no issue
- we have to remember the auth url in Ghost
- if Ghost starts for the first time, it registers a public client in the defined auth service
- if you change the auth service, Ghost won't recognize
- if Ghost doesn't recognize, you will see a client does not exist error in Ghost Admin
no issue
- auth.init happens in background and if an error occurs, Ghost will log this error to stdout/file
- do not double create Ignition error
- update passport-ghost to handle a none response from the auth service (e.g. wrong auth url), see 123da4dd94
* 🎨 update configuration files: database
refs #7488
- no default database configuration
- production: default is MySQL
* 🎨 add transport stdout to production for now
refs #7488
- production will log to stdout and file for now
- to reduce the risk of confusing users
- users would not see any stdout and they don't know that Ghost logs into file only in production
* 🎨 sanitize database properties
refs #7488
ServiceWorkers can only control the scope from which they have been served. Our service workers live, like all other files, in an `asset` folder - and could in theory only work on other files in there.
This commit fake-serves our service workers from `/ghost/`, thus allowing them to give everything offline powers.
refs #7488
- we have recently changed our url redirects
- see https://github.com/TryGhost/Ghost/pull/7937
- the url has a canonical meaning and that's why Ghost shouldn't force redirect to the blog url
closes#7864
- manual PR is needed, because master is on amperize 1.0.0
- but 1.0.0 was not published on purpose
- the latest release is 0.3.4
* chore: yarn.lock
closes#7256
- original code changes made by @golya in https://github.com/TryGhost/Ghost/pull/7304
- refactored edit method in user model to validate an existing email address
- added test coverage for existing email update in user model spec
no issue
- sometimes the integration test for api notifications failed
- this was caused because multiple tests are using the notifications API, which has a local notification store
- we need to ensure that tests, who add notifications to this store, reset the store after it's test iteration
no issue
- we had two middlewares:
1. url-redirects
2. redirects
- this was confusing, so i renamed (2) to custom redirects
custom-redirects.js: you can define custom redirects for your blog in a JSON file
url-redirects.js: Ghost takes care of required admin url or SSL redirects
no issue
- the update check service now supports a LTS option
- sending lts=false will force the update check service to search for the latest non LTS release
- as 1.0.0 is still in alpha, there is no latest release available
- that's why the update check service returns an error saying, there is no latest release available
- this error get's logged to shell right now
- as soon as we release 1.0.0, the error auto disappears
No behaviour change in any previous alpha version or any LTS release as they don't send the LTS option.
refs #7707
- be able to add a custom redirect file into the content folder
- define redirects as JSON format
The redirects feature is already present in the LTS branch.
I was not able to cherry-pick over, too many changes or conflicts.
Creating a PR to ensure 1. tests pass and 2. overview of code changes.
I had to add an example active theme to our test fixture utils, because otherwise Ghost will complain when forking Ghost.
* 🔥 kill apiUrl helper, use urlFor helper instead
More consistency of creating urls.
Creates an easier ability to add config changes.
Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.
* 🔥 urlSSL
Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.
e.g.
- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)
The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.
* 🔥✨ remove forceAdminSSL, add new admin url and adapt logic
I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:
1. remove forceAdminSSL
2. add admin.url option
- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option
* 🤖 adapt tests
IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware
* 😎 rename check-ssl middleware
* 🎨 fix theme-handler because of master rebase
no issue
- if using knex-migrator cli not the whole ghost application is required
- that's why we need to ensure the overrides file is loaded
- if not, all dates are in local dates