Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@tryghost/admin-api

Package Overview
Dependencies
Maintainers
21
Versions
84
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@tryghost/admin-api - npm Package Compare versions

Comparing version
1.8.1
 to
1.9.0
+63
-15
lib/index.js

@@ -6,2 +6,4 @@ const axios = require('axios');

// NOTE: bump this default when Ghost v5 is released
const defaultAcceptVersionHeader = 'v4.0';
const supportedVersions = ['v2', 'v3', 'v4', 'v5', 'canary'];

@@ -11,8 +13,29 @@ const packageName = '@tryghost/admin-api';

/**
* This method can go away in favor of only sending 'Accept-Version` headers
* once the Ghost API removes a concept of version from it's URLS (with Ghost v5)
*
* @param {string} [version] version in `v{major}` format
* @returns {string}
*/
const resolveAPIPrefix = (version) => {
let prefix;
// NOTE: the "version.match(/^v5\.\d+/)" expression should be changed to "version.match(/^v\d+\.\d+/)" once Ghost v5 is out
if (version === 'v5' || version === undefined || version.match(/^v5\.\d+/)) {
prefix = `/admin/`;
} else {
prefix = `/${version}/admin/`;
}
return prefix;
};
/**
*
* @param {Object} options
* @param {String} options.url
* @param {String} [options.ghostPath]
* @param {String} [options.version]
* @param {String|Boolean} [options.version] - a version string like v3.2, v4.1, v5.8 or boolean 'false' value identifying no Accept-Version header
* @param {Function} [options.makeRequest]
* @param {Function} [options.generateToken]
* @param {String} [options.host] Deprecated

@@ -27,2 +50,4 @@ */

ghostPath: 'ghost',
generateToken: token,
sendAcceptVersionHeader: true,
makeRequest({url, method, data, params = {}, headers = {}}) {

@@ -64,5 +89,32 @@ return axios({

if (config.version && !supportedVersions.includes(config.version)) {
if (config.version === undefined) {
throw new Error(`${packageName} Config Missing: 'version' is required. E.g. ${supportedVersions.join(',')}`);
}
if (typeof config.version === 'boolean') {
config.sendAcceptVersionHeader = config.version;
if (config.version === true) {
config.acceptVersionHeader = defaultAcceptVersionHeader;
}
config.version = undefined;
} else if (!supportedVersions.includes(config.version) && !(config.version.match(/^v\d+\.\d+/))) {
throw new Error(`${packageName} Config Invalid: 'version' ${config.version} is not supported`);
} else if (supportedVersions.includes(config.version) || config.version.match(/^v\d+\.\d+/)) {
if (config.version === 'canary') {
// eslint-disable-next-line
console.warn(`${packageName}: The 'version' parameter has a deprecated format 'canary', please use 'v{major}.{minor}' format instead`);
config.acceptVersionHeader = defaultAcceptVersionHeader;
} else if (config.version.match(/^v\d+$/)) {
// eslint-disable-next-line
console.warn(`${packageName}: The 'version' parameter has a deprecated format 'v{major}', please use 'v{major}.{minor}' format instead`);
// CASE: all the v1, v2, v4 ... strings should be normalized to fit 'v{major}.{minor}' format
config.acceptVersionHeader = `${config.version}.0`;
} else {
config.acceptVersionHeader = config.version;
}
}
if (!config.url) {

@@ -87,9 +139,3 @@ throw new Error(`${packageName} Config Missing: 'url' is required. E.g. 'https://site.com'`);

if (config.version === 'v5') {
// NOTE: the version parameter is supported but not necessary for non-versioned API, starting with Ghost v5
delete config.version;
}
const resources = [
// @NOTE: stable
'posts',

@@ -100,3 +146,2 @@ 'pages',

'members',
// @NOTE: experimental
'users'

@@ -357,5 +402,4 @@ ];

let endpoint = version
? `/${ghostPath}/api/${version}/admin/${resource}/`
: `/${ghostPath}/api/admin/${resource}/`;
const apiPrefix = resolveAPIPrefix(version);
let endpoint = `/${ghostPath}/api${apiPrefix}${resource}/`;

@@ -377,8 +421,12 @@ if (id) {

let authorizationHeader;
const audience = resolveAPIPrefix(version);
authorizationHeader = `Ghost ${config.generateToken(key, audience)}`;
const ghostHeaders = {
Authorization: `Ghost ${token(key, version)}`
Authorization: authorizationHeader
};
if (!version || ['v4', 'canary'].includes(version)) {
ghostHeaders['Accept-Version'] = version || 'v5';
if (config.acceptVersionHeader) {
ghostHeaders['Accept-Version'] = config.acceptVersionHeader;
}

@@ -385,0 +433,0 @@ 

+2
-3
lib/token.js

@@ -6,8 +6,7 @@ const jwt = require('jsonwebtoken');

* @param {String} key - API key to sign JWT with
* @param {String} version - API version to use as a part of audience
* @param {String} audience - token audience
* @returns
*/
module.exports = function token(key, version) {
module.exports = function token(key, audience) {
const [id, secret] = key.split(':');
const audience = version ? `/${version}/admin/` : '/admin/';

@@ -14,0 +13,0 @@ return jwt.sign({}, Buffer.from(secret, 'hex'), { // eslint-disable-line no-undef

+2
-2
package.json
{
"name": "@tryghost/admin-api",
"version": "1.8.1",
"version": "1.9.0",
"repository": "https://github.com/TryGhost/SDK/tree/master/packages/admin-api",

@@ -34,3 +34,3 @@ "author": "Ghost Foundation",

},
"gitHead": "dbf4ab41a6964422987a68c4327336692a54527f"
"gitHead": "b4c9597d781809903118a07e5fba16a106ec6053"
}