Commit Graph

1203 Commits

Author SHA1 Message Date
Naz Gargol
3060e11a4e Changed members-api constructor to accept Member model directly (#105)
no issue

- As members have become a part of Ghost core there is no need to proxy methods like this anymore and we can allow members-api to work on the model directly
- Methods come from Ghost core: https://github.com/TryGhost/Ghost/blob/cc39786/core/server/services/members/api.js#L11-L110
2019-12-05 18:16:18 +07:00
Naz Gargol
0149dd8f4d Added priority to webhook secret if present in env (#103)
no issue

- When debugging Stripe with using: `stripe listen \
  --forward-to http://ghost.local/members/webhooks/stripe/` this priority is nice to have so that Ghost process can be initialized using WEBHOOK_SECRET env variable
- It was not working in current form because Stripe recognized `ghost.local` as a valid domain and didn't throw any errors
- Removed unneeded secret assignment in a catch statement. It is redundant with the new implementation
2019-11-25 13:15:28 +07:00
Fabien O'Carroll
9da1a18770 Published new versions
- @tryghost/magic-link@0.3.2
 - @tryghost/members-api@0.9.0
 - @tryghost/members-ssr@0.7.3
2019-11-05 18:22:07 +07:00
Renovate Bot
297425402b Update dependency @types/nodemailer to v6.2.2 2019-11-05 16:53:53 +07:00
Renovate Bot
b1fe580834 Update dependency @types/jsonwebtoken to v8.3.5 2019-11-05 16:53:39 +07:00
Fabien O'Carroll
19148dab4e Included subscription information when listing members
no-issue
2019-11-05 16:12:20 +07:00
Renovate Bot
2ce0c5a992 Update Test & linting packages 2019-11-01 13:40:10 +07:00
Renovate Bot
7684ad51c4 Update Node.js to 12 2019-11-01 13:40:00 +07:00
Fabien O'Carroll
a35d947413 Published new versions
- @tryghost/magic-link@0.3.1
 - @tryghost/members-api@0.8.3
 - @tryghost/members-ssr@0.7.2
2019-10-30 15:24:07 +07:00
Fabien O'Carroll
7a3c99886d Added logging for failed webhook verification
no-issue

This gives us some more information about the secret used
2019-10-30 14:40:16 +07:00
Renovate Bot
f233d5fc71 Update dependency cookies to ^0.8.0 2019-10-14 12:38:53 +07:00
Renovate Bot
97c9567744 Update dependency @types/node to v12.7.12 2019-10-14 12:38:19 +07:00
Fabien O'Carroll
123fc7dcd5 Published new versions
- @tryghost/members-ssr@0.7.1
2019-10-11 18:01:21 +07:00
Fabien O'Carroll
2a90d84e9a Added flag for disabling sign cookies
no-issue
2019-10-11 18:00:19 +07:00
Fabien O'Carroll
ebbf4e69f9 Published new versions
- @tryghost/magic-link@0.3.0
 - @tryghost/members-api@0.8.2
2019-10-11 12:03:51 +07:00
Fabien O'Carroll
47ed334597 Updated use of magic-link module to pass subject
no-issue

This takes advantage of magic-links smaller tokens
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
4c4d5aab91 Removed the need for audience and issuer claim
no-issue

This is unecessary as this is a closes system, the tokens are issued and
intended for the same service, using the same secret
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
483654a4b6 Removed user object from magic links
no-issue

This means magic link will rely solely on the `sub` claim for identifying the user
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
d248c909d9 Updated usage of magic-link, passing secret
no-issue
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
7a512f992b Updated to use HS256 signatures for tokens
no-issue

This makes the tokens a little more acceptable in plaintext emails
2019-10-11 11:58:23 +07:00
Fabien O'Carroll
5d2e20fbb7 Published new versions
- @tryghost/magic-link@0.2.2
 - @tryghost/members-api@0.8.1
2019-10-10 20:21:23 +07:00
Fabien O'Carroll
e04898cb3d Pass getSubject option to MagicLink module
no-issue
2019-10-10 20:20:46 +07:00
Fabien O'Carroll
2de53f8571 Support custom subject line with getSubject option
no-issue
2019-10-10 20:20:46 +07:00
Fabien O'Carroll
1e8bac111f Pass email to getHTML and getSubject
no-issue

This will allow email templates to include the recipient
2019-10-10 20:20:46 +07:00
Fabien O'Carroll
2c4732b46d Published new versions
- @tryghost/magic-link@0.2.1
 - @tryghost/members-api@0.8.0
 - @tryghost/members-ssr@0.7.0
2019-10-09 10:51:35 +07:00
Fabien O'Carroll
2d058d8a47 Refactored updateSubscription to fetch payment info
no-issue
2019-10-09 10:48:57 +07:00
Fabien O'Carroll
5a0adce65d Inverted active check for subscriptions
no-issue

This is more explicit about what we consider to be an active subscription
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
5a17327a93 Improved error logging for webhook handling
no-issue
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
310972f73c Updated signatures for get/set metadata
no-issue
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
4c4cc90d05 Added the extra events to the stripe webhook
no-issue

* customer.subscription.deleted - when a subscription is cancelled
* customer.subscription.updated - when a subscription status/plan changes
* invoice.payment_succeeded - when a subscription has successfully renew
* invoice.payment.failed - when a subscription has failed to renew
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
6fc6718735 Renamed addCustomerToMember to updateCustomer
no-issue
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
8829b545a9 Updated handleStripeWebhook middleware
no-issue

This adds the handlers for the new events we want to listen to
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
68d65c905a Added webhook handlers for subscription lifecycle events
no-issue

We will need these to keep our metadata in sync with stripe
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
6806505a4c Updated stripe to store and retrieve from metadata
no-issue

This means that we will not have to make api requests to find out the
customers subscriptions
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
d11a0db726 Refactored some private methods for stripe
no-issue

This is to expose a clearer contract with the outside world
2019-10-09 10:46:55 +07:00
Fabien O'Carroll
e6c8f77d4e Removed cookie based caching
no-issue

This was just a temporary stopgap. The correct solution is to cache in the backend
2019-10-09 10:46:55 +07:00
Renovate Bot
baee3ad0ac Update dependency @types/node to v12.7.11 2019-10-08 18:19:58 +07:00
Renovate Bot
56c892e7ed Update dependency @types/cookies to v0.7.4 2019-10-08 14:34:19 +07:00
Fabien O'Carroll
3d7c28a7f9 Published new versions
- @tryghost/members-api@0.7.7
2019-10-06 21:19:23 +07:00
Fabien O'Carroll
d6cb2ca796 Defaulted allowSelfSignup to true
no-issue

This is to keep backwards compatibility
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
1208b41b9f Added allowSelfSignup options to auth config
no-issue

This flag is used to allow the sendMagicLink middleware to send an email
to members which do not yet exist. When this flag is set to false, the
only way to create members, would be via the stripe webook, or via the
`create` method exposed on the `members` object
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
a643b3ff1f Sent "signup" emails when member created via stripe
no-issue

This is the correct email to send, as they are a new member
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
355dd8b501 Corrected logic to send signin/signup emails
no-issue

This ensures that existing members recieve "signin" emails and new
members recieve "signup" (or "subscribe") emails
2019-10-06 21:18:09 +07:00
Fabien O'Carroll
3550452cd5 Published new versions
- @tryghost/members-api@0.7.6
2019-10-03 17:23:21 +07:00
Fabien O'Carroll
dd566b3d29 Added support for custome success/cancel urls
no-issue

This will allow clients to customise where they are redirecting to after
the stripe checkout session is exited.
2019-10-03 17:22:29 +07:00
Fabien O'Carroll
88832fa923 Published new versions
- @tryghost/members-api@0.7.5
 - @tryghost/members-ssr@0.6.0
2019-10-02 18:21:10 +07:00
Fabien O'Carroll
d02bab7ea8 Made sure we throw an error for invalid session
no-issue
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
a6adfdd92c Protected against missing member for id token
no-issue

