mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-11 09:53:32 +03:00
3a78cf48c9
ref https://ghost.slack.com/archives/C02G9E68C/p1700129928489809 - When the GET /api/session endpoint is called, the session is deleted if it is invalid - We don't have a body parser for this GET endoint, and the request object was passed to the deleteSession handler. This caused a type error (cannot read properties of undefined) - We had dangling promise because deleteSession is async and wasn't awaited, causing random errors in tests - Added a test that would have caught this earlier |
||
---|---|---|
.. | ||
lib | ||
test | ||
.eslintrc.js | ||
example.js | ||
index.js | ||
package.json | ||
README.md |
Members Ssr
Usage
const MembersSSR = require('./');
const {
exchangeTokenForSession,
getMemberDataFromSession,
deleteSession
} = MembersSSR({
cookieMaxAge: 1000 * 60 * 60 * 24 * 184, // 184 days max cookie age (default)
cookieSecure: true, // Secure cookie (default)
cookieName: 'members-ssr', // Name of cookie (default)
cookiePath: '/', // Path of cookie (default)
cookieKeys: 'some-coole-secret', // Key to sign cookie with
getMembersApi: () => membersApiInstance // Used to fetch data and verify tokens
});
const handleError = res => err => {
res.writeHead(err.statusCode);
res.end(err.message);
};
require('http').createServer((req, res) => {
if (req.method.toLowerCase() === 'post') {
exchangeTokenForSession(req, res).then((member) => {
res.writeHead(200);
res.end(JSON.stringify(member));
}).catch(handleError(res));
} else if (req.method.toLowerCase() === 'delete') {
deleteSession(req, res).then(() => {
res.writeHead(204);
res.end();
}).catch(handleError(res));
} else {
getMemberDataFromSession(req, res).then((member) => {
res.writeHead(200, {
'Content-Type': 'application/json'
});
res.end(JSON.stringify(member));
}).catch(handleError(res));
}
}).listen(3665);