Ghost/ghost/mw-session-from-token/README.md

# Session From Token Middleware

Middleware to handle generating sessions from tokens, for example like with magic links, or SSO flows similar to SAML.

## Usage

```js
const sessionFromTokenMiddleware = require('@tryghost/mw-session-from-token')({
    callNextWithError: true,
    async createSession(req, res, user) {
        req.session.user_id = user.id;
    },
    async getTokenFromRequest(res) {
        return req.headers['some-cool-header'];
    },
    async getLookupFromToken(token) {
        await someTokenService.validate(token);
        const data = await someTokenService.getData(token);
        return data.email;
    },
    async findUserByLookup(lookup) {
        return await someUserModel.findOne({email: lookup});
    }
});

someExpressApp.get('/some/sso/url', someSessionMiddleware, sessionFromTokenMiddleware, function sessionFromTokenMiddleware(req, res, next) {
    res.redirect('/loggedin');
}, function nextMw(err, res, res, next) => {
    res.redirect('/error');
});
```
✨ Added @tryghost/mw-session-from-token module (#32) no-issue 2020-04-05 16:58:33 +03:00			`# Session From Token Middleware`

			`Middleware to handle generating sessions from tokens, for example like with magic links, or SSO flows similar to SAML.`

			`## Usage`

			```js
			`const sessionFromTokenMiddleware = require('@tryghost/mw-session-from-token')({`
			`callNextWithError: true,`
			`async createSession(req, res, user) {`
			`req.session.user_id = user.id;`
			`},`
			`async getTokenFromRequest(res) {`
			`return req.headers['some-cool-header'];`
			`},`
			`async getLookupFromToken(token) {`
			`await someTokenService.validate(token);`
			`const data = await someTokenService.getData(token);`
			`return data.email;`
			`},`
			`async findUserByLookup(lookup) {`
			`return await someUserModel.findOne({email: lookup});`
			`}`
			`});`

Added function names to more middleware refs https://github.com/TryGhost/Ghost/commit/319f251ad27cf852093766fa9877d99be5794057 - this helps debugging because all middleware in the stack will have a function name, so it'll show up instead of `<anonymous>` 2024-05-06 18:26:14 +03:00			`someExpressApp.get('/some/sso/url', someSessionMiddleware, sessionFromTokenMiddleware, function sessionFromTokenMiddleware(req, res, next) {`
✨ Added @tryghost/mw-session-from-token module (#32) no-issue 2020-04-05 16:58:33 +03:00			`res.redirect('/loggedin');`
Added function names to more middleware refs https://github.com/TryGhost/Ghost/commit/319f251ad27cf852093766fa9877d99be5794057 - this helps debugging because all middleware in the stack will have a function name, so it'll show up instead of `<anonymous>` 2024-05-06 18:26:14 +03:00			`}, function nextMw(err, res, res, next) => {`
✨ Added @tryghost/mw-session-from-token module (#32) no-issue 2020-04-05 16:58:33 +03:00			`res.redirect('/error');`
			`});`
			```