TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-25 19:48:50 +03:00
Code Issues Projects Releases Wiki Activity
ed1aa5262c
Ghost/ghost/admin/app/session-stores/application.js
Fabien O'Carroll 3e5a62309f Use Admin API v2 with session auth (#1046) 
refs #9865
- removed all `oauth2` and token-based ESA auth
- added new `cookie` authenticator which handles session creation
- updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state
  - ESA automatically calls this `.restore()` method on app boot
  - the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state
- removed the now-unnecessary token refresh and logout routines from the `application` route
- removed the now-unnecessary token refresh routines from the `ajax` service
- removed `access_token` query param from iframe file downloaders
- changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
2018-10-05 19:46:33 +01:00

29 lines
1.2 KiB
JavaScript
Raw Blame History

import EphemeralStore from 'ember-simple-auth/session-stores/ephemeral';
import RSVP from 'rsvp';
import {inject as service} from '@ember/service';
// Ghost already uses a cookie to store it's session so we don't need to keep
// track of any other peristent login state separately in Ember Simple Auth
export default EphemeralStore.extend({
session: service(),
// when loading the app we want ESA to try fetching the currently logged
// in user. This will succeed/fail depending on whether we have a valid
// session cookie or not so we can use that as an indication of the session
// being authenticated
restore() {
return this.session.user.then(() => {
// provide the necessary data for internal-session to mark the
// session as authenticated
let data = {authenticated: {authenticator: 'authenticator:cookie'}};
this.persist(data);
return data;
}).catch(() => {
// ensure the session.user doesn't return the same rejected promise
// after a succussful login
this.session.notifyPropertyChange('user');
return RSVP.reject();
});
}
});
Reference in New Issue View Git Blame Copy Permalink