If a cookie still exists after a member has been deleted we can have
some strange requests, this just ensures that we check for existence.
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
af25cfb619 Added interval, currency and last4 to stripe data
no-issue

This is attached to each "stripe item" belonging to a member
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
3861bf253c Added options to stripe retrieve request
no-issue

This will allow us to expand sub objects when talking to stripe
2019-10-02 18:19:39 +07:00
Fabien O'Carroll
17a141f271 Published new versions
- @tryghost/members-api@0.7.4
2019-10-02 15:16:32 +07:00
Fabien O'Carroll
018471c07c Fixed usage of updateMember to use id correctly
no-issue
2019-10-02 15:15:20 +07:00
Fabien O'Carroll
e54b61297c Published new versions
- @tryghost/members-api@0.7.3
2019-10-02 15:06:10 +07:00
Fabien O'Carroll
071a54be7d Called cancelAllSubscriptions when destroying member
no-issue
2019-10-02 15:05:12 +07:00
Fabien O'Carroll
6fe46a79f3 Added cancelAllSubscriptions method
no-issue

This gets all subscriptions, filters out ones which have already been
cancelled and cancels the rest
2019-10-02 15:05:12 +07:00
Fabien O'Carroll
18aeed905a Refactored getActiveSubscriptions to getSubscriptions
no-issue
2019-10-02 15:05:12 +07:00
Fabien O'Carroll
ea5503f58d Published new versions
- @tryghost/members-api@0.7.2
2019-10-02 13:52:10 +07:00
Fabien O'Carroll
561493bfb2 Added debugs and improved getCustomer handling
no-issue

This adds more debugs so we can follow what's happening and also adds
better handing for failures when getting a customer from stripe
2019-10-02 13:47:37 +07:00
Fabien O'Carroll
1c3e563ad7 Improved logging for members-api
no-issue

This allows the logger to be passed in, and configures stripe to have access to it
2019-10-02 13:47:37 +07:00
Fabien O'Carroll
80f1155590 Ensured we do not create multiple webhooks on boot
no-issue

This updates the initialisation logic to fetch all webhooks (we use
limit: 100, and there are currently a max of 16 webhooks in stripe) and
find one with the corrct url. Once found, delete that webhook. We then
attempt to create a new one, and log out any errors (this is to allow
for local development, creating a webhook with a local url is expected
to fail)
2019-10-02 13:47:37 +07:00
Fabien O'Carroll
48cb8d14da Wrapped getCustomer in try catch
no-issue

This protects against live/test mode poisoned databases
2019-10-02 13:47:37 +07:00
Fabien O'Carroll
d1b29fd0b7 Added list and update stripe requests
no-issue

These will be used for listing and updating webhooks on configuration
2019-10-02 13:47:37 +07:00
Fabien O'Carroll
11a5a9ac69 Published new versions
- @tryghost/members-api@0.7.1
2019-10-01 17:48:31 +07:00
Fabien O'Carroll
0b5a70dcf4 Added default options param for users#create
no-issue

This allows create to have an optional second parameter, so that it
doesn't error when called with just data.
2019-10-01 17:42:22 +07:00
Fabien O'Carroll
d85ea20ad2 Published new versions
- @tryghost/magic-link@0.2.0
 - @tryghost/members-api@0.7.0
2019-10-01 14:47:27 +07:00
Fabien O'Carroll
ece58fe9fd Pass through getText and getHTML function from mail
no-issue

This will allow consumers of this module to customise the content of emails
2019-10-01 14:46:17 +07:00
Fabien O'Carroll
b852de95c8 Updated members-api to pass the emailType to magic-link
no-issue

This will allow requests to send the correct email
2019-10-01 14:46:17 +07:00
Fabien O'Carroll
d2634c7c7b Added type param to content generation functions
no-issue

This will allow conditional logic based on the type passed to sending the magic-link
2019-10-01 14:46:17 +07:00
Fabien O'Carroll
5170c7c1d4 Published new versions
- @tryghost/magic-link@0.1.4
 - @tryghost/members-api@0.6.2
 - @tryghost/members-ssr@0.5.2
2019-10-01 11:21:07 +07:00
Fabien O'Carroll
8422a2f28d Fixed signature for listMembers call
no-issue
2019-10-01 11:02:54 +07:00
Fabien O'Carroll
957a0df658 Ensured falsy values not returned from cache cookie
no-issue
2019-09-30 12:10:29 +07:00
Fabien O'Carroll
ab4493db5f Ensured falsy values are not set as cookies
no-issue
2019-09-30 12:10:29 +07:00
Renovate Bot
0a0caca573 Update dependency @types/node to v12.7.8 2019-09-30 11:20:50 +07:00
Renovate Bot
f404e2bd1a Update dependency @types/cookies to v0.7.3 2019-09-30 02:32:14 +00:00
Renovate Bot
ab023e1df9 Update Test & linting packages 2019-09-30 01:35:30 +00:00
Fabien O'Carroll
f966907c78 Published new versions
- @tryghost/members-api@0.6.1
2019-09-26 17:14:08 +07:00
Fabien O'Carroll
530390124b Added flag to create member for sending email
no-issue

This allows us to give more functionality to consumers, with a smaller
API (rather than exposing the methods for sending a magic-link email)
2019-09-26 17:11:17 +07:00
Fabien O'Carroll
ff0dc6a168 Published new versions
- @tryghost/magic-link@0.1.3
 - @tryghost/members-api@0.6.0
 - @tryghost/members-ssr@0.5.1
2019-09-25 17:13:00 +07:00
Fabien O'Carroll
acf01e9065 Updated members-api to export POJO
no-issue

Previously members-api exported a pre configured express router with the
paths and handlers defined. This did not allow for much control from the
parent application. This replaces this pattern by exposing middlewares,
which the parent application can mount where it sees fit.
2019-09-25 16:53:08 +07:00
Fabien O'Carroll
d67ad13057 Updated handler for checkout to not require member
no-issue

This will allow the flow to start from the frontend.
2019-09-25 16:53:08 +07:00
Fabien O'Carroll
f7630ec05b Updated createCheckoutSession to work w/o member
no-issue

This will allow us to do a payment first flow, in which a payment is
taken, before creating a member
2019-09-25 16:53:08 +07:00
Fabien O'Carroll
0527304376 Updated stripe to setAppInfo and apiVersion
no-issue
2019-09-25 11:35:58 +07:00
Fabien O'Carroll
6722d3bc8a Ensured member is not linked to customer twice
no-issue

Edge case but easy to solve - so we dun it
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
db42b35e9f Added handler for checkout.session.completed
no-issue

This will link the customer from the checkout session to the member with
the same email
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
ed4dfd8d54 Updated users module to use getActiveSubscriptions
no-issue

This offloads some stripe specific logic into the stripe module
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
314fd6a540 Added method for getting active subscriptions
no-issue
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
a92d5f064b Added method for getting stripe customer for member
no-issue

This finds the first active customer that is linked to the member, and
created and links a new customer if a viable one does not exist.
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
69abbc6fa2 Added method for linking customer to member
no-issue

Uses the metadata storage passed into stripe
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
9beb496bd1 Passed in metadata getter/setter to stripe
no-issue

This will be used to store information such as customer id
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
644fd71d4f Removed unused getPublicConfig method from stripe
no-issue

Don't use it you lose it!
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
373f67a117 Added getCustomer method to stripe
no-issue

This uses the stripeRequests module directly since the customers api was
removed.
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
2849c647d6 Added parseWebhook method to stripe
no-issue

This uses the webhook secret and stripe module to validate the signature
and parse the body into an object
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
343fcecfff Updated stripe to create webhook on boot configure
no-issue

This will allow us to a) have an endpoint to receive webhooks and b) get
hold of the webhook secret to validate the signature.
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
4dc42709c3 Removed superfluous stripe api modules
no-issue

This removes the subscription api as we are using stripe checkout to
generate those

This removes the customers api as we no longer need the deterministic
api for it
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
216ab072b4 Refactored users module to wrap all methods
no-issue

