Ghost/core/client/app/routes/signup.js

import Ember from 'ember';
import DS from 'ember-data';
import {request as ajax} from 'ic-ajax';
import Configuration from 'ember-simple-auth/configuration';
import styleBody from 'ghost/mixins/style-body';

export default Ember.Route.extend(styleBody, {
    classNames: ['ghost-signup'],

    ghostPaths: Ember.inject.service('ghost-paths'),
    notifications: Ember.inject.service(),
    session: Ember.inject.service(),

    beforeModel: function () {
        if (this.get('session.isAuthenticated')) {
            this.get('notifications').showAlert('You need to sign out to register as a new user.', {type: 'warn', delayed: true, key: 'signup.create.already-authenticated'});
            this.transitionTo(Configuration.routeIfAlreadyAuthenticated);
        }
    },

    model: function (params) {
        var self = this,
            tokenText,
            email,
            model = Ember.Object.create(),
            re = /^(?:[A-Za-z0-9_\-]{4})*(?:[A-Za-z0-9_\-]{2}|[A-Za-z0-9_\-]{3})?$/;

        return new Ember.RSVP.Promise(function (resolve) {
            if (!re.test(params.token)) {
                self.get('notifications').showAlert('Invalid token.', {type: 'error', delayed: true, key: 'signup.create.invalid-token'});

                return resolve(self.transitionTo('signin'));
            }

            tokenText = atob(params.token);
            email = tokenText.split('|')[1];

            model.set('email', email);
            model.set('token', params.token);
            model.set('errors', DS.Errors.create());

            return ajax({
                url: self.get('ghostPaths.url').api('authentication', 'invitation'),
                type: 'GET',
                dataType: 'json',
                data: {
                    email: email
                }
            }).then(function (response) {
                if (response && response.invitation && response.invitation[0].valid === false) {
                    self.get('notifications').showAlert('The invitation does not exist or is no longer valid.', {type: 'warn', delayed: true, key: 'signup.create.invalid-invitation'});

                    return resolve(self.transitionTo('signin'));
                }

                resolve(model);
            }).catch(function () {
                resolve(model);
            });
        });
    },

    deactivate: function () {
        this._super();

        // clear the properties that hold the sensitive data from the controller
        this.controllerFor('signup').setProperties({email: '', password: '', token: ''});
    }
});
Ember init, bower deps, es6 modules 2015-02-13 07:22:32 +03:00			`import Ember from 'ember';`
Invited user can sign up successfully issue #5525 - add `DS.Errors` to `signup` model - add check for errors: run `showErrors` method only if errors are defined, like in `signin` controller 2015-07-08 12:56:07 +03:00			`import DS from 'ember-data';`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`import {request as ajax} from 'ic-ajax';`
deps: ember-simple-auth@1.0.0 closes #5951 - update to esa 1.0 2015-10-18 21:17:02 +03:00			`import Configuration from 'ember-simple-auth/configuration';`
Flesh out more of the Ember admin no issue - this ports over screens from old admin to allow people to begin working on aspects of the screen - All logged out screens have been imported: Signup, Signin, Forgotten password, reset password - Those screens are now ready for behavior to be ported over - This also updates templates to be more in line with how they were in the old admin - Littered through the code are @TODO comments of functionality that is missing and will need to be resolved before this is production ready - Also scaffolds out the settings screen and every tab 2014-03-10 07:44:08 +04:00			`import styleBody from 'ghost/mixins/style-body';`

ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`export default Ember.Route.extend(styleBody, {`
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword() 2014-07-03 19:06:07 +04:00			`classNames: ['ghost-signup'],`
Update to simple-auth 0.8 No issue - ember-simple-auth@0.8.0-beta.2. - Switch from SimpleAuth global to ember-cli-simple-auth and ES6 imports. - Refactor controllers to handle changes in 0.8. - Introduces a new initializer to override some configuration items that are set in environment.js but need to be set with information that's only (easily) available at runtime. 2015-05-13 08:27:59 +03:00
Use Ember.inject instead of needs and initializers No Issue - Switches to the newer style of dependency injection. - Instead of injection Controllers via "needs," use Ember.inject.controller(). - Get rid of initializers that were only injecting objects into various factories. Converts these objects into Ember.Service objects and declaratively inject them where needed via Ember.inject.service(). The added benefit to this is that it's no longer a mystery where these properties/methods come from and it's straightforward to inject them where needed. 2015-05-26 05:10:50 +03:00			`ghostPaths: Ember.inject.service('ghost-paths'),`
			`notifications: Ember.inject.service(),`
deps: ember-simple-auth@1.0.0 closes #5951 - update to esa 1.0 2015-10-18 21:17:02 +03:00			`session: Ember.inject.service(),`
Use Ember.inject instead of needs and initializers No Issue - Switches to the newer style of dependency injection. - Instead of injection Controllers via "needs," use Ember.inject.controller(). - Get rid of initializers that were only injecting objects into various factories. Converts these objects into Ember.Service objects and declaratively inject them where needed via Ember.inject.service(). The added benefit to this is that it's no longer a mystery where these properties/methods come from and it's straightforward to inject them where needed. 2015-05-26 05:10:50 +03:00
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword() 2014-07-03 19:06:07 +04:00			`beforeModel: function () {`
deps: ember-simple-auth@1.0.0 closes #5951 - update to esa 1.0 2015-10-18 21:17:02 +03:00			`if (this.get('session.isAuthenticated')) {`
Avoid duplicate alerts, clear alerts on successful retry or sign-in closes #5903, refs #5409 - switch alert/notification component tests from unit to integration where appropriate - rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour - add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service - close duplicate alerts/notifications before showing a new one - specify a key for all existing alerts - close failure alerts on successful retries - clear all currently displayed alerts on successful sign-in 2015-10-07 17:44:23 +03:00			`this.get('notifications').showAlert('You need to sign out to register as a new user.', {type: 'warn', delayed: true, key: 'signup.create.already-authenticated'});`
deps: ember-simple-auth@1.0.0 closes #5951 - update to esa 1.0 2015-10-18 21:17:02 +03:00			`this.transitionTo(Configuration.routeIfAlreadyAuthenticated);`
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword() 2014-07-03 19:06:07 +04:00			`}`
			`},`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00
			`model: function (params) {`
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown. 2014-08-25 06:34:26 +04:00			`var self = this,`
			`tokenText,`
Transition to signin with error message on invalid token not 500 error screen closes #3548 - Add error to hidenav, removes menubar from error screen. - Wrap atob() in a try/catch - Added regex to try and validate if params.token at least looks like base64 2014-08-06 19:08:02 +04:00			`email,`
Fixup validation engine to handle lack of proxying Closes #4766 - Adjust ValidationEngine so it no longer assumes the properties it is validating are proxies via ObjectController. - Fixup controllers, templates, and routes to use models where data needs to be validated. 2015-01-12 06:15:13 +03:00			`model = Ember.Object.create(),`
Fix reset token verification closes #3872 closes #4603 - updated regex to work with url safe tokens 2014-12-08 11:34:40 +03:00			`re = /^(?:[A-Za-z0-9_\-]{4})*(?:[A-Za-z0-9_\-]{2}\|[A-Za-z0-9_\-]{3})?$/;`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00
			`return new Ember.RSVP.Promise(function (resolve) {`
			`if (!re.test(params.token)) {`
Avoid duplicate alerts, clear alerts on successful retry or sign-in closes #5903, refs #5409 - switch alert/notification component tests from unit to integration where appropriate - rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour - add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service - close duplicate alerts/notifications before showing a new one - specify a key for all existing alerts - close failure alerts on successful retries - clear all currently displayed alerts on successful sign-in 2015-10-07 17:44:23 +03:00			`self.get('notifications').showAlert('Invalid token.', {type: 'error', delayed: true, key: 'signup.create.invalid-token'});`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00
			`return resolve(self.transitionTo('signin'));`
Transition to signin with error message on invalid token not 500 error screen closes #3548 - Add error to hidenav, removes menubar from error screen. - Wrap atob() in a try/catch - Added regex to try and validate if params.token at least looks like base64 2014-08-06 19:08:02 +04:00			`}`
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown. 2014-08-25 06:34:26 +04:00
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00			`tokenText = atob(params.token);`
			`email = tokenText.split('\|')[1];`

