TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-22 02:11:44 +03:00
Code Issues Projects Releases Wiki Activity
85389a09bf
Ghost/ghost/admin/app/routes/signup.js

82 lines
2.9 KiB
JavaScript
Raw Normal View History

Invited user can sign up successfully issue #5525 - add `DS.Errors` to `signup` model - add check for errors: run `showErrors` method only if errors are defined, like in `signin` controller
2015-07-08 12:56:07 +03:00
import DS from 'ember-data';
Switched from ember-cli-shims to new module imports (#779) no issue - add eslint-plugin-ember, configure no-old-shims rule - run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports - further cleanup of Ember globals usage - remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
2017-08-22 10:53:26 +03:00
import EmberObject from '@ember/object';
💄🐷 sort-imports eslint rule (#712) no issue - adds `eslint-plugin-sort-imports-es6-autofix` dependency - implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single` - fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order - updates all unordered import rules by using `eslint --fix` With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it.
2017-05-29 21:50:03 +03:00
import RSVP from 'rsvp';
Switched from ember-cli-shims to new module imports (#779) no issue - add eslint-plugin-ember, configure no-old-shims rule - run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports - further cleanup of Ember globals usage - remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
2017-08-22 10:53:26 +03:00
import Route from '@ember/routing/route';
🎨 remove usage of ghost's {{asset}} helper in index.html (#574) refs #8140 🎨 remove usage of ghost's {{asset}} helper in built index.html files requires https://github.com/TryGhost/Ghost/pull/8142 - switch to hash-location rather than history-location - remove usage of Ghost's `{{asset}}` helper in index.html - add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production - update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode - change template output path to `core/server/admin/views/` - enable asset fingerprinting - remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files ✨ redirect to setup if server says setup isn't finished refs https://github.com/TryGhost/Ghost/issues/8140 - now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us - extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin` deps: ember-cli-inject-live-reload@1.6.1
2017-03-14 19:04:46 +03:00
import UnauthenticatedRouteMixin from 'ghost-admin/mixins/unauthenticated-route-mixin';
Update package.json details, rename module to `ghost-admin` no issue - updates `package.json` details to better reflect the separation from the `Ghost` package - update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
2016-05-24 15:06:59 +03:00
import styleBody from 'ghost-admin/mixins/style-body';
Match service/controller import to ember-modules-codemod style for consistency no issue Automated tools, code generators, and editor integrations are increasingly standardising on the import style used in `ember-modules-codemod`. Our import style differed a little with regards to service/controller injection imports which meant we were starting to see inconsistent naming.
2017-10-30 12:38:01 +03:00
import {inject as service} from '@ember/service';
Flesh out more of the Ember admin no issue - this ports over screens from old admin to allow people to begin working on aspects of the screen - All logged out screens have been imported: Signup, Signin, Forgotten password, reset password - Those screens are now ready for behavior to be ported over - This also updates templates to be more in line with how they were in the old admin - Littered through the code are @TODO comments of functionality that is missing and will need to be resolved before this is production ready - Also scaffolds out the settings screen and every tab
2014-03-10 07:44:08 +04:00
convert ember imports to ember-cli-shim imports where possible (#95)
2016-06-30 13:21:47 +03:00
const {Promise} = RSVP;
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
const {Errors} = DS;
more ember-simple-auth UnauthenticatedRoute cleanup (#44) no issue - aligns routes that require the user to be logged out with the ember-simple-auth method of doing things
2017-02-10 13:34:37 +03:00
export default Route.extend(styleBody, UnauthenticatedRouteMixin, {
Match service/controller import to ember-modules-codemod style for consistency no issue Automated tools, code generators, and editor integrations are increasingly standardising on the import style used in `ember-modules-codemod`. Our import style differed a little with regards to service/controller injection imports which meant we were starting to see inconsistent naming.
2017-10-30 12:38:01 +03:00
ghostPaths: service(),
notifications: service(),
session: service(),
ajax: service(),
config: service(),
Use Ember.inject instead of needs and initializers No Issue - Switches to the newer style of dependency injection. - Instead of injection Controllers via "needs," use Ember.inject.controller(). - Get rid of initializers that were only injecting objects into various factories. Converts these objects into Ember.Service objects and declaratively inject them where needed via Ember.inject.service(). The added benefit to this is that it's no longer a mystery where these properties/methods come from and it's straightforward to inject them where needed.
