1
0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-01 15:29:19 +03:00
Ghost/ghost/members-ssr/example.js
Elijah 3c94812ee5
Added missing return in create-stripe-update-session
no issue

- Return was missing for `res.end` if an invalid subscription_id was passed
- Added explicit `text/plain` `Content-Type` headers to error messages to avoid MIME sniffing

Signed-off-by: Elijah Conners <business@elijahpepe.com>
Co-authored-by: Simon Backx <simon@ghost.org>
2022-08-29 14:02:58 +02:00

93 lines
2.7 KiB
JavaScript

const jwt = require('jsonwebtoken');
const keypair = require('keypair');
const MembersSSR = require('./');
const keys = keypair();
const membersApiInstance = {
/**
* @param {string} token
*/
async getMemberDataFromMagicLinkToken(token) {
return jwt.decode(token);
},
async getMemberIdentityData() {
return {name: 'egg'};
}
};
const membersSSR = MembersSSR({
cookieSecure: false, // Secure cookie (default)
cookieKeys: ['some-coole-secret'], // Key to sign cookie with
getMembersApi: () => membersApiInstance // Used to fetch data and verify tokens
});
const server = require('http').createServer(async (req, res) => {
if (!req.method) {
res.writeHead(405);
return res.end('Method not allowed.');
}
if (req.method.toLowerCase() === 'post') {
try {
await membersSSR.exchangeTokenForSession(req, res);
res.writeHead(200);
res.end();
} catch (err) {
res.writeHead(err.statusCode, {
'Content-Type': 'text/plain;charset=UTF-8'
});
res.end(err.message);
}
} else {
try {
const member = await membersSSR.getMemberDataFromSession(req, res);
res.writeHead(200, {
'Content-Type': 'application/json'
});
res.end(JSON.stringify(member));
} catch (err) {
res.writeHead(err.statusCode, {
'Content-Type': 'text/plain;charset=UTF-8'
});
res.end(err.message);
}
}
});
server.listen(0, '127.0.0.1', () => {
const addressInfo = server.address();
if (addressInfo === null || typeof addressInfo === 'string') {
throw new TypeError(`Unexpected return value from server.address(): ${addressInfo}`); /* eslint-disable-line no-restricted-syntax */
}
const {address, port} = addressInfo;
const url = `http://${address}:${port}`;
const token = jwt.sign({
name: 'egg',
email: 'egg@mast.er'
}, keys.private, {
issuer: 'example.com',
audience: 'example.com',
algorithm: 'RS512'
});
require('http').request(`${url}?token=${token}`, {
method: 'post'
}, (loginResponse) => {
const cookies = loginResponse.headers['set-cookie'] || [];
require('http').request(url, {
headers: {
cookie: cookies.join('; ')
}
}, (authResponse) => {
authResponse.pipe(process.stdout);
authResponse.on('close', () => {
server.close();
});
}).end();
}).end();
});
server.on('close', () => {
process.exit(1);
});