OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1fbb8a219f
Ghost/core/server/api/canary/identities.js
Hannah Wolfe b53296c4d5
Removed extraneous permission flag in identities 
- This doesn't affect permissions, only permissions inside an endpoint config block does that
- Rather it creates an extra unused "endpoint" called identities.permissions
2022-03-15 14:58:29 +00:00

36 lines
981 B
JavaScript
Raw Blame History

const settings = require('../../../shared/settings-cache');
const urlUtils = require('../../../shared/url-utils');
const jwt = require('jsonwebtoken');
const jose = require('node-jose');
const issuer = urlUtils.urlFor('admin', true);
const dangerousPrivateKey = settings.get('ghost_private_key');
const keyStore = jose.JWK.createKeyStore();
const keyStoreReady = keyStore.add(dangerousPrivateKey, 'pem');
const getKeyID = async () => {
const key = await keyStoreReady;
return key.kid;
};
const sign = async (claims, options) => {
const kid = await getKeyID();
return jwt.sign(claims, dangerousPrivateKey, Object.assign({
issuer,
expiresIn: '5m',
algorithm: 'RS256',
keyid: kid
}, options));
};
module.exports = {
docName: 'identities',
read: {
permissions: true,
async query(frame) {
const token = await sign({sub: frame.user.get('email')});
return {token};
}
}
};
Reference in New Issue View Git Blame Copy Permalink