mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-16 04:08:34 +03:00
c1a2601514
- Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286
49 lines
1.8 KiB
JavaScript
49 lines
1.8 KiB
JavaScript
var passport = require('passport'),
|
|
apiErrorHandlers = require('./api-error-handlers');
|
|
|
|
// ### Authenticate Middleware
|
|
// authentication has to be done for /ghost/* routes with
|
|
// exceptions for signin, signout, signup, forgotten, reset only
|
|
// api and frontend use different authentication mechanisms atm
|
|
function authenticate(req, res, next) {
|
|
var path,
|
|
subPath;
|
|
|
|
// SubPath is the url path starting after any default subdirectories
|
|
// it is stripped of anything after the two levels `/ghost/.*?/` as the reset link has an argument
|
|
path = req.path;
|
|
/*jslint regexp:true, unparam:true*/
|
|
subPath = path.replace(/^(\/.*?\/.*?\/)(.*)?/, function replace(match, a) {
|
|
return a;
|
|
});
|
|
|
|
if (subPath.indexOf('/ghost/api/') === 0
|
|
&& (path.indexOf('/ghost/api/v0.1/authentication/') !== 0
|
|
|| (path.indexOf('/ghost/api/v0.1/authentication/setup/') === 0 && req.method === 'PUT'))) {
|
|
return passport.authenticate('bearer', {session: false, failWithError: true},
|
|
function authenticate(err, user, info) {
|
|
if (err) {
|
|
return next(err); // will generate a 500 error
|
|
}
|
|
// Generate a JSON response reflecting authentication status
|
|
if (!user) {
|
|
var error = {
|
|
code: 401,
|
|
errorType: 'NoPermissionError',
|
|
message: 'Please Sign In'
|
|
};
|
|
|
|
return apiErrorHandlers.errorHandler(error, req, res, next);
|
|
}
|
|
// TODO: figure out, why user & authInfo is lost
|
|
req.authInfo = info;
|
|
req.user = user;
|
|
return next(null, user, info);
|
|
}
|
|
)(req, res, next);
|
|
}
|
|
next();
|
|
}
|
|
|
|
module.exports = authenticate;
|