build phase of 4.0. We never ended up using it, but the endpoint wasn't cleaned up.
- The endpoint leaves sites open to a security vulnerability. Anyone running 4.x should update to 4.3.3

Credits: Paul Gerste, SonarSource (https://www.sonarsource.com/)
2021-04-29 12:10:39 +01:00
Fabien 'egg' O'Carroll
33f26fbf32
Updated subscriptions for Members Admin API
refs https://github.com/TryGhost/Team/issues/616

We need a way to assign Products to Members via a Subscription, and we've
followed the same pattern as the editSubscription method for the Members API
controller, which acts upon Subscriptions as a nested resource.

Subscriptions now are linked to products, and we've included those links by
default in the Member Admin API as we already include subscriptions by
default, and Products are now a core part of the Members feature-set.
2021-04-26 17:14:34 +01:00
Hannah Wolfe
fdefa4964f Moved bridge into its proper location
- Modules in /shared are supposed to be standalone modules that can be required by the server or frontend
- As the server shouldn't require the frontend, and vice versa, shared modules should require neither
- Otherwise it just becomes a crutch for allowing cross-depenencies, and will create circular dependencies

The Bridge
- The bridge file is not meant to be a crutch sat allowing cross-dependencies, but rather a new component that manages the flow of data
- That data flows from the server/boot process TO the frontend, and should not flow in the other direction
- The management of that flow of data is necessarily hacky at the moment, but over time the architecture here should get clearer and better
- Still, for the time being it will need to handle requiring across components until that architecture matures
- Therefore, it should live in core root, not in core/shared
2021-04-26 14:38:57 +01:00
Hannah Wolfe
b9fc68b1b4 Moved theme middleware to new theme engine service
refs: bf0823c9a2

- continuing the work of splitting up the theme service into logical components
2021-04-24 20:01:09 +01:00