Ghost/ghost/admin/app/controllers/reset.js

/* eslint-disable ghost/ember/alias-model-in-controller */
import Controller from '@ember/controller';
import ValidationEngine from 'ghost-admin/mixins/validation-engine';
import {action} from '@ember/object';
import {inject as service} from '@ember/service';
import {task} from 'ember-concurrency';
import {tracked} from '@glimmer/tracking';

export default class ResetController extends Controller.extend(ValidationEngine) {
    @service ghostPaths;
    @service notifications;
    @service session;
    @service ajax;
    @service config;

    @tracked newPassword = '';
    @tracked ne2Password = '';
    @tracked token = '';
    @tracked flowErrors = '';

    validationType = 'reset';

    get email() {
        // The token base64 encodes the email (and some other stuff),
        // each section is divided by a '|'. Email comes second.
        return atob(this.token).split('|')[1];
    }

    // Used to clear sensitive information
    clearData() {
        this.newPassword = '';
        this.ne2Password = '';
        this.token = '';

        document.querySelector('form#reset')?.reset();
    }

    @action
    handleInput(event) {
        this.flowErrors = '';
        this.errors.clear();
        this.hasValidated.addObjects(['newPassword', 'ne2Password']);

        this[event.currentTarget.name] = event.target.value;
    }

    @task({drop: true})
    *resetPasswordTask() {
        const {email, newPassword, ne2Password, token} = this;
        const authUrl = this.ghostPaths.url.api('authentication', 'password_reset');

        this.flowErrors = '';
        this.hasValidated.addObjects(['newPassword', 'ne2Password']);

        try {
            yield this.validate();
            try {
                let resp = yield this.ajax.put(authUrl, {
                    data: {
                        password_reset: [{newPassword, ne2Password, token}]
                    }
                });
                this.notifications.showAlert(resp.password_reset[0].message, {type: 'warn', delayed: true, key: 'password.reset'});
                this.session.authenticate('authenticator:cookie', email, newPassword);
                return true;
            } catch (error) {
                this.notifications.showAPIError(error, {key: 'password.reset'});
            }
        } catch (error) {
            if (this.errors.errorsFor('newPassword').length) {
                this.flowErrors = this.errors.errorsFor('newPassword')[0].message;
            }

            if (this.errors.errorsFor('ne2Password').length) {
                this.flowErrors = this.errors.errorsFor('ne2Password')[0].message;
            }

            if (error && this.errors.length === 0) {
                throw error;
            }
        }
    }
}
ESLint: Alias model in controllers no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md - replace `model` with a meaningful property name everywhere possible - refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit 2018-01-11 01:57:43 +03:00			`/* eslint-disable ghost/ember/alias-model-in-controller */`
Switched from ember-cli-shims to new module imports (#779) no issue - add eslint-plugin-ember, configure no-old-shims rule - run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports - further cleanup of Ember globals usage - remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated 2017-08-22 10:53:26 +03:00			`import Controller from '@ember/controller';`
💄🐷 sort-imports eslint rule (#712) no issue - adds `eslint-plugin-sort-imports-es6-autofix` dependency - implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single` - fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order - updates all unordered import rules by using `eslint --fix` With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it. 2017-05-29 21:50:03 +03:00			`import ValidationEngine from 'ghost-admin/mixins/validation-engine';`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`import {action} from '@ember/object';`
Match service/controller import to ember-modules-codemod style for consistency no issue Automated tools, code generators, and editor integrations are increasingly standardising on the import style used in `ember-modules-codemod`. Our import style differed a little with regards to service/controller injection imports which meant we were starting to see inconsistent naming. 2017-10-30 12:38:01 +03:00			`import {inject as service} from '@ember/service';`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`import {task} from 'ember-concurrency';`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`import {tracked} from '@glimmer/tracking';`
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client 2015-10-28 14:36:45 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`export default class ResetController extends Controller.extend(ValidationEngine) {`
			`@service ghostPaths;`
			`@service notifications;`
			`@service session;`
			`@service ajax;`
			`@service config;`
ESLint: Consistent ember property/method ordering no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-components.md - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-controllers.md - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-routes.md 2018-01-11 20:43:23 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`@tracked newPassword = '';`
			`@tracked ne2Password = '';`
			`@tracked token = '';`
			`@tracked flowErrors = '';`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`validationType = 'reset';`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`get email() {`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`// The token base64 encodes the email (and some other stuff),`
			`// each section is divided by a '\|'. Email comes second.`
Refactored usage of `.get('property')` with es5 getters no issue - ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod) - [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md) - updates the majority of `object.get('property')` with `object.property` with exceptions: - `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist - `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters - this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion 2019-03-06 16:53:54 +03:00			`return atob(this.token).split('\|')[1];`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`}`
ESLint: Consistent ember property/method ordering no issue - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-components.md - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-controllers.md - https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-routes.md 2018-01-11 20:43:23 +03:00
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`// Used to clear sensitive information`
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client 2015-10-28 14:36:45 +03:00			`clearData() {`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`this.newPassword = '';`
			`this.ne2Password = '';`
			`this.token = '';`