This also adds initial support for `update` user - which is not used
2019-09-25 11:20:02 +07:00
Fabien O'Carroll
f7b61e901d Removed body-parser from router middleware
no-issue

Validating stripe webhooks requires the body as a buffer, so we can no
longer parse json body by default
2019-09-25 11:20:02 +07:00
Renovate Bot
82346ef67b Pin dependencies 2019-09-24 12:18:18 +07:00
Renovate Bot
2c79eec311 Update dependency @types/jsonwebtoken to v8.3.4 2019-09-23 01:26:26 +00:00
Fabien O'Carroll
c4b2852572 Removed unecessary .gitkeep 2019-09-18 14:46:13 +08:00
Fabien O'Carroll
55d9bb670d Removed unused packages
no-issue

These are not currently used, we can bring them back if we need them
again
2019-09-16 14:07:36 +08:00
Fabien O'Carroll
cb9f10e28d Set unused modules to private
no-issue

This can be just temporary so that we are not generating a lot of noise
with constantly publishing these modules
2019-09-16 14:05:51 +08:00
Fabien O'Carroll
58cb25fe86 Published new versions
- @tryghost/magic-link@0.1.2
 - @tryghost/members-api@0.5.3
 - @tryghost/members-browser-auth@0.2.3
 - @tryghost/members-gateway-api@0.1.7
 - @tryghost/members-ssr@0.5.0
 - @tryghost/members-theme-bindings@0.2.6
2019-09-16 14:01:13 +08:00
Fabien O'Carroll
49380c3dc4 Updated README for new members-ssr API
no-issue
2019-09-16 14:00:00 +08:00
Fabien O'Carroll
667061676b Updated example.js to reflect new API
no-issue
2019-09-16 13:58:05 +08:00
Fabien O'Carroll
016422ce06 Updated members-ssr to use token from query string
no-issue

This changes the exchangeTokenForSession method to read the token from a
`token` query string, rather than from the request body.

This also includes a refactor to change MembersSSR into a class, and
document all methods with JsDoc type annotations which can be
interpreted by the typescript compiler
2019-09-16 13:58:05 +08:00
Fabien O'Carroll
e2d06307f2 Added tsconfig.json to members-ssr
no-issue
2019-09-16 13:58:05 +08:00
Fabien O'Carroll
55eb2e8919 Installed @types/{cookies,node} to members-ssr
no-issue

This is for the typescript compiler to give us correct types
2019-09-16 13:58:05 +08:00
Renovate Bot
b50b0faa40 Update dependency eslint to v6.4.0 2019-09-16 02:26:20 +00:00
Renovate Bot
12dfdc9b25 Update dependency @types/node to v12.7.5 2019-09-16 01:27:09 +00:00
Fabien O'Carroll
8b54a91b60 Published new versions
- @tryghost/members-api@0.5.2
2019-09-15 11:50:11 +08:00
Fabien O'Carroll
de0baded13 Logged error when sending email (#62)
no-issue
2019-09-15 11:48:11 +08:00
Fabien O'Carroll
b834c70559 Published new versions
- @tryghost/magic-link@0.1.1
 - @tryghost/members-api@0.5.1
 - @tryghost/members-auth-pages@1.1.3
 - @tryghost/members-browser-auth@0.2.2
 - @tryghost/members-gateway-api@0.1.6
 - @tryghost/members-gateway-protocol@0.1.4
 - @tryghost/members-ssr@0.4.0
 - @tryghost/members-theme-bindings@0.2.5
2019-09-09 15:53:10 +08:00
Fabien O'Carroll
458bcf41fa Stored cached member data in separate cookie
no-issue

This allows for simple trusted caching. We can still use the primary
cookie to determine whether or not a session exists, the cached cookie
can safely be deleted or ignored. This is an "progressive enhancement"
on top of the existing solution.
2019-09-09 15:51:20 +08:00
Fabien O'Carroll
d741cd9fba Returned fully hydrated member object when creating member
no-issue
2019-09-09 15:51:20 +08:00
Renovate Bot
1e61c08c0c Update dependency postcss-custom-properties to v9 2019-09-09 14:29:48 +08:00
Renovate Bot
84f9e69a50 Update dependency sinon to v7.4.2 2019-09-09 13:57:00 +08:00
Renovate Bot
ced9f1067d Update dependency cssnano to v4.1.10 2019-09-09 05:17:38 +00:00
Renovate Bot
f5d3cd2be8 Update dependency postcss-css-variables to v0.13.0 2019-09-09 04:46:42 +00:00
Renovate Bot
8a93a747cf Update dependency autoprefixer to v9.6.1 2019-09-09 02:34:11 +00:00
Renovate Bot
04d5f0b0b6 Update dependency @types/node to v12.7.4 2019-09-09 01:28:21 +00:00
Fabien O'Carroll
cb3cedd9df Published new versions
- @tryghost/members-api@0.5.0
 - @tryghost/members-ssr@0.3.1
2019-09-06 14:56:19 +08:00
Fabien O'Carroll
4ead495b45 Ensured that destroying member removes stripe customer
no-issue

This also mean sthe subscription will be cancelled
2019-09-06 14:30:27 +08:00
Fabien O'Carroll
ec3948287f Added subscription data when fetching member 2019-09-06 14:30:27 +08:00
Fabien O'Carroll
4f1bc288c5 Added support for stripe checkout payments 2019-09-06 14:30:27 +08:00
Fabien O'Carroll
61561a5af6 Added stripe payments module 2019-09-06 14:30:27 +08:00
Fabien O'Carroll
7376a333c2 Removed lib/subscriptions
no-issue

This is no longer used
2019-09-06 14:30:27 +08:00
Fabien O'Carroll
1c5ba6056a Removed lib/cookies
no-issue

This is no longer used
2019-09-06 14:30:27 +08:00
Fabien O'Carroll
8bfcc37ad4 Removed lib/util
no-issue

This is no longer used
2019-09-06 14:30:27 +08:00
Fabien O'Carroll
64738adfc0 Removed gateway
no-issue

This is no longer needed
2019-09-06 14:30:27 +08:00
Fabien O'Carroll
198e525d59 Fixed getMemberIdentiyTokenFromSession
no-issue

This did not have the cookieConfig passed, so could not correctly parse request
2019-09-06 14:30:27 +08:00
Fabien O'Carroll
95ed945f6d Published new versions
- @tryghost/members-api@0.4.1
 - @tryghost/members-auth-pages@1.1.2
2019-09-05 11:01:48 +08:00
Fabien O'Carroll
ffd20f74f0 Exported members from members-api
no-issue

This allows consumers of the service to fetch members with payment info
2019-09-05 11:00:46 +08:00
Fabien O'Carroll
e8efb21676 Removed members-auth-pages yarn.lock
no-issue

Should not have existed
2019-09-03 18:46:56 +08:00
Fabien O'Carroll
33ff98f789 Published new versions
- @tryghost/magic-link@0.1.0
 - @tryghost/members-api@0.4.0
 - @tryghost/members-auth-pages@1.1.1
 - @tryghost/members-browser-auth@0.2.1
 - @tryghost/members-gateway-api@0.1.5
 - @tryghost/members-gateway-protocol@0.1.3
 - @tryghost/members-ssr@0.3.0
 - @tryghost/members-theme-bindings@0.2.4
2019-09-03 18:25:17 +08:00
Fabien O'Carroll
d9fd07ef7f Fixed getMemberIdentityData method
no-issue

The users.get method expects an object with email prop
2019-09-03 18:21:04 +08:00
renovate[bot]
6e3f89691d Update dependency eslint to v6 (#43) 2019-09-03 17:03:20 +08:00
renovate[bot]
7438b928bc Update dependency grunt-shell to v3 (#25) 2019-09-03 17:03:12 +08:00
renovate[bot]
d0143d1130 Update dependency react-stripe-elements to v5 (#49) 2019-09-03 16:55:54 +08:00
renovate[bot]
047484a51b Pin dependencies (#21) 2019-09-03 16:53:48 +08:00
Fabien O'Carroll
75a6ccf669 Updated members-ssr to work with members-api
no-issue

