OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0a6cd75993
Ghost/ghost/admin/app/routes/signup.js
Kevin Ansfield 9bdb25d184
Fixed hosting management screen not loading after sign-in process (#15763) 
refs https://github.com/TryGhost/Team/issues/2110

- dynamically defined properties on the config service did not have
autotracking set up properly if they were accessed in any way before the
property was defined, this caused problems in a number of areas because
we have both "unauthed" and "authed" sets of config and when not logged
in we had parts of the app checking for authed config properties that
don't exist until after sign-in and subsequent config re-fetch
- renamed `config` service to `configManager` and updated to only
contain methods for fetching config data
- added a `config` instance initializer that sets up a `TrackedObject`
instance with some custom properties/methods and registers it on
`config:main`
- uses application instance initializer rather than a standard
initializer because standard initializers are only called once when
setting up the test suite so we'd end up with config leaking across
tests
- added an `@inject` decorator that when used takes the property name
and injects whatever is registered at `${propertyName}:main`, this
allows us to use dependency injection for any object rather than just
services or controllers
- using `application.inject()` in the initializer was initially used but
that only works for objects that extend from `EmberObject`, the
injections weren't available in native-class glimmer components so this
decorator keeps the injection syntax consistent
  - swapped all `@service config` uses to `@inject config`
2022-11-03 11:14:36 +00:00

96 lines
3.2 KiB
JavaScript
Raw Blame History

import EmberObject from '@ember/object';
import UnauthenticatedRoute from 'ghost-admin/routes/unauthenticated';
import ValidationEngine from 'ghost-admin/mixins/validation-engine';
import classic from 'ember-classic-decorator';
import {inject} from 'ghost-admin/decorators/inject';
import {inject as service} from '@ember/service';
import {tracked} from '@glimmer/tracking';
// EmberObject is still needed here for ValidationEngine
@classic
class SignupDetails extends EmberObject.extend(ValidationEngine) {
@tracked name = '';
@tracked email = '';
@tracked password = '';
token = '';
blogTitle = ''; // used for password validation
validationType = 'signup';
}
export default class SignupRoute extends UnauthenticatedRoute {
@service ghostPaths;
@service notifications;
@service session;
@service ajax;
@inject config;
beforeModel() {
if (this.session.isAuthenticated) {
this.notifications.showAlert('You need to sign out to register as a new user.', {type: 'warn', delayed: true, key: 'signup.create.already-authenticated'});
}
super.beforeModel(...arguments);
}
model(params) {
let signupDetails = SignupDetails.create();
let re = /^(?:[A-Za-z0-9_-]{4})*(?:[A-Za-z0-9_-]{2}|[A-Za-z0-9_-]{3})?$/;
let email,
tokenText;
return new Promise((resolve) => {
if (!re.test(params.token)) {
this.notifications.showAlert('Invalid token.', {type: 'error', delayed: true, key: 'signup.create.invalid-token'});
resolve(this.transitionTo('signin'));
return;
}
tokenText = atob(params.token);
email = tokenText.split('|')[1];
// leave e-mail blank even though we get it from the token because
// we need the user to type it in for Chrome to remember the
// email/password combo properly
signupDetails.email = '';
signupDetails.token = params.token;
let authUrl = this.ghostPaths.url.api('authentication', 'invitation');
this.ajax.request(authUrl, {
dataType: 'json',
data: {
email
}
}).then((response) => {
if (response && response.invitation && response.invitation[0].valid === false) {
this.notifications.showAlert('The invitation does not exist or is no longer valid.', {type: 'warn', delayed: true, key: 'signup.create.invalid-invitation'});
resolve(this.transitionTo('signin'));
return;
}
// set blogTitle, so password validation has access to it
signupDetails.blogTitle = this.config.blogTitle;
resolve(signupDetails);
}).catch(() => {
resolve(signupDetails);
});
});
}
deactivate() {
super.deactivate(...arguments);
// clear the properties that hold the sensitive data from the controller
const signupDetails = this.controllerFor('signup').signupDetails;
signupDetails.email = '';
signupDetails.password = '';
signupDetails.token = '';
}
}
Reference in New Issue View Git Blame Copy Permalink