mirror of
https://github.com/TryGhost/Ghost.git
synced 2023-12-13 21:00:40 +01:00
parent
ccaceb7310
commit
aa15b464c8
2 changed files with 43 additions and 7 deletions
|
@ -25,15 +25,24 @@ function cacheServer(server) {
|
|||
var middleware = {
|
||||
|
||||
// ### Authenticate Middleware
|
||||
// authentication has to be done for /ghost/* routes with
|
||||
// authentication has to be done for /ghost/* routes with
|
||||
// exceptions for signin, signout, signup, forgotten, reset only
|
||||
// api and frontend use different authentication mechanisms atm
|
||||
authenticate: function (req, res, next) {
|
||||
var subPath = req.path.substring(config().paths.subdir.length),
|
||||
noAuthNeeded = [
|
||||
var noAuthNeeded = [
|
||||
'/ghost/signin/', '/ghost/signout/', '/ghost/signup/',
|
||||
'/ghost/forgotten/', '/ghost/reset/'
|
||||
];
|
||||
],
|
||||
subPath;
|
||||
|
||||
// SubPath is the url path starting after any default subdirectories
|
||||
// it is stripped of anything after the two levels `/ghost/.*?/` as the reset link has an argument
|
||||
subPath = req.path.substring(config().paths.subdir.length);
|
||||
/*jslint regexp:true, unparam:true*/
|
||||
subPath = subPath.replace(/^(\/.*?\/.*?\/)(.*)?/, function (match, a) {
|
||||
return a;
|
||||
});
|
||||
|
||||
if (res.isAdmin) {
|
||||
if (subPath.indexOf('/ghost/api/') === 0) {
|
||||
return middleware.authAPI(req, res, next);
|
||||
|
|
|
@ -73,7 +73,7 @@ describe('Admin Routing', function () {
|
|||
});
|
||||
});
|
||||
|
||||
it('should redirect from /ghost to /ghost/signin when no user', function (done) {
|
||||
it('should redirect from /ghost/ to /ghost/signin/ when no user', function (done) {
|
||||
request.get('/ghost/')
|
||||
.expect('Location', /ghost\/signin/)
|
||||
.expect('Cache-Control', cacheRules['private'])
|
||||
|
@ -81,7 +81,7 @@ describe('Admin Routing', function () {
|
|||
.end(doEnd(done));
|
||||
});
|
||||
|
||||
it('should redirect from /ghost/signin to /ghost/signup when no user', function (done) {
|
||||
it('should redirect from /ghost/signin/ to /ghost/signup/ when no user', function (done) {
|
||||
request.get('/ghost/signin/')
|
||||
.expect('Location', /ghost\/signup/)
|
||||
.expect('Cache-Control', cacheRules['private'])
|
||||
|
@ -89,7 +89,7 @@ describe('Admin Routing', function () {
|
|||
.end(doEnd(done));
|
||||
});
|
||||
|
||||
it('should respond with html for /ghost/signup', function (done) {
|
||||
it('should respond with html for /ghost/signup/', function (done) {
|
||||
request.get('/ghost/signup/')
|
||||
.expect('Content-Type', /html/)
|
||||
.expect('Cache-Control', cacheRules['private'])
|
||||
|
@ -118,4 +118,31 @@ describe('Admin Routing', function () {
|
|||
// });
|
||||
|
||||
});
|
||||
|
||||
describe('Ghost Admin Forgot Password', function () {
|
||||
|
||||
it('should respond with html for /ghost/forgotten/', function (done) {
|
||||
request.get('/ghost/forgotten/')
|
||||
.expect('Content-Type', /html/)
|
||||
.expect('Cache-Control', cacheRules['private'])
|
||||
.expect(200)
|
||||
.end(doEnd(done));
|
||||
});
|
||||
|
||||
it('should respond 404 for /ghost/reset/', function (done) {
|
||||
request.get('/ghost/reset/')
|
||||
.expect('Cache-Control', cacheRules.hour)
|
||||
.expect(404)
|
||||
.expect(/Page Not Found/)
|
||||
.end(doEnd(done));
|
||||
});
|
||||
|
||||
it('should redirect /ghost/reset/*/', function (done) {
|
||||
request.get('/ghost/reset/athing/')
|
||||
.expect('Location', /ghost\/forgotten/)
|
||||
.expect('Cache-Control', cacheRules['private'])
|
||||
.expect(302)
|
||||
.end(doEnd(done));
|
||||
});
|
||||
});
|
||||
});
|
Loading…
Reference in a new issue