This updaes the ssr package to work with the new magic link signin method
2019-09-03 15:35:04 +08:00
Fabien O'Carroll
af6c897a14 Updated members-api to use magic-link
no-issue

This removes a *lot* of funtionality, stripping the members-api module
to *only* handle the magic link signin flow.
2019-09-03 15:35:04 +08:00
Fabien O'Carroll
fa54dc569e Created @tryghost/magic-link module (#50)
* slimer create magic-link

Created the initial magic-link project

* Added usage section to README

* Installed types and deps for magic-link

* Added tsconfig.json

* Initial commit for magic-link module

* Renamed hello.test.js -> index.test.js

* Added initial basic test

* Removed test util directory

* Updated ecmaVersion for test eslint parserOptions

* Added tests for MagicLink

* Added language to README usage codeblock

* Updated sendMagicLink to return SentMessageInfo

* Updated README

* Updated README usage example

* Fixed types
2019-09-03 11:07:03 +08:00
Renovate Bot
c2d43cc3c4 Update dependency eslint-plugin-ghost to v0.5.0 2019-08-26 01:27:38 +00:00
Renovate Bot
6276c82888 Update dependency sinon to v7.4.1 2019-08-12 05:28:29 +00:00
Renovate Bot
7e2f6bc7f5 Update dependency browserify to v16.5.0 2019-08-12 03:26:43 +00:00
Renovate Bot
017c24992f Roll back dependency sinon to 7.3.2 2019-08-12 00:30:26 +00:00
Renovate Bot
b8ae86a8ea Update dependency sinon to v7.4.0 2019-08-05 01:28:22 +00:00
Renovate Bot
97d34b2aa1 Update dependency mocha to v6.2.0 2019-07-22 01:28:44 +00:00
Fabien O'Carroll
283c5fea58 Published new versions
- @tryghost/members-api@0.3.0
2019-07-17 18:23:25 +08:00
Fabien O'Carroll
1fb969ad36 Refactored to improve logging and error handling
* Installed stripe@7.4.0

refs #38

We were relying on stripe being installed in Ghost, this moves the dep
to the correct package.

* Created exponentialBackoff wrapper for stripe api

refs #38

https://stripe.com/docs/testing#rate-limits The stripe docs suggest to
use exponential backoff when recieving a rate limit error. This wrapper
will wrap stripe api calls, and retry them after 1s,2s,4s,8s,16s until
eventually failing. This gives a total of 5 retries over 31s.

* Added wrappers around the stripe api calls

refs #38

* Ensured all calls to stripe api go via exp backoff

refs #38

* Scaffolding out the error handling for stripe api

* Forwarding all errors

* Refactored stripe api into modules

* Ensured the ready promise object is not replaced

* Added logging setup

- Sets up common logger structure with custom logger passed through

* Ensure logger is kept in module state

* Renamed updateLogger to setLogger

* Removed `logger` param and exposed setLogger method

* Ensured different ids used for test mode

* Ensure setLogger works for prototype methods

* Removed reconfigureSettings method

* Updated payment processer service to keep static ready promise

* Added eventemitter to member api instance to handle errors

* Moved logging of errors to http level
2019-07-17 18:20:13 +08:00
Fabien O'Carroll
bd5d2a664b Published new versions
- @tryghost/members-ssr@0.2.1
2019-07-17 18:07:35 +08:00
Fabien O'Carroll
21123d4061 Fixed getMemberDataFromSession usage of membersApi
no-issue

Since we allow the membersApi to be a thunk - we must wrap all
references to it in a call to get
2019-07-17 18:05:38 +08:00
Fabien O'Carroll
5a4efd2eec Published new versions
- @tryghost/members-ssr@0.2.0
2019-07-17 15:07:16 +08:00
Fabien O'Carroll
942187f48e Added support for passing thunk for membersApi
no-issue

This is to allow support for consumers to dynamically update their
membersApi instance, for example when configuration changes, and not
have to replace the instance of members-ssr
2019-07-17 15:06:20 +08:00
Fabien O'Carroll
192f27b5bd Published new versions
- @tryghost/members-auth-pages@1.1.0
 - @tryghost/members-browser-auth@0.2.0
 - @tryghost/members-theme-bindings@0.2.3
2019-07-09 18:45:57 +08:00
Fabien O'Carroll
474c495331 Stopped browser-auth editing src of auth-pages frame
refs #36

This removes the behaviour of forcing the `src` property to change when
opening the auth pages and insteads posts a message "asking" the auth
pages to update the location hash.
2019-07-09 18:44:53 +08:00
Fabien O'Carroll
550ea70c9c Allowed auth-pages to update location from message
refs #36

This will allow the members-browser-auth library to post messages to the
auth-pages iframe, asking it to update the location from inside the
frame.
2019-07-09 18:44:53 +08:00
Fabien O'Carroll
f89677b1ce Published new versions
- @tryghost/members-auth-pages@1.0.0
2019-07-09 15:49:47 +08:00
Fabien O'Carroll
54560050c6 Updated auth-pages to use new members static url (#35)
refs https://github.com/TryGhost/Ghost/issues/10886

Since updating the static pages, the auth pages would be broken, this
updates them to correctly parse and load the static urls.
2019-07-09 15:49:05 +08:00
Fabien O'Carroll
20c60e4de3 Published new versions
- @tryghost/members-api@0.2.0
 - @tryghost/members-browser-auth@0.1.3
 - @tryghost/members-gateway-api@0.1.4
 - @tryghost/members-theme-bindings@0.2.2
2019-07-09 15:39:16 +08:00
Fabien O'Carroll
34f7b2c7d6 Updated members-api to export a router instance
no-issue

This was the original design, to make it easy to incorporate into
another application, but the URL structure in Ghost did not allow for
it, we've since learnt that the URL structure _should_ be how it is
here, so we can export a router with both the auth endpoints and the
static files for the gateway
2019-07-09 15:23:11 +08:00
Renovate Bot
584d725e12 Update dependency eslint-plugin-ghost to v0.4.0 2019-07-08 02:24:52 +00:00
Renovate Bot
44e37f3ed5 Update dependency browserify to v16.3.0 2019-07-08 01:25:08 +00:00
Renovate Bot
cc096d5c84 Update dependency eslint-plugin-ghost to v0.3.0 2019-07-01 01:28:27 +00:00
Fabien O'Carroll
3475975519 Published new versions
- @tryghost/members-theme-bindings@0.2.1
2019-06-25 14:58:43 +07:00
Fabien O'Carroll
99a8ae197e Fixed createSession call on signedin event
no-issue

This was missing the ssrUrl property.
2019-06-25 14:52:42 +07:00
Fabien O'Carroll
f220ee10c7 Published new versions
- @tryghost/members-api@0.1.2
 - @tryghost/members-auth-pages@0.2.2
 - @tryghost/members-browser-auth@0.1.2
 - @tryghost/members-gateway-api@0.1.3
 - @tryghost/members-gateway-protocol@0.1.2
 - @tryghost/members-theme-bindings@0.2.0
2019-06-25 14:22:42 +07:00
Fabien O'Carroll
979af9f234 Removed hardcoded url values
no-issue

This gives greater flexibility in the application which handles the urls
for this, allowing the urls to be changed and configured in only one
codebase.
2019-06-25 14:18:07 +07:00
Renovate Bot
ca998d0529 Update dependency jsdom to v15.1.1 2019-06-03 01:27:16 +00:00
Renovate Bot
32a13bf561 Update dependency jsdom to v15.1.0 2019-05-13 02:30:08 +00:00
Renovate Bot
d582e03743 Update dependency grunt to v1.0.4 2019-05-13 01:28:42 +00:00
Fabien O'Carroll
8728a677c5 Published new versions
- @tryghost/members-auth-pages@0.2.1
2019-05-08 11:47:13 +02:00
Fabien O'Carroll
1ae43a9ce0 Added blank.js to root of auth-pages
no-issue

