mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-23 10:53:34 +03:00
3e5a62309f
refs #9865 - removed all `oauth2` and token-based ESA auth - added new `cookie` authenticator which handles session creation - updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state - ESA automatically calls this `.restore()` method on app boot - the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state - removed the now-unnecessary token refresh and logout routines from the `application` route - removed the now-unnecessary token refresh routines from the `ajax` service - removed `access_token` query param from iframe file downloaders - changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
29 lines
1.2 KiB
JavaScript
29 lines
1.2 KiB
JavaScript
import EphemeralStore from 'ember-simple-auth/session-stores/ephemeral';
|
|
import RSVP from 'rsvp';
|
|
import {inject as service} from '@ember/service';
|
|
|
|
// Ghost already uses a cookie to store it's session so we don't need to keep
|
|
// track of any other peristent login state separately in Ember Simple Auth
|
|
export default EphemeralStore.extend({
|
|
session: service(),
|
|
|
|
// when loading the app we want ESA to try fetching the currently logged
|
|
// in user. This will succeed/fail depending on whether we have a valid
|
|
// session cookie or not so we can use that as an indication of the session
|
|
// being authenticated
|
|
restore() {
|
|
return this.session.user.then(() => {
|
|
// provide the necessary data for internal-session to mark the
|
|
// session as authenticated
|
|
let data = {authenticated: {authenticator: 'authenticator:cookie'}};
|
|
this.persist(data);
|
|
return data;
|
|
}).catch(() => {
|
|
// ensure the session.user doesn't return the same rejected promise
|
|
// after a succussful login
|
|
this.session.notifyPropertyChange('user');
|
|
return RSVP.reject();
|
|
});
|
|
}
|
|
});
|