Ghost/core/server/lib/members/cookies.js
Fabien O'Carroll a5ea34900b
Added members lib module (#10260)
* Added members library inc. gateway

refs #10213

* Added the auth pages and build steps for them

refs #10213

* Cleaned up logs

* Updated gruntfile to run yarn for member auth

* Design refinements on members popups

* UI refinements

* Updated backend call to trigger only if frontend validation passes

* Design refinements for error messages

* Added error message for email failure

* Updated request-password-reset to not attempt to send headers twice

* Updated preact publicPath to relative path

* Build auth pages on init
2018-12-11 13:47:44 +07:00

52 lines
1.3 KiB
JavaScript

const crypto = require('crypto');
const cookie = require('cookie');
const MAX_AGE = 60 * 60 * 24 * 184;
module.exports = function cookies(sessionSecret) {
function encodeCookie(data) {
const encodedData = encodeURIComponent(data);
const hmac = crypto.createHmac('sha256', sessionSecret);
hmac.update(encodedData);
return `${hmac.digest('hex')}~${encodedData}`;
}
function decodeCookie(data) {
const hmac = crypto.createHmac('sha256', sessionSecret);
const [sentHmac, sentData] = data.split('~');
if (hmac.update(sentData).digest('hex') !== sentHmac) {
return null;
}
return decodeURIComponent(sentData);
}
function setCookie(member) {
return cookie.serialize('signedin', member.id, {
maxAge: MAX_AGE,
path: '/ghost/api/v2/members/token',
httpOnly: true,
encode: encodeCookie
});
}
function removeCookie() {
return cookie.serialize('signedin', false, {
maxAge: 0,
path: '/ghost/api/v2/members/token',
httpOnly: true
});
}
function getCookie(req) {
return cookie.parse(req.headers.cookie || '', {
decode: decodeCookie
});
}
return {
setCookie,
removeCookie,
getCookie
};
};