TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-22 02:11:44 +03:00
Code Issues Projects Releases Wiki Activity
e14188807d
Ghost/core/server/services/auth/members/index.js
Fabien 'egg' O'Carroll e14188807d Fixed express-jwt config 
no-issue

express-jwt expects an array of valid algorithms, not a single algorithm.
2020-07-08 15:09:44 +02:00

52 lines
1.6 KiB
JavaScript
Raw Blame History

const jwt = require('express-jwt');
const membersService = require('../../members');
const labs = require('../../labs');
const config = require('../../../../shared/config');
let UNO_MEMBERINO;
module.exports = {
get authenticateMembersToken() {
if (!labs.isSet('members')) {
return function (req, res, next) {
return next();
};
}
if (!UNO_MEMBERINO) {
const url = require('url');
const {protocol, host} = url.parse(config.get('url'));
const siteOrigin = `${protocol}//${host}`;
UNO_MEMBERINO = membersService.api.getPublicConfig().then(({issuer}) => jwt({
credentialsRequired: false,
requestProperty: 'member',
audience: siteOrigin,
issuer,
algorithms: ['RS512'],
secret(req, payload, done) {
membersService.api.getPublicConfig().then(({publicKey}) => {
done(null, publicKey);
}).catch(done);
},
getToken(req) {
if (!req.get('authorization')) {
return null;
}
const [scheme, credentials] = req.get('authorization').split(/\s+/);
if (scheme !== 'GhostMembers') {
return null;
}
return credentials;
}
}));
}
return function (req, res, next) {
UNO_MEMBERINO.then(fn => fn(req, res, next)).catch(next);
};
}
};
Reference in New Issue View Git Blame Copy Permalink