This is so we have a valid js file for node require resolution
2019-05-08 11:45:33 +02:00
Fabien O'Carroll
497934bb6a Renamed app.js back to index.js
no-issue

Preact was having issues when the entrypoint wasn't named index.js
2019-05-08 11:43:13 +02:00
Fabien O'Carroll
fddc13bca1 Published new versions
- @tryghost/members-auth-pages@0.2.0
2019-05-07 18:09:44 +02:00
Fabien O'Carroll
00ed51f157 Added blank index.js file
no-issue

This is to ensure that node can correctly resolve the module
2019-05-07 18:08:37 +02:00
Fabien O'Carroll
4633ea06e4 Published new versions
- @tryghost/members-api@0.1.1
 - @tryghost/members-auth-pages@0.1.2
2019-05-07 17:40:25 +02:00
Fabien O'Carroll
9507aeb10f Published new versions
- @tryghost/members-auth-pages@0.1.1
2019-05-07 17:36:02 +02:00
Fabien O'Carroll
ac847dbecd Added default test dir and eslintrc
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
986791d091 Added package.json and deps for members-api
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
9e65199f14 Updated require paths for local modules
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
7ec3f61e71 Refactored directory structure
no-issue

This is to better fit the index.js, lib model
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
7b6e73e093 Refactored lib/members to remove unused router
no-issue

Also exposes the getPublicKeys method
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
2c9130a244 Removed serving of auth pages from lib/members
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
bf156b0b79 Removed auth pages from lib/members
no-issue

These have been moved to https://github.com:TryGhost/Members
2019-05-07 17:35:17 +02:00
Zimo
5101735f9d Updated members payment failed copy and style
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
79f31b7323 Updated token generation to use plans on member
no-issue

This is to remove duplication of logic, that now lives solely in the
getMember method
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
239237f402 Updated getMember to return plans
no-issue

Plans are distinct from subscriptions, as in theory a subscription could
have many plans. These moves the construction of the plans array into
the getMember function so that every consumer has access to the same
data.
2019-05-07 17:35:17 +02:00
Rish
618f7e35cc Updated signup flow to handle invalid payments
no issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
371a0698a6 Fixed bug with deleting members after config change 2019-05-07 17:35:17 +02:00
Fabien O'Carroll
c1a85e8bc3 Updated members auth pages to use gateway-protocol (#10695)
no-issue

This swaps out a hand copied library with the published one on npm
2019-05-07 17:35:17 +02:00
Zimo
9e53c6332a Added close event on member pages background click 2019-05-07 17:35:17 +02:00
Peter Zimon
540977fcb8 Members refine buttons (#10692)
* Members: disabled signup button during signup

* Members: disabled non-Stripe signup button during signup

* Members: added check to Log in button logged in state
2019-05-07 17:35:17 +02:00
Zimo
d63127bcdc Updated mobile styles for members upgrade screen 2019-05-07 17:35:17 +02:00
Fabien O'Carroll
ac9daac9f2 Fixed subscription issue with null coupons
no-issue

Coupons were being sent as null to the api, so we support non required fields
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
6e37c50ce7 Added default disabled state of false to FormInput
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
43d65d0709 Removed unused onClick handler in StripeSubscribePage
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
c1c13379c7 Added coupon support to StripeSubscribePage
no-issue

Only shows the (disabled) input when a coupon is available
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
9a5abbbde2 Cleaned up render{Subscribe,Upgrade}Page
no-issue

- ensured promises are returned
- removed unused prop
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
016e29c5a8 Added CouponInput component
no-issue

This can be used in the subscribe pages to pass coupon info through
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
e0225b8b54 Added support for disabled form elements
no-issue

This can be used for a coupon input in future
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
fbe6ba4b49 Updated members api and gateway to pass coupo
no-issue

This will allow the auth pages and members sdk to pass coupons through
to the api.
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
f99d66d8b9 Passed coupon from metadata through to stripe
no-issue

This will allow us to send through coupons from the api layer and have
stripe handle the rest :)
2019-05-07 17:35:17 +02:00
Rish
b00c82d3a6 Added spinner on member signup pages
no issue
2019-05-07 17:35:17 +02:00
Rish
0fbc808ff9 Updated member signin page to show logged in status
no issue
2019-05-07 17:35:17 +02:00
Zimo
8cb3c1510d Added fade in for signup complete page 2019-05-07 17:35:17 +02:00
Peter Zimon
43adc432f5 Members refinements (#10689)
* Updated close animation speed for members pages
* Updated responsive styles for members mobile screens 
* Adding spinner CSS to members pages
* Adding members signup complete page
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
10bfe05b39 Updated theme layer to use members-ssr (#10676)
* Removed support for cookies in members auth middleware

no-issue

The members middleware will no longer be supporting cookies, the cookie
will be handled by a new middleware specific for serverside rendering,
more informations can be found here:

https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5

* Removed members auth middleware from site app

no-issue

The site app no longer needs the members auth middleware as it doesn't
support cookies, and will be replaced by ssr specific middleware.

https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5

* Added comment for session_secret setting

no-issue

We are going to have multiple concepts of sessions, so adding a comment
here to be specific that this is for the Ghost Admin client

* Added theme_session_secret setting dynamic default

no-issue

Sessions for the theme layer will be signed, so we generate a random hex
string to use as a signing key

* Added getPublicConfig method

* Replaced export of httpHandler with POJO apiInstance

no-issue

This is mainly to reduce the public api, so it's easier to document.

* Renamed memberUserObject -> members

no-issue

Simplifies the interface, and is more inline with what we would want to export as an api library.

* Removed use of require options inside members

no-issue

This was too tight of a coupling between Ghost and Members

* Simplified apiInstance definition

no-issue

* Added getMember method to members api

* Added MembersSSR instance to members service

* Wired up routes for members ssr

* Updated members auth middleware to use getPublicConfig

* Removed publicKey static export from members service

* Used real session secret

no-issue

* Added DELETE /members/ssr handler

no-issue

This allows users to log out of the theme layer

* Fixed missing code property

no-issue

Ignition uses the statusCode property to forward status codes to call sites

* Removed superfluous error middleware

no-issue

Before we used generic JWT middleware which would reject, now the
middleware catches it's own error and doesn't error, thus this
middleware is unecessary.

* Removed console.logs

no-issue

* Updated token expirty to hardcoded 20 minutes

no-issue

This returns to our previous state of using short lived tokens, both for
security and simplicity.

* Removed hardcoded default member settings

no-issue

This is no longer needed, as defaults are in default-settings.json

* Removed stripe from default payment processor

no-issue

* Exported `getSiteUrl` method from url utils

no-issue

This keeps inline with newer naming conventions

* Updated how audience access control works

no-issue

Rather than being passed a function, members api now receives an object
which describes which origins have access to which audiences, and how
long those tokens should be allowed to work for. It also allows syntax
for default tokens where audience === origin requesting it. This can be
set to undefined or null to disable this functionality.

{
    "http://site.com": {
        "http://site.com": {
            tokenLength: '5m'
        },
        "http://othersite.com": {
            tokenLength: '1h'
        }
    },
    "*": {
        tokenLength: '30m'
    }
}

* Updated members service to use access control feature

no-issue

This also cleans up a lot of unecessary variable definitions, and some
other minor cleanups.

* Added status code to auth pages html response

no-issue

This was missing, probably default but better to be explicit

* Updated gateway to have membersApiUrl from config

no-issue

Previously we were parsing the url, this was not very safe as we can
have Ghost hosted on a subdomain, and this would have failed.

* Added issuer to public config for members

no-issue

This can be used to request SSR tokens in the client

* Fixed path for gateway bundle

no-issue

* Updated settings model tests

no-issue

* Revert "Removed stripe from default payment processor"

This reverts commit 1d88d9b6d73a10091070bcc1b7f5779d071c7845.

* Revert "Removed hardcoded default member settings"

This reverts commit 9d899048ba7d4b272b9ac65a95a52af66b30914a.

