mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-21 01:41:46 +03:00
799857b77a
closes #10287
114 lines
2.8 KiB
JavaScript
114 lines
2.8 KiB
JavaScript
const url = require('url');
|
|
const settingsCache = require('../settings/cache');
|
|
const config = require('../../config');
|
|
const MembersApi = require('../../lib/members');
|
|
const models = require('../../models');
|
|
const mail = require('../mail');
|
|
|
|
function createMember({name, email, password}) {
|
|
return models.Member.add({
|
|
name,
|
|
email,
|
|
password
|
|
}).then((member) => {
|
|
return member.toJSON();
|
|
});
|
|
}
|
|
|
|
function updateMember(member, newData) {
|
|
return models.Member.findOne(member, {
|
|
require: true
|
|
}).then(({id}) => {
|
|
return models.Member.edit(newData, {id});
|
|
}).then((member) => {
|
|
return member.toJSON();
|
|
});
|
|
}
|
|
|
|
function getMember(member) {
|
|
return models.Member.findOne(member, {
|
|
require: true
|
|
}).then((member) => {
|
|
return member.toJSON();
|
|
});
|
|
}
|
|
|
|
function validateMember({email, password}) {
|
|
return models.Member.findOne({email}, {
|
|
require: true
|
|
}).then((member) => {
|
|
return member.comparePassword(password).then((res) => {
|
|
if (!res) {
|
|
throw new Error('Password is incorrect');
|
|
}
|
|
return member;
|
|
});
|
|
}).then((member) => {
|
|
return member.toJSON();
|
|
});
|
|
}
|
|
|
|
// @TODO this should check some config/settings and return Promise.reject by default
|
|
function validateAudience({audience, origin}) {
|
|
if (audience === origin) {
|
|
return Promise.resolve();
|
|
}
|
|
return Promise.resolve();
|
|
}
|
|
|
|
const publicKey = settingsCache.get('members_public_key');
|
|
const privateKey = settingsCache.get('members_private_key');
|
|
const sessionSecret = settingsCache.get('members_session_secret');
|
|
const passwordResetUrl = config.get('url');
|
|
const {protocol, host} = url.parse(config.get('url'));
|
|
const siteOrigin = `${protocol}//${host}`;
|
|
const issuer = siteOrigin;
|
|
const ssoOrigin = siteOrigin;
|
|
let mailer;
|
|
|
|
function sendEmail(member, {token}) {
|
|
if (!(mailer instanceof mail.GhostMailer)) {
|
|
mailer = new mail.GhostMailer();
|
|
}
|
|
const message = {
|
|
to: member.email,
|
|
subject: 'Reset password',
|
|
html: `
|
|
Hi ${member.name},
|
|
|
|
To reset your password, click the following link and follow the instructions:
|
|
|
|
${passwordResetUrl}#reset-password?token=${token}
|
|
|
|
If you didn't request a password change, just ignore this email.
|
|
`
|
|
};
|
|
|
|
/* eslint-disable */
|
|
// @TODO remove this
|
|
console.log(message.html);
|
|
/* eslint-enable */
|
|
return mailer.send(message).catch((err) => {
|
|
return Promise.reject(err);
|
|
});
|
|
}
|
|
|
|
const api = MembersApi({
|
|
config: {
|
|
issuer,
|
|
publicKey,
|
|
privateKey,
|
|
sessionSecret,
|
|
ssoOrigin
|
|
},
|
|
validateAudience,
|
|
createMember,
|
|
getMember,
|
|
validateMember,
|
|
updateMember,
|
|
sendEmail
|
|
});
|
|
|
|
module.exports = api;
|
|
module.exports.publicKey = publicKey;
|