			`document.querySelector('form#reset')?.reset();`
			`}`

			`@action`
			`handleInput(event) {`
			`this.flowErrors = '';`
			`this.errors.clear();`
			`this.hasValidated.addObjects(['newPassword', 'ne2Password']);`

			`this[event.currentTarget.name] = event.target.value;`
			`}`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`@task({drop: true})`
			`*resetPasswordTask() {`
			`const {email, newPassword, ne2Password, token} = this;`
			`const authUrl = this.ghostPaths.url.api('authentication', 'password_reset');`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`this.flowErrors = '';`
Refactored usage of `.get('property')` with es5 getters no issue - ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod) - [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md) - updates the majority of `object.get('property')` with `object.property` with exceptions: - `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist - `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters - this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion 2019-03-06 16:53:54 +03:00			`this.hasValidated.addObjects(['newPassword', 'ne2Password']);`
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client 2015-10-28 14:36:45 +03:00
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`try {`
			`yield this.validate();`
			`try {`
Refactored usage of `.get('property')` with es5 getters no issue - ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod) - [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md) - updates the majority of `object.get('property')` with `object.property` with exceptions: - `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist - `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters - this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion 2019-03-06 16:53:54 +03:00			`let resp = yield this.ajax.put(authUrl, {`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`data: {`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`password_reset: [{newPassword, ne2Password, token}]`
ES6 module version of ic-ajax instead of global 2015-05-27 03:41:12 +03:00			`}`
			`});`
Renamed `passwordreset` body object to `password_reset` refs https://github.com/TryGhost/Toolbox/issues/308 - I've just renamed the endpoint to `password_reset` but we might as well change the body object to make the change in v5 too 2022-04-25 18:14:58 +03:00			`this.notifications.showAlert(resp.password_reset[0].message, {type: 'warn', delayed: true, key: 'password.reset'});`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`this.session.authenticate('authenticator:cookie', email, newPassword);`
🐛 fix "failed" button flash on password reset (#791) closes https://github.com/TryGhost/Ghost/issues/8688 - `reset` task wasn't returning a truthy value on success so `gh-task-button` flashed the "retry" state before the transition happened 2017-07-20 15:12:33 +03:00			`return true;`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`} catch (error) {`
Refactored usage of `.get('property')` with es5 getters no issue - ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod) - [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md) - updates the majority of `object.get('property')` with `object.property` with exceptions: - `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist - `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters - this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion 2019-03-06 16:53:54 +03:00			`this.notifications.showAPIError(error, {key: 'password.reset'});`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`}`
			`} catch (error) {`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`if (this.errors.errorsFor('newPassword').length) {`
			`this.flowErrors = this.errors.errorsFor('newPassword')[0].message;`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`}`
Change reset page errors to match sign-in page No Issue - Takes the inline validation messages and displays below form - Removes unnecessary gh-error-message components from signin and reset pages - Returns error messages to sign-in validations 2015-08-25 14:32:29 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`if (this.errors.errorsFor('ne2Password').length) {`
			`this.flowErrors = this.errors.errorsFor('ne2Password')[0].message;`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`}`
Fix password reset closes #6229 - removes `_super` call in the reset route's `setupController` hook to avoid a `model` property being set which was being picked up by the validation engine - throw the error if we fail in the password reset process from something we aren't expecting 2015-12-16 00:51:36 +03:00
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`if (error && this.errors.length === 0) {`
refactor reset password screen to use ember-concurrency (#502) refs https://github.com/TryGhost/Ghost/issues/7865 - swap promise based action for an ember-concurrency task 2017-01-25 16:00:58 +03:00			`throw error;`
			`}`
			`}`
Refactored reset controller to Octane patterns refs https://github.com/TryGhost/Ghost/issues/14101 - migrated to full native class syntax - swapped use of `<GhTextInput>` in favor of native `<input>` and removed use of `{{action}}` in associated template 2022-10-07 21:07:51 +03:00			`}`
			`}`