* Installed @tryghost/members-ssr

* Fixed tests for settings model
2019-05-07 17:35:17 +02:00
Rish
345d69102a Updated subscription data in member request
no issue

- Added subscription amount to member subscription data
2019-05-07 17:35:17 +02:00
Rishabh Garg
daf5a41af0 Added Admin API for deleting members (#10673)
no issue

- Added new API to delete members
- Added methods to handle e2e member deletion
- Deleting member via Admin leads to
  - Removal of member from payment processor and cancelling all active subscriptions immediately
  - Removal of member information from DB
2019-05-07 17:35:17 +02:00
Rish
bc889ae9a0 Refactored members auth flow with dynamic settings
no issue

- Updated members auth flow UI
- Updated members settings and routing to be dynamic
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
25aac1359d Added support for serverside rendering of members content (#10522)
no-issue

- Added member auth middleware to siteApp
- Passed member as context in routing service
- set Cache-Control: private for member requests
- fucked up some tests
- Added member as global template variable
- Updated tokens to have expiry of subscription_period_end
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
121b7d200f Improved Members security and performance (#10511)
no-issue

* Corrected function names for rpc methods

* Updated gateway to store tokens locally

* Fixed lint

* Added hardcoded 30 minute expiry for member tokens

* Added default contentApiAccess config;

* Updated validateAudience method

This is required for security, we need to restrict which domains can access
tokens meant for the content api
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
eb94871b6c Added upgrade page to members auth (#10513)
no-issue
2019-05-07 17:35:17 +02:00
Zimo
3b7d35ed0a Applying basic styles to members popups
no issue
2019-05-07 17:35:17 +02:00
Rish
a06d924493 Updated members modal UI structure
no issue
2019-05-07 17:35:17 +02:00
Rishabh Garg
beeedf7005 Updated signup page for members (#10493)
no issue

* Added new subscribe page with stripe integration
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
464caaf5df Updated product hashseed to be hardcoded (#10484)
no-issue
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
cd674fb470 Added config endpoint to Member API (#10467)
no-issue

* Added getPublicConfig method to stripe payment processor
* Added getPublicConfig method to subscriptions service
* Added initial config endpoint for members api
* Added getConfig method to members gateway
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
88b9f25541 Added initial subscription support with stripe to Members API (#10460)
These changes introduce a new "service" to the members api, which handles getting and creating subscriptions.

This is wired up to get subscription information when creating tokens, and attaching information to the token, so that the Content API can allow/deny access. 

Behind the subscription service we have a Stripe "payment processor", this holds the logic for creating subscriptions etc... in Stripe.

The logic for getting items out of stripe uses a hash of the relevant data as the id to search for, this allows us to forgo keeping stripe data in a db, so that this feature can get out quicker.
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
e1ba916ce6 Refactored auth pages for future flows (#10458)
no-issue

* Used camelCase for gateway method calls
* Added some components for building blocks of forms
* Added input specific components
* Added Form component
    This handles collecting the data to submit and sharing state between forms
* Added Pages component to handle urls
* Added the pages for the popup
* Added MembersProvider component
    This is designed to give its children access to gateway methods
* Added Modal component
    This wraps the pages and handles dispatching form submissions to the members gateway
* Refactored index.js to use new components/pages
* Fixed default page from Signup -> Signin
2019-05-07 17:35:17 +02:00
Rishabh Garg
0b2d70d617 Added new admin API for members (#10435)
no issue

- Added read and browse admin API for members
2019-05-07 17:35:17 +02:00
Rish
740209e2e4 Fixed console getting cleared on dev start
closes https://github.com/TryGhost/Ghost/issues/10409

- Removed `clearConsole` on preact cli
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
5ffdfe9875 Refactored members for management api (#10408)
no-issue
2019-05-07 17:35:17 +02:00
Rish
7ef520c2ea Fixed error handling for members reset password
no-issue

- Both input and form error was shown on submitting reset-password form
- Does not submit form anymore in case of validation errors
2019-05-07 17:35:17 +02:00
Peter Zimon
8d87eedcb4 Members auth ui refinements (#10279)
* Update mobile modal animations
* Member popup input error and placeholder refinements
* Adding close animation to members auth popups
* Improve members auth dialog
* Refine members reset password design
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
99aeda5909 Removed ssoOriginCheck from signout endpoint (#10277)
no-issue

the ssoOriginCheck exists to ensure that we only allow signin/signup to
be called from the specified auth page, this is a very minor security
feature in that it forces signins to go via the page you've designated.
signout however does not need this protection as the call to signout
completely bypasses any UI (this is the same for the call to /token)
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
b219e26ea6 Added members lib module (#10260)
* Added members library inc. gateway

refs #10213

* Added the auth pages and build steps for them

refs #10213

* Cleaned up logs

* Updated gruntfile to run yarn for member auth

* Design refinements on members popups

* UI refinements

* Updated backend call to trigger only if frontend validation passes

* Design refinements for error messages

* Added error message for email failure

* Updated request-password-reset to not attempt to send headers twice

* Updated preact publicPath to relative path

* Build auth pages on init
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
e511fcf4d9 Renamed index.js to app.js
no-issue

This is so when requiring the module we don't require a preact app in
2019-05-07 17:35:17 +02:00
Fabien O'Carroll
adf8da686a Updated package.json to match packages
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
07e15b8f68 Added blank index.js
no-issue

This is to ensue the module is a valid node module
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
2731953423 Included dist and index.js in package files array
no-issue

This is to ensure the dist directory is including the the tarball for
npm, and that the module has an index.js file so it can be
requires/resolved
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
3679f10783 Fixed clean script to use dist directory
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
fd07779c1e Renamed index.js to app.js
no-issue

This is so when requiring the module we don't require a preact app in
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
3f71eccc77 Updated output public path to use root
no-issue

When installing this module in another project, we want to serve the
entire `dist` directory as-is, on whichever path we want, rather than
enforicing a /static after the relative part.
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
b31162b182 Renamed package to @tryghost/members-auth-pages
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
341d4294fc Updated to preact-cli@next
no-issue

This version includes support for workspaces
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
31d8ab12d7 Disabled linting temporarily
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
1bad6dee4e Fixed linting for auth-pages
no-issue
2019-05-07 17:15:50 +02:00
Zimo
d805f93c14 Updated members payment failed copy and style
no-issue
2019-05-07 17:15:50 +02:00
Rish
0872ff4e9b Updated signup flow to handle invalid payments
no issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
946514d630 Updated members auth pages to use gateway-protocol (#10695)
no-issue

This swaps out a hand copied library with the published one on npm
2019-05-07 17:15:50 +02:00
Zimo
0db210ab68 Added close event on member pages background click 2019-05-07 17:15:50 +02:00
Peter Zimon
25e5a31d91 Members refine buttons (#10692)
* Members: disabled signup button during signup

* Members: disabled non-Stripe signup button during signup

* Members: added check to Log in button logged in state
2019-05-07 17:15:50 +02:00
Zimo
e163f527a0 Updated mobile styles for members upgrade screen 2019-05-07 17:15:50 +02:00
Fabien O'Carroll
ce68df5462 Fixed subscription issue with null coupons
no-issue

Coupons were being sent as null to the api, so we support non required fields
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
9692a0f066 Added default disabled state of false to FormInput
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
9a842cab7c Removed unused onClick handler in StripeSubscribePage
no-issue
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
eb0463b119 Added coupon support to StripeSubscribePage
no-issue

Only shows the (disabled) input when a coupon is available
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
5cb9850784 Cleaned up render{Subscribe,Upgrade}Page
no-issue

- ensured promises are returned
- removed unused prop
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
f0f1583817 Added CouponInput component
no-issue

This can be used in the subscribe pages to pass coupon info through
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
5b063659d0 Added support for disabled form elements
no-issue

