🔥✨ remove forceAdminSSL and urlSSL, add admin url (#7937)

* 🔥  kill apiUrl helper, use urlFor helper instead

More consistency of creating urls.
Creates an easier ability to add config changes.

Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.

* 🔥  urlSSL

Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.

e.g.

- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)

The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.

* 🔥  ✨  remove forceAdminSSL, add new admin url and adapt logic

I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:

1. remove forceAdminSSL
2. add admin.url option

- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option

* 🤖  adapt tests

IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware

* 😎  rename check-ssl middleware

* 🎨  fix theme-handler because of master rebase

core/server/admin/app.js

@@ -8,7 +8,7 @@ var debug = require('debug')('ghost:admin'),
 
     // Global/shared middleware?
     cacheControl = require('../middleware/cache-control'),
-    checkSSL = require('../middleware/check-ssl'),
+    urlRedirects = require('../middleware/url-redirects'),
     errorHandler = require('../middleware//error-handler'),
     maintenance = require('../middleware/maintenance'),
     prettyURLs = require('../middleware//pretty-urls'),
@@ -46,7 +46,7 @@ module.exports = function setupAdminApp() {
 
     // Force SSL if required
     // must happen AFTER asset loading and BEFORE routing
-    adminApp.use(checkSSL);
+    adminApp.use(urlRedirects);
 
     // Add in all trailing slashes & remove uppercase
     // must happen AFTER asset loading and BEFORE routing

core/server/api/app.js

@@ -21,7 +21,7 @@ var debug = require('debug')('ghost:api'),
     // Shared
     bodyParser = require('body-parser'), // global, shared
     cacheControl = require('../middleware/cache-control'), // global, shared
-    checkSSL = require('../middleware/check-ssl'),
+    urlRedirects = require('../middleware/url-redirects'),
     prettyURLs = require('../middleware/pretty-urls'),
     maintenance = require('../middleware/maintenance'), // global, shared
     errorHandler = require('../middleware/error-handler'), // global, shared
@@ -235,7 +235,7 @@ module.exports = function setupApiApp() {
 
     // Force SSL if required
     // must happen AFTER asset loading and BEFORE routing
-    apiApp.use(checkSSL);
+    apiApp.use(urlRedirects);
 
     // Add in all trailing slashes & remove uppercase
     // must happen AFTER asset loading and BEFORE routing

core/server/blog/app.js

@@ -14,7 +14,7 @@ var debug = require('debug')('ghost:blog'),
 
     // local middleware
     cacheControl = require('../middleware/cache-control'),
-    checkSSL = require('../middleware/check-ssl'),
+    urlRedirects = require('../middleware/url-redirects'),
     errorHandler = require('../middleware/error-handler'),
     maintenance = require('../middleware/maintenance'),
     prettyURLs = require('../middleware/pretty-urls'),
@@ -75,7 +75,7 @@ module.exports = function setupBlogApp() {
 
     // Force SSL if required
     // must happen AFTER asset loading and BEFORE routing
-    blogApp.use(checkSSL);
+    blogApp.use(urlRedirects);
 
     // Add in all trailing slashes & remove uppercase
     // must happen AFTER asset loading and BEFORE routing

core/server/config/defaults.json

@@ -1,7 +1,5 @@
 {
     "url": "http://localhost:2368",
-    "urlSSL": false,
-    "forceAdminSSL": false,
     "server": {
         "host": "127.0.0.1",
         "port": 2368

core/server/index.js

@@ -170,7 +170,7 @@ function init(options) {
         return scheduling.init({
             schedulerUrl: config.get('scheduling').schedulerUrl,
             active: config.get('scheduling').active,
-            apiUrl: utils.url.apiUrl(),
+            apiUrl: utils.url.urlFor('api', true),
             internalPath: config.get('paths').internalSchedulingPath,
             contentPath: config.getContentPath('scheduling')
         });

core/server/middleware/api/cors.js

@@ -3,7 +3,6 @@ var cors = require('cors'),
     url = require('url'),
     os = require('os'),
     utils = require('../../utils'),
-    config = require('../../config'),
     whitelist = [],
     ENABLE_CORS = {origin: true, maxAge: 86400},
     DISABLE_CORS = {origin: false};
@@ -33,10 +32,14 @@ function getIPs() {
 }
 
 function getUrls() {
-    var urls = [url.parse(utils.url.urlFor('home', true)).hostname];
+    var blogHost = url.parse(utils.url.urlFor('home', true)).hostname,
+        adminHost = url.parse(utils.url.urlFor('admin', true)).hostname,
+        urls = [];
 
