Ghost/ghost/mw-session-from-token
Daniel Lockyer 08abfcafd1
Remove linting as posttest step
- linting is handled separately (in CI and locally, as it's a git
  pre-push hook) so we shouldn't also be running it after tests
2022-07-26 15:26:21 +02:00
..
lib Added @tryghost/mw-session-from-token module (#32) 2020-04-05 15:58:33 +02:00
test Remove trailing commas from .eslintrc.js files 2020-08-04 14:48:07 +01:00
types Added newly generated TypeScript definiton files 2021-04-07 13:41:49 +12:00
.eslintignore Added @tryghost/mw-session-from-token module (#32) 2020-04-05 15:58:33 +02:00
.eslintrc.js Remove trailing commas from .eslintrc.js files 2020-08-04 14:48:07 +01:00
index.js Added @tryghost/mw-session-from-token module (#32) 2020-04-05 15:58:33 +02:00
package.json Remove linting as posttest step 2022-07-26 15:26:21 +02:00
README.md Tidied up package README and LICENSE files 2022-07-26 15:22:10 +02:00
tsconfig.json Stopped type declaration files from being generated 2021-07-14 11:51:14 +01:00

Session From Token Middleware

Middleware to handle generating sessions from tokens, for example like with magic links, or SSO flows similar to SAML.

Usage

const sessionFromTokenMiddleware = require('@tryghost/mw-session-from-token')({
    callNextWithError: true,
    async createSession(req, res, user) {
        req.session.user_id = user.id;
    },
    async getTokenFromRequest(res) {
        return req.headers['some-cool-header'];
    },
    async getLookupFromToken(token) {
        await someTokenService.validate(token);
        const data = await someTokenService.getData(token);
        return data.email;
    },
    async findUserByLookup(lookup) {
        return await someUserModel.findOne({email: lookup});
    }
});

someExpressApp.get('/some/sso/url', someSessionMiddleware, sessionFromTokenMiddleware, (req, res, next) => {
    res.redirect('/loggedin');
}, (err, res, res, next) => {
    res.redirect('/error');
});