This can be used for a coupon input in future
2019-05-07 17:15:50 +02:00
Rish
f3722b6979 Added spinner on member signup pages
no issue
2019-05-07 17:15:50 +02:00
Rish
ab2f65e5a5 Updated member signin page to show logged in status
no issue
2019-05-07 17:15:50 +02:00
Zimo
26728c50a8 Added fade in for signup complete page 2019-05-07 17:15:50 +02:00
Peter Zimon
09fde87ad9 Members refinements (#10689)
* Updated close animation speed for members pages
* Updated responsive styles for members mobile screens 
* Adding spinner CSS to members pages
* Adding members signup complete page
2019-05-07 17:15:50 +02:00
Rish
19f243aed1 Refactored members auth flow with dynamic settings
no issue

- Updated members auth flow UI
- Updated members settings and routing to be dynamic
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
33c574f257 Added support for serverside rendering of members content (#10522)
no-issue

- Added member auth middleware to siteApp
- Passed member as context in routing service
- set Cache-Control: private for member requests
- fucked up some tests
- Added member as global template variable
- Updated tokens to have expiry of subscription_period_end
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
b51b6b1d43 Added upgrade page to members auth (#10513)
no-issue
2019-05-07 17:15:50 +02:00
Zimo
3fbe1981d0 Applying basic styles to members popups
no issue
2019-05-07 17:15:50 +02:00
Rish
84d09e7dc6 Updated members modal UI structure
no issue
2019-05-07 17:15:50 +02:00
Rishabh Garg
7d826c4b44 Updated signup page for members (#10493)
no issue

* Added new subscribe page with stripe integration
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
b1a1f61d5d Refactored auth pages for future flows (#10458)
no-issue

* Used camelCase for gateway method calls
* Added some components for building blocks of forms
* Added input specific components
* Added Form component
    This handles collecting the data to submit and sharing state between forms
* Added Pages component to handle urls
* Added the pages for the popup
* Added MembersProvider component
    This is designed to give its children access to gateway methods
* Added Modal component
    This wraps the pages and handles dispatching form submissions to the members gateway
* Refactored index.js to use new components/pages
* Fixed default page from Signup -> Signin
2019-05-07 17:15:50 +02:00
Rish
0755036926 Fixed console getting cleared on dev start
closes https://github.com/TryGhost/Ghost/issues/10409

- Removed `clearConsole` on preact cli
2019-05-07 17:15:50 +02:00
Rish
42bed3c22d Fixed error handling for members reset password
no-issue

- Both input and form error was shown on submitting reset-password form
- Does not submit form anymore in case of validation errors
2019-05-07 17:15:50 +02:00
Peter Zimon
e85a6a1cac Members auth ui refinements (#10279)
* Update mobile modal animations
* Member popup input error and placeholder refinements
* Adding close animation to members auth popups
* Improve members auth dialog
* Refine members reset password design
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
07b6e73bd8 Added members lib module (#10260)
* Added members library inc. gateway

refs #10213

* Added the auth pages and build steps for them

refs #10213

* Cleaned up logs

* Updated gruntfile to run yarn for member auth

* Design refinements on members popups

* UI refinements

* Updated backend call to trigger only if frontend validation passes

* Design refinements for error messages

* Added error message for email failure

* Updated request-password-reset to not attempt to send headers twice

* Updated preact publicPath to relative path

* Build auth pages on init
2019-05-07 17:15:50 +02:00
Fabien O'Carroll
8d8c8a69ca Published new versions
- @tryghost/members-ssr@0.1.5
2019-05-06 12:25:45 +02:00
Fabien O'Carroll
7e5733998e Removed request stream consumption unless required
no-issue

This is to avoid the getMemberDataFromCookie helper consuming the
request stream before other handlers can read from it.
2019-05-06 12:23:27 +02:00
Fabien O'Carroll
9f307746ca Published new versions
- @tryghost/members-browser-auth@0.1.1
 - @tryghost/members-gateway-api@0.1.2
 - @tryghost/members-gateway-protocol@0.1.1
 - @tryghost/members-ssr@0.1.4
 - @tryghost/members-theme-bindings@0.1.0
2019-04-23 16:47:39 +02:00
Renovate Bot
67135f58e8 Pin dependencies 2019-04-23 16:46:09 +02:00
Fabien O'Carroll
ce7f55b7b9 Added clean commands for prebuild and pretest
no-issue
2019-04-23 16:45:05 +02:00
Fabien O'Carroll
5b8fe0f643 Updated init method to take siteUrl named param 2019-04-23 16:42:11 +02:00
Fabien O'Carroll
87690f9a03 Added members-theme-bindings module
no-issue
2019-04-23 16:42:11 +02:00
Renovate Bot
9e996857bc Update dependency jsdom to v15 2019-04-23 10:16:13 +02:00
Renovate Bot
7187a4e074 Pin dependency keypair to 1.0.1 2019-04-23 10:15:48 +02:00
Renovate Bot
b5e9bf7047 Update dependency jsdom to v14.1.0 2019-04-22 03:43:40 +00:00
Renovate Bot
f374362ba5 Update Test & linting packages 2019-04-22 01:29:05 +00:00
Fabien O'Carroll
c70f1c7b45 Published new versions
- @tryghost/members-browser-auth@0.1.0
 - @tryghost/members-gateway-api@0.1.1
2019-04-18 14:09:55 +02:00
Fabien O'Carroll
bfa1354ef4 Updated gateway-api package.json 2019-04-18 14:08:11 +02:00
Fabien O'Carroll
d5972c137c Added initial browser-auth package 2019-04-18 14:07:59 +02:00
Fabien O'Carroll
3432d6801b Published new versions
- @tryghost/members-gateway-api@0.1.0
2019-04-18 13:50:06 +02:00
Fabien O'Carroll
8fe55f2306 Added initial gateway-api module 2019-04-18 13:49:26 +02:00
Fabien O'Carroll
6aa6da6da0 Published new versions
- @tryghost/members-gateway-protocol@0.1.0
 - @tryghost/members-ssr@0.1.3
2019-04-18 13:09:32 +02:00
Fabien O'Carroll
13b7f536e8 Enabled public access for members-gateway-protocol 2019-04-18 12:21:56 +02:00
Fabien O'Carroll
e0643344a2 Published new versions
- @tryghost/members-ssr@0.1.2
2019-04-18 12:16:29 +02:00
Fabien O'Carroll
766635ab85 Fixed lint task for members-ssr package 2019-04-18 11:40:42 +02:00
Fabien O'Carroll
8ce18f2b4b Removed sdk dir (#6) 2019-04-18 11:40:22 +02:00
Fabien O'Carroll
182b43b5b2 Created members-gateway-protocol package (#5) 2019-04-18 11:03:44 +02:00
Fabien O'Carroll
99c4a454ad Added support for signup buttons w/ coupons
no-issue

This will allows themes to have an element like:
<el data-members-signup data-members-coupon="blah"/>

To open the signup page, and optionally apply a coupon
2019-04-17 11:30:51 +02:00
Fabien O'Carroll
3c3cbabacf Refactored dropin script event handlers
no-issue
2019-04-17 11:30:51 +02:00
Fabien O'Carroll
547b27aa68 Added signup method to open signup page w/ coupon
no-issue

This is so that coupons can be passed to the auth pages
2019-04-17 11:30:51 +02:00
Rish
cf7c8df6f7 Published new versions
- @tryghost/members-ssr@0.1.1
2019-04-16 19:14:57 +05:30
Rish
a9453604cc Updated publish config 2019-04-16 19:13:45 +05:30
Rish
8fd78ab221 Published new versions
- @tryghost/members-ssr@0.1.0
2019-04-16 18:14:59 +05:30
Fabien O'Carroll
b22d254c12 Updated members-ssr package name 2019-04-16 12:28:58 +02:00
Fabien O'Carroll
60cdf82354 Removed lazy loading 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
de410052dd Removed lint task for members-ssr
no-issue

For some reason this task hangs. Need to fix
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
68fa28b4f5 Updated dropin script to use SSR tokens
no-issue

This finalises the use of SSR for the dropin script
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
73b18e6566 Added getSSRToken method to members layer2
no-issue

This fetches a token with an audience of the members api to be used with SSR
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
cd5a9d0c6b Fixed lazy load of auth pages
no-issue

dumb mistake, cant call then on a function
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
37266cf552 Added getConfig method to members layer1
no-issue

