d246a4761e
no-issue
This adds two new endpoints, one at /ghost/.well-known/jwks.json for exposing
a public key, and one on the canary api /identities, which allows the
Owner user to fetch a JWT.
This token can then be used by external services to verify the domain
* Added ghost_{public,private}_key settings
This key can be used for generating tokens for communicating with
external services on behalf of Ghost
* Added .well-known directory to /ghost/.well-known
We add a jwks.json file to the .well-known directory which exposes a
public JWK which can be used to verify the signatures of JWT's created
by Ghost
This is added to the /ghost/ path so that it can live on the admin
domain, rather than the frontend. This is because most of its
uses/functions will be in relation to the admin domain.
* Improved settings model tests
This removes hardcoded positions in favour of testing that a particular
event wasn't emitted which is less brittle and more precise about what's
being tested
* Fixed parent app unit tests for well-known
This updates the parent app unit tests to check that the well-known
route is mounted. We all change proxyquire to use `noCallThru` which
ensures that the ubderlying modules are not required. This stops the
initialisation logic in ./well-known erroring in tests
https://github.com/thlorenz/proxyquire/issues/215
* Moved jwt signature to a separate 'token' propery
This structure corresponds to other resources and allows to exptend with
additional properties in future if needed
|
||
|---|---|---|
| .github | ||
| content | ||
| core | ||
| .editorconfig | ||
| .eslintignore | ||
| .eslintrc.json | ||
| .gitattributes | ||
| .gitignore | ||
| .gitmodules | ||
| .npmignore | ||
| config.development.json | ||
| Gruntfile.js | ||
| index.js | ||
| LICENSE | ||
| MigratorConfig.js | ||
| package.json | ||
| PRIVACY.md | ||
| README.md | ||
| renovate.json | ||
| SECURITY.md | ||
| yarn.lock | ||
Ghost.org |
Features |
Showcase |
Forum |
Documentation |
Contributing |
Twitter
The easiest way to deploy Ghost is with our official Ghost(Pro) managed service. You can have a fresh instance up and running in a couple of clicks with a worldwide CDN, backups, security and maintenance all done for you.
Not only will it save you hours of maintenance per month, but all revenue goes to the Ghost Foundation, which funds the maintenance and further development of Ghost itself. So you’ll be supporting open source software and getting a great service! Alternatively if you'd like to support us, we're very grateful to all our backers on Open Collective ❤️
If you prefer to run on your own infrastructure, we also provide 1-off installs and managed support and maintenance plans via Ghost(Valet) - which can save a substantial amount of developer time and resources.
Quickstart Install
If you want to run your own instance of Ghost, in most cases the best way is to use our CLI tool
$ npm install ghost-cli -g
Then, if installing locally add the local flag to get up and running in under a minute - Local install docs
$ ghost install local
or on a server run the full install, including automatic SSL setup using LetsEncrypt - Production install docs
$ ghost install
Check out our official documentation for more information about our recommended hosting stack & properly upgrading Ghost, plus everything you need to develop your own Ghost themes or work with our API.
Getting Help
You can find answers to a huge variety of questions, along with a large community of helpful developers over on the Ghost forum - replies are generally very quick. Ghost(Pro) customers also have access to 24/7 email support.
To stay up to date with all the latest news and product updates, make sure you subscribe to our blog — or you can always follow us on Twitter, if you prefer your updates bite-sized and facetious. 🎷🐢
Contributors & Advanced Developers
For anyone wishing to contribute to Ghost or to hack/customise core files we recommend following our full development setup guides: General Contributor Guide | Developer Setup Instructions | Admin Client development guide
Copyright & License
Copyright (c) 2013-2020 Ghost Foundation - Released under the MIT license. Ghost and the Ghost Logo are trademarks of Ghost Foundation Ltd. Please see our trademark policy for info on acceptable usage.