mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-15 11:34:24 +03:00
91ca4a43e5
closes #1757 and #1773 - switches routes.frontend for posts and pages to use a regex with two capturing groups. This removes the need to dynamically remove an express route at a later point, leaving the decision making to frontend controller. - added unit tests for all routing conditions that can arise for posts and pages. - updated functional tests to also test for same thing in unit tests - removes old code from server/api/index that used to fix this issue, but is no longer needed - removed some un-needed require statements in routes/admin
59 lines
2.7 KiB
JavaScript
59 lines
2.7 KiB
JavaScript
var admin = require('../controllers/admin'),
|
|
config = require('../config'),
|
|
middleware = require('../middleware').middleware;
|
|
|
|
module.exports = function (server) {
|
|
var subdir = config.paths().subdir;
|
|
// ### Admin routes
|
|
/* TODO: put these somewhere in admin */
|
|
server.get('/logout/', function redirect(req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(301, subdir + '/ghost/signout/');
|
|
});
|
|
server.get('/signout/', function redirect(req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(301, subdir + '/ghost/signout/');
|
|
});
|
|
server.get('/signin/', function redirect(req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(301, subdir + '/ghost/signin/');
|
|
});
|
|
server.get('/signup/', function redirect(req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(301, subdir + '/ghost/signup/');
|
|
});
|
|
server.get('/ghost/login/', function redirect(req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(301, subdir + '/ghost/signin/');
|
|
});
|
|
|
|
server.get('/ghost/signout/', admin.logout);
|
|
server.get('/ghost/signin/', middleware.redirectToSignup, middleware.redirectToDashboard, admin.login);
|
|
server.get('/ghost/signup/', middleware.redirectToDashboard, admin.signup);
|
|
server.get('/ghost/forgotten/', middleware.redirectToDashboard, admin.forgotten);
|
|
server.post('/ghost/forgotten/', admin.generateResetToken);
|
|
server.get('/ghost/reset/:token', admin.reset);
|
|
server.post('/ghost/reset/:token', admin.resetPassword);
|
|
server.post('/ghost/signin/', admin.auth);
|
|
server.post('/ghost/signup/', admin.doRegister);
|
|
server.post('/ghost/changepw/', middleware.auth, admin.changepw);
|
|
server.get('/ghost/editor(/:id)/', middleware.auth, admin.editor);
|
|
server.get('/ghost/editor/', middleware.auth, admin.editor);
|
|
server.get('/ghost/content/', middleware.auth, admin.content);
|
|
server.get('/ghost/settings*', middleware.auth, admin.settings);
|
|
server.get('/ghost/debug/', middleware.auth, admin.debug.index);
|
|
|
|
// We don't want to register bodyParser globally b/c of security concerns, so use multipart only here
|
|
server.post('/ghost/upload/', middleware.auth, admin.uploader);
|
|
|
|
// redirect to /ghost and let that do the authentication to prevent redirects to /ghost//admin etc.
|
|
server.get(/\/((ghost-admin|admin|wp-admin|dashboard|signin)\/?)$/, function (req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(subdir + '/ghost/');
|
|
});
|
|
server.get(/\/(ghost$\/?)/, middleware.auth, function (req, res) {
|
|
/*jslint unparam:true*/
|
|
res.redirect(subdir + '/ghost/');
|
|
});
|
|
server.get('/ghost/', middleware.redirectToSignup, middleware.auth, admin.index);
|
|
}; |