Is there any way we can modify the cookie name for "ghost-members-ssr"

Developer help Self-hosting
1

Hi there!

Recently I was working on a project where my client wanted to have a bilingual Ghost website and since he wanted the full website (including the newsletters) translated into German, I have done a Ghost subdirectory setup for the second language as follows.

One of the challenges I had to go through with this setup is if a member logged in on the English website and try to login into the German version, the cookies responsible for holding the member’s email and signature ghost-members-ssr ghost-members-ssr.sig are getting replaced by the new login. Hence the member is automatically getting logged out from the English website.

  1. User login to example.com
    (Logs in successfully)
  2. User login to the example.com/de/
    (Logs in successfully on example.com/de/ but logs out from example.com)

This is obvious as both versions of the website are sharing the same hostname (example.com)

The cookie name is hardcoded in core\server\services\members\service.js and it seems there is no way to generate this dynamically or replaced it in the config file.

Is there any other way to overcome this issue rather than editing the above file (which I will have to do again and again each time I update Ghost) or setting up a custom ghost update service based on a modified Ghost fork?

Any suggestion would be greatly appreciated.

Thank you
Kasun.

2

Are you familiar with creating patch files? You could do something like this:

  1. Before you patch the file, create a .bak of the unmodified version. Let’s say now you have file.js.bak and file.js.
  2. Generate a patch file: diff -u file.js.bak file.js>my-changes.patch. Except, run this command at the root of the project.
  3. Create a small script which wraps ghost update and then applies your patch:
#!/bin/sh
ghost update
patch -p1 <my-changes.patch

Now each time you upgrade Ghost, your patch will be re-applied.

You could try submitting a pull request that moves the name of this cookie into the config system with this value as the default. Just make sure every place the cookie name is referenced, the value is pulled from the config system instead. It strikes me as something that might be accepted, but I can’t speak for the project.

1 Like
3

This seems like a nice solution, and no, I wasn’t aware of this before. Let’s try this and check what comes next.

The only issue I can think of is, if the file get modified heavily in a future version, this might break the live website upon updating.

Anyway, thank you very much for this nice little trick. This will come handy in many situations, I can already think of a few.

Thank you very much for the reply, again!