This can be used for fetching information about the members api
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
ee11ef5cf4 Added lazyLoad support for auth pages
no-issue
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
ae32d3e2b5 Updated README
no-issue
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
32e81fb030 Updated example
no-issue
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
27bb3a6955 Updated theme-dropin to use correct audience for SSR
no-issue

This is to be inline with the updated use of audience claims
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
632fdce8b1 Added deleteSession method
no-issue

This will be used for logout
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
8ae95f6d32 Updated to return Promise.reject rather than throw
no-issue

This is cleaner IMO
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
eaf163cb9c Updated to use membersApi iss as expected aud
no-issue

This is because we now use specific URLs for audiences claims, e.g. for
members running locally the audience would be:

    - http://localhost:2368/ghost/api/v2/members/
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
524e32bed5 Removed unused token parsing and cookie checks
no-issue

We no longer store anything in document.cookie, so all of this code is
redundant
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
17fd366e3b Updated SDK to use new serverside rendering
no-issue
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
db74ef3d1a Used return value of {set,remove}Cookie
no-issue

Soon these functions will make network calls, returning them allows us to use promises
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
02468bfe0c Fixed cookie verification handling
no-issue

turns out the get method fails if the cookie is missing, rather than returning null
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
1ee0720ed5 Ran yarn add concat-stream
no-issue

Used for getting contents of request stream
2019-04-16 12:22:55 +02:00
Fabien O'Carroll
5c9ed65b06 Added runnable example w/ mock membersApi 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
2e40e253d6 Implemented MVP 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
47f46d5b9b Added example usage to README 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
e55430c726 Ran yarn add --dev keypair 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
d4a8e3dc1e Ran yarn add cookies jsonwebtoken 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
803b09664c Ran slimer new members-ssr 2019-04-16 12:22:55 +02:00
Fabien O'Carroll
cbbd28cc90 Ensured that signups/signins get fresh token
no-issue

This is to avoid any weirdness around the two requests for signup to a
paid site. First we have the signup request, and then we have the create
subscription request. After the first signup request a "signedin" event
is fired, fetching a token, but one without any plans.
2019-03-25 09:35:07 +01:00
Fabien O'Carroll
036b195af9 Fixed upgrade not updating member state on reload
no-issue

The problem here is that upgrade would recieve the same token from the
localStorage cache, rather than a brand new token with the plan info.
2019-03-25 09:35:07 +01:00
Fabien O'Carroll
487326aef5 Updated layer2 to pass fresh param to layer1
no-issue

This is needed so that the theme dropin script can ensure that a new
token is recieved after upgrade
2019-03-25 09:35:07 +01:00
Fabien O'Carroll
709a1cce4e Updated layer1 to pass fresh param to gateway
no-issue

This is needed so that we can request a brand new token from layer1, in
the instance of knowing user data has changed, we can have a token whihc
reflects it.
2019-03-25 09:35:07 +01:00
Fabien O'Carroll
5dfcbb6b5e Added missing semicolons
no-issue
2019-03-25 09:35:07 +01:00
Fabien O'Carroll
e553ea6e02 Corrected refs for content-api and layer1 deps
no-issue

content-api is not in same repo any more, layer1 brought inline with how
layer2 works
2019-03-25 09:35:07 +01:00
Rish
e6e5209a8c Moved members SDK packages from Ghost-SDK 2019-03-14 13:16:15 +05:30
Rish
ef01a65da5 Initial commit 2019-03-14 12:14:23 +05:30
Fabien O'Carroll
cfac2339cb Updated members drop-in script to set cookie for SSR (#61)
no-issue
2019-02-25 10:17:58 +01:00
Rish
db8d51f458 Updated members SDK 2019-02-23 17:29:02 +07:00
Fabien O'Carroll
7c360aa51d Updated members SDK to handle upgrade (#52)
no-issue

Adds update method to layer 2

Adds update support to drop in script

Improves flickering
2019-02-23 04:33:14 +01:00
Fabien O'Carroll
8d2bbe5b0d Updated members sdk to latest content-api (#45)
no-issue

* Upgrade to latest content api
* Removed unused closeAuth

* Removed auto close of popup and wait for event
* Added globals to top of file
2019-02-06 17:03:55 +01:00
John O'Nolan
0f6809bab5 2019 2019-01-01 14:38:49 +00:00
Fabien O'Carroll
51be84182d Updated members sdks for third party use (#25)
* Pass container from layer2 for iframes to be attached

* Updated layer2 to resolve with success for auth page methods

* Updated theme dropin to reload when auth method succeeds
2018-12-10 15:55:10 +07:00
Fabien O'Carroll
b990761136 Updated layer2 to listen to close request from auth popup 2018-12-09 14:00:02 +07:00
Fabien O'Carroll
aec178ee8b Removed hash after password reset 2018-12-07 18:59:47 +07:00
Fabien O'Carroll
cf6822ba36 Fixed JWT regex 2018-12-07 16:21:52 +07:00
Fabien O'Carroll
9b105e7590 Members update (#24)
* Ignored build

* Deleted build dir

* Updated layer1 to interface with simplified gateway

* Updated layer1 to only handle gateway

* Updated layer2 to handle gateway & auth, but no DOM

* Updated theme dropin to handle DOM

* Updated layer2;

* Added password-reset flow to the member dropin script

* Reload page after password reset
2018-12-07 14:32:23 +05:30
Zimo
eddcbaff5b Update position of auth iFrame 2018-12-04 19:42:47 +01:00
Zimo
481b9d6459 Update members iFrame style 2018-12-04 19:33:21 +01:00
Zimo
0c8af4fa64 Update members auth iFrame style 2018-12-04 19:24:03 +01:00
Fabien O'Carroll
cb5592d853 Updated member layers (#23)
* Corrected the event handling of layer0

* Updated layer1 to use layer0

* Updated dropin script to read blogUrl from window;
2018-12-04 09:24:04 +05:30
Fabien O'Carroll
399219b6ea Members layer0 (#22)
* Created initial layer0 sdk

* Updated layer1 to use layer0

* Updated layer2 to accept and pass blogUrl to layer1

* Updated theme-dropin to pass blogUrl to layer2

* Updated yarn.lock
2018-11-23 15:43:16 +07:00
Rishabh Garg
56bbc14d43 Created drop-in script module for ghost themes (#19)
* Added WIP drop-in script for prototype

* Cleaned up theme dropping script module

- Updated layer2 to work with reload as an option, as well as sign-in cta on the page

* Handle cat failure

* Updated SDK data attires

* Used commonjs exports

* Used browserify for the build
2018-11-15 14:36:51 +07:00
Fabien O'Carroll
dacd58c768 Update packages/members/layer2/index.js 2018-11-14 17:36:26 +05:30
Fabien O'Carroll
52759bceb1 Updated layer2 to inline with drop in solution 2018-11-14 17:36:26 +05:30
Fabien O'Carroll
37e8d5b670 Updated README for members layer2 SDK 2018-11-14 15:12:59 +07:00
Fabien O'Carroll
51a5e53c06 Updated layer2 drop in script to set/unset cookies (#17)
* Updated layer2 drop in script to set/unset cookies

* Use ES5 and remove transforms
2018-11-14 15:09:29 +07:00
Fabien O'Carroll
7fdbd57667 Fixed logout for members layer1
no-issue

LocalStorage converts items to strings so "null" was being stored.
2018-11-14 12:06:46 +07:00
Fabien O'Carroll
d4f8fc89a3 Created initial layer2 for Members SDK
closes #9
2018-11-14 08:47:17 +05:30
Fabien O'Carroll
d201b62f73 Fixed jwt sign method call
no-issue
2018-11-13 15:23:36 +05:30
Rish
7366f6bf4c Updated members layer1 to handle create/destroy/get jwt token
closes #11

- Uses signed jwt with NONE algorithm
- Token stored in localStorage
2018-11-12 13:59:59 +07:00
Rish
32ee16a081 Created members-layer1 sdk base structure
closes #8
2018-11-09 13:24:16 +05:30