mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-04 04:10:33 +03:00
0e1ae7c2af
- The existing createSessionFromToken was actually doing two things behind the scenes 1. Handling the ?token from the magic link and creating an actual session (mounted globally, which is not necessary) 2. Loading an existing session so that a member is logged in to the frontent - IMO 1. is part of members, and doesn't need to be global - IMO 2. is part of the frontend. It does need to be global but should NOT be hidden away behind the token middleware, as it wasn't clear what this was doing
112 lines
3.1 KiB
JavaScript
112 lines
3.1 KiB
JavaScript
const common = require('../../lib/common');
|
|
const labsService = require('../labs');
|
|
const membersService = require('./index');
|
|
|
|
const getIdentityToken = async function (req, res) {
|
|
try {
|
|
const token = await membersService.ssr.getIdentityTokenForMemberFromSession(req, res);
|
|
res.writeHead(200);
|
|
res.end(token);
|
|
} catch (err) {
|
|
common.logging.warn(err.message);
|
|
res.writeHead(err.statusCode);
|
|
res.end(err.message);
|
|
}
|
|
};
|
|
|
|
const deleteSession = async function (req, res) {
|
|
try {
|
|
await membersService.ssr.deleteSession(req, res);
|
|
res.writeHead(204);
|
|
res.end();
|
|
} catch (err) {
|
|
common.logging.warn(err.message);
|
|
res.writeHead(err.statusCode);
|
|
res.end(err.message);
|
|
}
|
|
};
|
|
|
|
const getMemberDataFromSession = async function (req, res, next) {
|
|
if (!labsService.isSet('members')) {
|
|
req.member = null;
|
|
return next();
|
|
}
|
|
try {
|
|
const member = await membersService.ssr.getMemberDataFromSession(req, res);
|
|
Object.assign(req, {member});
|
|
next();
|
|
} catch (err) {
|
|
common.logging.warn(err.message);
|
|
Object.assign(req, {member: null});
|
|
next();
|
|
}
|
|
};
|
|
|
|
const getMemberData = async function (req, res) {
|
|
if (!labsService.isSet('members')) {
|
|
res.json(null);
|
|
}
|
|
try {
|
|
const member = await membersService.ssr.getMemberDataFromSession(req, res);
|
|
if (member) {
|
|
res.json({
|
|
uuid: member.uuid,
|
|
email: member.email,
|
|
name: member.name,
|
|
firstname: member.name && member.name.split(' ')[0],
|
|
avatar_image: member.avatar_image,
|
|
subscriptions: member.stripe.subscriptions,
|
|
paid: member.stripe.subscriptions.length !== 0
|
|
});
|
|
} else {
|
|
res.json(null);
|
|
}
|
|
} catch (err) {
|
|
common.logging.warn(err.message);
|
|
res.writeHead(err.statusCode);
|
|
res.end(err.message);
|
|
}
|
|
};
|
|
|
|
const exchangeTokenForSession = async function (req, res, next) {
|
|
if (!labsService.isSet('members')) {
|
|
return next();
|
|
}
|
|
if (!req.url.includes('token=')) {
|
|
return next();
|
|
}
|
|
try {
|
|
const member = await membersService.ssr.exchangeTokenForSession(req, res);
|
|
Object.assign(req, {member});
|
|
next();
|
|
} catch (err) {
|
|
common.logging.warn(err.message);
|
|
return next();
|
|
}
|
|
};
|
|
|
|
const decorateResponse = function (req, res, next) {
|
|
if (!labsService.isSet('members')) {
|
|
return next();
|
|
}
|
|
res.locals.member = req.member;
|
|
next();
|
|
};
|
|
|
|
// @TODO only load this stuff if members is enabled
|
|
// Set req.member & res.locals.member if a cookie is set
|
|
module.exports = {
|
|
memberSession: [
|
|
getMemberDataFromSession,
|
|
decorateResponse
|
|
],
|
|
createSessionFromMagicLink: [
|
|
exchangeTokenForSession,
|
|
decorateResponse
|
|
],
|
|
getIdentityToken,
|
|
getMemberData,
|
|
deleteSession,
|
|
stripeWebhooks: (req, res, next) => membersService.api.middleware.handleStripeWebhook(req, res, next)
|
|
};
|