2015-05-26 05:10:50 +03:00
ESLint: Consistent ember property/method ordering no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-components.md - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-controllers.md - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-routes.md
2018-01-11 20:43:23 +03:00
classNames: ['ghost-signup'],
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
beforeModel() {
deps: ember-simple-auth@1.0.0 closes #5951 - update to esa 1.0
2015-10-18 21:17:02 +03:00
if (this.get('session.isAuthenticated')) {
Avoid duplicate alerts, clear alerts on successful retry or sign-in closes #5903, refs #5409 - switch alert/notification component tests from unit to integration where appropriate - rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour - add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service - close duplicate alerts/notifications before showing a new one - specify a key for all existing alerts - close failure alerts on successful retries - clear all currently displayed alerts on successful sign-in
2015-10-07 17:44:23 +03:00
this.get('notifications').showAlert('You need to sign out to register as a new user.', {type: 'warn', delayed: true, key: 'signup.create.already-authenticated'});
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword()
2014-07-03 19:06:07 +04:00
}
more ember-simple-auth UnauthenticatedRoute cleanup (#44) no issue - aligns routes that require the user to be logged out with the ember-simple-auth method of doing things
2017-02-10 13:34:37 +03:00
this._super(...arguments);
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword()
2014-07-03 19:06:07 +04:00
},
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
model(params) {
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
let signupDetails = EmberObject.create();
Upgrade eslint dependencies (#855) no issue - bump ember-cli-eslint and eslint-plugin-ember - fix indentation & "unnecessary escape chars" lint errors
2017-09-11 10:56:11 +03:00
let re = /^(?:[A-Za-z0-9_-]{4})*(?:[A-Za-z0-9_-]{2}|[A-Za-z0-9_-]{3})?$/;
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
let email,
tokenText;
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
cleanup usage of Ember.inject
2016-01-19 16:03:27 +03:00
return new Promise((resolve) => {
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
if (!re.test(params.token)) {
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
this.get('notifications').showAlert('Invalid token.', {type: 'error', delayed: true, key: 'signup.create.invalid-token'});
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
return resolve(this.transitionTo('signin'));
Transition to signin with error message on invalid token not 500 error screen closes #3548 - Add error to hidenav, removes menubar from error screen. - Wrap atob() in a try/catch - Added regex to try and validate if params.token at least looks like base64
2014-08-06 19:08:02 +04:00
}
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
tokenText = atob(params.token);
email = tokenText.split('|')[1];
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
signupDetails.set('email', email);
signupDetails.set('token', params.token);
signupDetails.set('errors', Errors.create());
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
deps: ember-ajax@0.7.1
2016-01-18 18:37:14 +03:00
let authUrl = this.get('ghostPaths.url').api('authentication', 'invitation');
return this.get('ajax').request(authUrl, {
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
dataType: 'json',
data: {
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
email
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
}
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
}).then((response) => {
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
if (response && response.invitation && response.invitation[0].valid === false) {
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
this.get('notifications').showAlert('The invitation does not exist or is no longer valid.', {type: 'warn', delayed: true, key: 'signup.create.invalid-invitation'});
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
return resolve(this.transitionTo('signin'));
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
}
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
signupDetails.set('invitedBy', response.invitation[0].invitedBy);
Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later)
2016-09-30 14:43:40 +03:00
Match client-side password validation to new server-side rules (#899) refs TryGhost/Ghost#9150 - added a new validator for password validations that will take care of the rules client side - Passwort rules added: - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm - Disallow passwords that contain the words "password" or "ghost" - Disallow passwords that match the user's email address - Disallow passwords that match the blog domain or blog title - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example. - When changing the own password, the old password is not affected by the new validations - Validation are running on - setup - signup - password change in Team - User (only new passwords are validated) - passwort reset
2017-10-26 13:02:17 +03:00
// set blogTitle, so password validation has access to it
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
signupDetails.set('blogTitle', this.get('config.blogTitle'));
Match client-side password validation to new server-side rules (#899) refs TryGhost/Ghost#9150 - added a new validator for password validations that will take care of the rules client side - Passwort rules added: - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm - Disallow passwords that contain the words "password" or "ghost" - Disallow passwords that match the user's email address - Disallow passwords that match the blog domain or blog title - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example. - When changing the own password, the old password is not affected by the new validations - Validation are running on - setup - signup - password change in Team - User (only new passwords are validated) - passwort reset
2017-10-26 13:02:17 +03:00
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
resolve(signupDetails);
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
}).catch(() => {
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
resolve(signupDetails);
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
});
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
});
},
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown.
2014-08-25 06:34:26 +04:00
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
deactivate() {
this._super(...arguments);
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs.
2014-09-19 08:50:15 +04:00
// clear the properties that hold the sensitive data from the controller
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-11 01:57:43 +03:00
this.controllerFor('signup').get('signupDetails').setProperties({email: '', password: '', token: ''});
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword()
2014-07-03 19:06:07 +04:00
}
Flesh out more of the Ember admin no issue - this ports over screens from old admin to allow people to begin working on aspects of the screen - All logged out screens have been imported: Signup, Signin, Forgotten password, reset password - Those screens are now ready for behavior to be ported over - This also updates templates to be more in line with how they were in the old admin - Littered through the code are @TODO comments of functionality that is missing and will need to be resolved before this is production ready - Also scaffolds out the settings screen and every tab
2014-03-10 07:44:08 +04:00
});
Reference in New Issue Copy Permalink