Ghost/ghost/mw-session-from-token
Fabien "egg" O'Carroll 104f84f252 Added eslint rule for file naming convention
As discussed with the product team we want to enforce kebab-case file names for
all files, with the exception of files which export a single class, in which
case they should be PascalCase and reflect the class which they export.

This will help find classes faster, and should push better naming for them too.

Some files and packages have been excluded from this linting, specifically when
a library or framework depends on the naming of a file for the functionality
e.g. Ember, knex-migrator, adapter-manager
2023-05-09 12:34:34 -04:00
..
lib Added eslint rule for file naming convention 2023-05-09 12:34:34 -04:00
test Updated Eslint ECMAScript compatibility to 2022 2022-08-09 15:51:40 +02:00
.eslintignore Added @tryghost/mw-session-from-token module (#32) 2020-04-05 15:58:33 +02:00
.eslintrc.js Remove trailing commas from .eslintrc.js files 2020-08-04 14:48:07 +01:00
index.js Added eslint rule for file naming convention 2023-05-09 12:34:34 -04:00
package.json Update Test & linting packages 2023-04-05 15:16:08 +02:00
README.md Tidied up package README and LICENSE files 2022-07-26 15:22:10 +02:00

Session From Token Middleware

Middleware to handle generating sessions from tokens, for example like with magic links, or SSO flows similar to SAML.

Usage

const sessionFromTokenMiddleware = require('@tryghost/mw-session-from-token')({
    callNextWithError: true,
    async createSession(req, res, user) {
        req.session.user_id = user.id;
    },
    async getTokenFromRequest(res) {
        return req.headers['some-cool-header'];
    },
    async getLookupFromToken(token) {
        await someTokenService.validate(token);
        const data = await someTokenService.getData(token);
        return data.email;
    },
    async findUserByLookup(lookup) {
        return await someUserModel.findOne({email: lookup});
    }
});

someExpressApp.get('/some/sso/url', someSessionMiddleware, sessionFromTokenMiddleware, (req, res, next) => {
    res.redirect('/loggedin');
}, (err, res, res, next) => {
    res.redirect('/error');
});