Fixup validation engine to handle lack of proxying Closes #4766 - Adjust ValidationEngine so it no longer assumes the properties it is validating are proxies via ObjectController. - Fixup controllers, templates, and routes to use models where data needs to be validated. 2015-01-12 06:15:13 +03:00			`model.set('email', email);`
			`model.set('token', params.token);`
Invited user can sign up successfully issue #5525 - add `DS.Errors` to `signup` model - add check for errors: run `showErrors` method only if errors are defined, like in `signin` controller 2015-07-08 12:56:07 +03:00			`model.set('errors', DS.Errors.create());`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`return ajax({`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00			`url: self.get('ghostPaths.url').api('authentication', 'invitation'),`
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown. 2014-08-25 06:34:26 +04:00			`type: 'GET',`
			`dataType: 'json',`
			`data: {`
			`email: email`
			`}`
			`}).then(function (response) {`
			`if (response && response.invitation && response.invitation[0].valid === false) {`
Avoid duplicate alerts, clear alerts on successful retry or sign-in closes #5903, refs #5409 - switch alert/notification component tests from unit to integration where appropriate - rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour - add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service - close duplicate alerts/notifications before showing a new one - specify a key for all existing alerts - close failure alerts on successful retries - clear all currently displayed alerts on successful sign-in 2015-10-07 17:44:23 +03:00			`self.get('notifications').showAlert('The invitation does not exist or is no longer valid.', {type: 'warn', delayed: true, key: 'signup.create.invalid-invitation'});`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00
			`return resolve(self.transitionTo('signin'));`
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown. 2014-08-25 06:34:26 +04:00			`}`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00
			`resolve(model);`
			`}).catch(function () {`
			`resolve(model);`
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown. 2014-08-25 06:34:26 +04:00			`});`
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00			`});`
			`},`
Redirect user if signup invitation isn't valid Closes #3565 - Added server API isInvitation (analog to isSetup), checking if an invitation exists for a given email address. - If the invitation is no longer valid (or didn’t exist in the first place), the user is redirected and an error notification is shown. 2014-08-25 06:34:26 +04:00
Prevent transition to signup on invalid invitation Refs #3876 - Prevent signup page from flashing when an invalid invitation token is used. - Clear sensitive information from signup controller. - Make isInvitation API behavior consistent with other auth related APIs. 2014-09-19 08:50:15 +04:00			`deactivate: function () {`
			`this._super();`

			`// clear the properties that hold the sensitive data from the controller`
Enable JSCS checking on client. Refs #4001 - grunt-jscs@0.8.1 which provides ES6 support. 2014-10-25 01:09:50 +04:00			`this.controllerFor('signup').setProperties({email: '', password: '', token: ''});`
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword() 2014-07-03 19:06:07 +04:00			`}`
Flesh out more of the Ember admin no issue - this ports over screens from old admin to allow people to begin working on aspects of the screen - All logged out screens have been imported: Signup, Signin, Forgotten password, reset password - Those screens are now ready for behavior to be ported over - This also updates templates to be more in line with how they were in the old admin - Littered through the code are @TODO comments of functionality that is missing and will need to be resolved before this is production ready - Also scaffolds out the settings screen and every tab 2014-03-10 07:44:08 +04:00			`});`