-    if (config.get('urlSSL')) {
-        urls.push(url.parse(config.get('urlSSL')).hostname);
+    urls.push(blogHost);
+
+    if (adminHost !== blogHost) {
+        urls.push(adminHost);
     }
 
     return urls;

core/server/middleware/serve-shared-file.js

@@ -28,7 +28,7 @@ function serveSharedFile(file, type, maxAge) {
 
                     if (type === 'text/xsl' || type === 'text/plain' || type === 'application/javascript') {
                         buf = buf.toString().replace(blogRegex, utils.url.urlFor('home', true).replace(/\/$/, ''));
-                        buf = buf.toString().replace(apiRegex, utils.url.apiUrl({cors: true}));
+                        buf = buf.toString().replace(apiRegex, utils.url.urlFor('api', {cors: true}, true));
                     }
                     content = {
                         headers: {

core/server/middleware/theme-handler.js

@@ -8,6 +8,7 @@ var _      = require('lodash'),
     utils = require('../utils'),
     logging = require('../logging'),
     errors = require('../errors'),
+    utils = require('../utils'),
     i18n = require('../i18n'),
     themeHandler;
 
@@ -18,7 +19,7 @@ themeHandler = {
         var themeData = {
                 title: settingsCache.get('title'),
                 description: settingsCache.get('description'),
-                url: utils.url.urlFor('home', true),
+                url: utils.url.urlFor('home', {secure: req.secure}, true),
                 facebook: settingsCache.get('facebook'),
                 twitter: settingsCache.get('twitter'),
                 timezone: settingsCache.get('activeTimezone'),
@@ -32,11 +33,6 @@ themeHandler = {
             labsData = _.cloneDeep(settingsCache.get('labs')),
             blogApp = req.app;
 
-        if (req.secure && config.get('urlSSL')) {
-            // For secure requests override .url property with the SSL version
-            themeData.url = config.get('urlSSL').replace(/\/$/, '');
-        }
-
         hbs.updateTemplateOptions({
             data: {
                 blog: themeData,
@@ -49,7 +45,7 @@ themeHandler = {
         }
 
         // Pass 'secure' flag to the view engine
-        // so that templates can choose 'url' vs 'urlSSL'
+        // so that templates can choose to render https or http 'url', see url utility
         res.locals.secure = req.secure;
 
         next();

core/server/middleware/url-redirects.js

@@ -0,0 +1,68 @@
+var url = require('url'),
+    debug = require('debug')('ghost:redirects'),
+    utils = require('../utils'),
+    urlRedirects;
+
+function redirectUrl(options) {
+    var redirectTo = options.redirectTo,
+        path = options.path,
+        query = options.query,
+        parts = url.parse(redirectTo);
+
+    return url.format({
+        protocol: parts.protocol,
+        hostname: parts.hostname,
+        port: parts.port,
+        pathname: path,
+        query: query
+    });
+}
+
+/**
+ * SSL AND REDIRECTS
+ */
+urlRedirects = function urlRedirects(req, res, next) {
+    var requestedUrl = req.originalUrl || req.url,
+        requestedHost = req.get('host'),
+        targetHostWithProtocol,
+        targetHostWithoutProtocol;
+
+    if (res.isAdmin) {
+        targetHostWithProtocol = utils.url.urlFor('admin', true);
+        targetHostWithoutProtocol = utils.url.urlFor('admin', {cors: true}, true);
+    } else {
+        targetHostWithProtocol = utils.url.urlFor('home', true);
+        targetHostWithoutProtocol = utils.url.urlFor('home', {cors: true}, true);
+    }
+
+    debug('requestedUrl', requestedUrl);
+    debug('requestedHost', requestedHost);
+    debug('targetHost', targetHostWithoutProtocol);
+
+    // CASE: custom admin url is configured, but user requests blog domain
+    // CASE: exception: localhost is always allowed
+    if (!targetHostWithoutProtocol.match(new RegExp(requestedHost))) {
+        debug('redirect because host does not match');
+
+        return res.redirect(301, redirectUrl({
+            redirectTo: targetHostWithProtocol,
+            path: requestedUrl,
+            query: req.query
+        }));
+    }
+
+    // CASE: correct admin url, but not the correct protocol
+    if (utils.url.isSSL(targetHostWithProtocol) && !req.secure) {
+        debug('redirect because protocol does not match');
+
+        return res.redirect(301, redirectUrl({
+            redirectTo: targetHostWithProtocol,
+            path: requestedUrl,
+            query: req.query
+        }));
+    }
+
+    next();
+};
+
+module.exports = urlRedirects;