mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-25 11:55:03 +03:00
79959d9581
no issue - if you blog runs on a custom domain, but your admin panel is configured using a different domain -> Ghost losts the origin header - we had this situation once with pretty urls (your request get's redirected from /posts to /posts/, see https://github.com/TryGhost/Ghost/pull/8094) - we've moved all our redirect logic to Ghost and ran into the same situation - i've added proper test to ensure it won't happen again
57 lines
1.5 KiB
JavaScript
57 lines
1.5 KiB
JavaScript
// # API routes
|
|
var debug = require('ghost-ignition').debug('api'),
|
|
express = require('express'),
|
|
|
|
// routes
|
|
routes = require('./routes'),
|
|
|
|
// Include the middleware
|
|
|
|
// API specific
|
|
versionMatch = require('../middleware/api/version-match'), // global
|
|
|
|
// Shared
|
|
bodyParser = require('body-parser'), // global, shared
|
|
cacheControl = require('../middleware/cache-control'), // global, shared
|
|
maintenance = require('../middleware/maintenance'), // global, shared
|
|
errorHandler = require('../middleware/error-handler'); // global, shared
|
|
|
|
module.exports = function setupApiApp() {
|
|
debug('API setup start');
|
|
var apiApp = express();
|
|
|
|
// @TODO finish refactoring this away.
|
|
apiApp.use(function setIsAdmin(req, res, next) {
|
|
// api === isAdmin
|
|
res.isAdmin = true;
|
|
next();
|
|
});
|
|
|
|
// API middleware
|
|
|
|
// Body parsing
|
|
apiApp.use(bodyParser.json({limit: '1mb'}));
|
|
apiApp.use(bodyParser.urlencoded({extended: true, limit: '1mb'}));
|
|
|
|
// send 503 json response in case of maintenance
|
|
apiApp.use(maintenance);
|
|
|
|
// Check version matches for API requests, depends on res.locals.safeVersion being set
|
|
// Therefore must come after themeHandler.ghostLocals, for now
|
|
apiApp.use(versionMatch);
|
|
|
|
// API shouldn't be cached
|
|
apiApp.use(cacheControl('private'));
|
|
|
|
// Routing
|
|
apiApp.use(routes());
|
|
|
|
// API error handling
|
|
apiApp.use(errorHandler.resourceNotFound);
|
|
apiApp.use(errorHandler.handleJSONResponse);
|
|
|
|
debug('API setup end');
|
|
|
|
return apiApp;
|
|
};
|