TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-22 18:31:57 +03:00
Code Issues Projects Releases Wiki Activity
9037c19e50
Ghost/core/server/services/auth/members/index.js
Rish 15a3dacf26 Fixed invalid method usage in members authentication 
no issue

- `getPublicConfig` in members authentication was not called correctly
2019-06-27 15:21:21 +05:30

52 lines
1.6 KiB
JavaScript
Raw Blame History

const jwt = require('express-jwt');
const membersService = require('../../members');
const labs = require('../../labs');
const config = require('../../../config');
let UNO_MEMBERINO;
module.exports = {
get authenticateMembersToken() {
if (!labs.isSet('members')) {
return function (req, res, next) {
return next();
};
}
if (!UNO_MEMBERINO) {
const url = require('url');
const {protocol, host} = url.parse(config.get('url'));
const siteOrigin = `${protocol}//${host}`;
UNO_MEMBERINO = membersService.api.getPublicConfig().then(({issuer}) => jwt({
credentialsRequired: false,
requestProperty: 'member',
audience: siteOrigin,
issuer,
algorithm: 'RS512',
secret(req, payload, done) {
membersService.api.getPublicConfig().then(({publicKey}) => {
done(null, publicKey);
}).catch(done);
},
getToken(req) {
if (!req.get('authorization')) {
return null;
}
const [scheme, credentials] = req.get('authorization').split(/\s+/);
if (scheme !== 'GhostMembers') {
return null;
}
return credentials;
}
}));
}
return function (req, res, next) {
UNO_MEMBERINO.then(fn => fn(req, res, next)).catch(next);
};
}
};
Reference in New Issue View Git Blame Copy Permalink