mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-11-28 22:43:30 +03:00
3e5a62309f
refs #9865 - removed all `oauth2` and token-based ESA auth - added new `cookie` authenticator which handles session creation - updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state - ESA automatically calls this `.restore()` method on app boot - the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state - removed the now-unnecessary token refresh and logout routines from the `application` route - removed the now-unnecessary token refresh routines from the `ajax` service - removed `access_token` query param from iframe file downloaders - changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
79 lines
2.5 KiB
JavaScript
79 lines
2.5 KiB
JavaScript
/* eslint-disable ghost/ember/alias-model-in-controller */
|
|
import Controller from '@ember/controller';
|
|
import ValidationEngine from 'ghost-admin/mixins/validation-engine';
|
|
import {computed} from '@ember/object';
|
|
import {inject as service} from '@ember/service';
|
|
import {task} from 'ember-concurrency';
|
|
|
|
export default Controller.extend(ValidationEngine, {
|
|
ghostPaths: service(),
|
|
notifications: service(),
|
|
session: service(),
|
|
ajax: service(),
|
|
config: service(),
|
|
|
|
newPassword: '',
|
|
ne2Password: '',
|
|
token: '',
|
|
flowErrors: '',
|
|
|
|
validationType: 'reset',
|
|
|
|
email: computed('token', function () {
|
|
// The token base64 encodes the email (and some other stuff),
|
|
// each section is divided by a '|'. Email comes second.
|
|
return atob(this.get('token')).split('|')[1];
|
|
}),
|
|
|
|
actions: {
|
|
submit() {
|
|
return this.get('resetPassword').perform();
|
|
}
|
|
},
|
|
|
|
// Used to clear sensitive information
|
|
clearData() {
|
|
this.setProperties({
|
|
newPassword: '',
|
|
ne2Password: '',
|
|
token: ''
|
|
});
|
|
},
|
|
|
|
resetPassword: task(function* () {
|
|
let credentials = this.getProperties('newPassword', 'ne2Password', 'token');
|
|
let authUrl = this.get('ghostPaths.url').api('authentication', 'passwordreset');
|
|
|
|
this.set('flowErrors', '');
|
|
this.get('hasValidated').addObjects(['newPassword', 'ne2Password']);
|
|
|
|
try {
|
|
yield this.validate();
|
|
try {
|
|
let resp = yield this.get('ajax').put(authUrl, {
|
|
data: {
|
|
passwordreset: [credentials]
|
|
}
|
|
});
|
|
this.get('notifications').showAlert(resp.passwordreset[0].message, {type: 'warn', delayed: true, key: 'password.reset'});
|
|
this.get('session').authenticate('authenticator:cookie', this.get('email'), credentials.newPassword);
|
|
return true;
|
|
} catch (error) {
|
|
this.get('notifications').showAPIError(error, {key: 'password.reset'});
|
|
}
|
|
} catch (error) {
|
|
if (this.get('errors.newPassword')) {
|
|
this.set('flowErrors', this.get('errors.newPassword')[0].message);
|
|
}
|
|
|
|
if (this.get('errors.ne2Password')) {
|
|
this.set('flowErrors', this.get('errors.ne2Password')[0].message);
|
|
}
|
|
|
|
if (error && this.get('errors.length') === 0) {
|
|
throw error;
|
|
}
|
|
}
|
|
}).drop()
|
|
});
|