Ghost/ghost/admin/app/components/modal-re-authenticate.js

import $ from 'jquery';
import ModalComponent from 'ghost-admin/components/modal-base';
import ValidationEngine from 'ghost-admin/mixins/validation-engine';
import {computed} from '@ember/object';
import {htmlSafe} from '@ember/string';
import {inject as injectService} from '@ember/service';
import {isVersionMismatchError} from 'ghost-admin/services/ajax';
import {task} from 'ember-concurrency';

export default ModalComponent.extend(ValidationEngine, {
    validationType: 'signin',

    authenticationError: null,

    config: injectService(),
    notifications: injectService(),
    session: injectService(),

    identification: computed('session.user.email', function () {
        return this.get('session.user.email');
    }),

    _authenticate() {
        let session = this.get('session');
        let authStrategy = 'authenticator:oauth2';
        let identification = this.get('identification');
        let password = this.get('password');

        session.set('skipAuthSuccessHandler', true);

        this.toggleProperty('submitting');

        return session.authenticate(authStrategy, identification, password).finally(() => {
            this.toggleProperty('submitting');
            session.set('skipAuthSuccessHandler', undefined);
        });
    },

    _passwordConfirm() {
        // Manually trigger events for input fields, ensuring legacy compatibility with
        // browsers and password managers that don't send proper events on autofill
        $('#login').find('input').trigger('change');

        this.set('authenticationError', null);

        return this.validate({property: 'signin'}).then(() => {
            return this._authenticate().then(() => {
                this.get('notifications').closeAlerts();
                this.send('closeModal');
                return true;
            }).catch((error) => {
                if (error && error.errors) {
                    error.errors.forEach((err) => {
                        if (isVersionMismatchError(err)) {
                            return this.get('notifications').showAPIError(error);
                        }
                        err.message = htmlSafe(err.context || err.message);
                    });

                    this.get('errors').add('password', 'Incorrect password');
                    this.get('hasValidated').pushObject('password');
                    this.set('authenticationError', error.errors[0].message);
                }
            });
        }, () => {
            this.get('hasValidated').pushObject('password');
            return false;
        });
    },

    reauthenticate: task(function* () {
        return yield this._passwordConfirm();
    }).drop(),

    actions: {
        confirm() {
            this.get('reauthenticate').perform();
        }
    }
});
convert ember imports to ember-cli-shim imports where possible (#95) 2016-06-30 13:21:47 +03:00			`import $ from 'jquery';`
Flatten nested components (#854) no issue - the upcoming Module Unification re-organisation in Ember will no longer support nested components - this PR pre-emptively moves our usage of nested components into a flat file structure 2017-09-11 10:41:17 +03:00			`import ModalComponent from 'ghost-admin/components/modal-base';`
💄🐷 sort-imports eslint rule (#712) no issue - adds `eslint-plugin-sort-imports-es6-autofix` dependency - implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single` - fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order - updates all unordered import rules by using `eslint --fix` With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it. 2017-05-29 21:50:03 +03:00			`import ValidationEngine from 'ghost-admin/mixins/validation-engine';`
Switched from ember-cli-shims to new module imports (#779) no issue - add eslint-plugin-ember, configure no-old-shims rule - run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports - further cleanup of Ember globals usage - remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated 2017-08-22 10:53:26 +03:00			`import {computed} from '@ember/object';`
			`import {htmlSafe} from '@ember/string';`
			`import {inject as injectService} from '@ember/service';`
"400 Version Mismatch" error handling refs https://github.com/TryGhost/Ghost/issues/6949 Handle version mismatch errors by: - displaying an alert asking the user to copy any data and refresh - disabling navigation so that unsaved data is not accidentally lost Detailed changes: - add `error` action to application route for global route-based error handling - remove 404-handler mixin, move logic into app route error handler - update `.catch` in validation-engine so that promises are rejected with the original error objects - add `VersionMismatchError` and `isVersionMismatchError` to ajax service - add `upgrade-status` service - has a method to trigger the alert and toggle the "upgrade required" mode - is injected into all routes by default so that it can be checked before transitioning - add `Route` override - updates the `willTransition` hook to check the `upgrade-status` service and abort the transition if we're in "upgrade required" mode - update notifications `showAPIError` method to handle version mismatch errors - update any areas where we were catching ajax errors manually so that the version mismatch error handling is obeyed - fix redirect tests in editor acceptance test - fix mirage's handling of 404s for unknown posts in get post requests - adjust alert z-index to to appear above modal backgrounds 2016-06-30 17:45:02 +03:00			`import {isVersionMismatchError} from 'ghost-admin/services/ajax';`
switch all modals over to ember-concurrency and gh-task-button 2017-01-19 14:40:31 +03:00			`import {task} from 'ember-concurrency';`
Refactor modals refs #5798, closes #5018 - adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place - adds spin-buttons to all modals with async behaviour - adds/improves behaviour of inline-validation in modals - improves re-authenticate modal to properly handle validation and authentication errors 2015-11-18 13:50:48 +03:00
			`export default ModalComponent.extend(ValidationEngine, {`
			`validationType: 'signin',`

			`authenticationError: null,`

Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`config: injectService(),`
convert ember imports to ember-cli-shim imports where possible (#95) 2016-06-30 13:21:47 +03:00			`notifications: injectService(),`
			`session: injectService(),`
Refactor modals refs #5798, closes #5018 - adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place - adds spin-buttons to all modals with async behaviour - adds/improves behaviour of inline-validation in modals - improves re-authenticate modal to properly handle validation and authentication errors 2015-11-18 13:50:48 +03:00
			`identification: computed('session.user.email', function () {`
			`return this.get('session.user.email');`
			`}),`

			`_authenticate() {`
			`let session = this.get('session');`
			`let authStrategy = 'authenticator:oauth2';`
			`let identification = this.get('identification');`
			`let password = this.get('password');`

			`session.set('skipAuthSuccessHandler', true);`

			`this.toggleProperty('submitting');`

			`return session.authenticate(authStrategy, identification, password).finally(() => {`
			`this.toggleProperty('submitting');`
			`session.set('skipAuthSuccessHandler', undefined);`
			`});`
			`},`

Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`_passwordConfirm() {`
			`// Manually trigger events for input fields, ensuring legacy compatibility with`
			`// browsers and password managers that don't send proper events on autofill`
			`$('#login').find('input').trigger('change');`

			`this.set('authenticationError', null);`

switch all modals over to ember-concurrency and gh-task-button 2017-01-19 14:40:31 +03:00			`return this.validate({property: 'signin'}).then(() => {`
🐛 fix display/message bugs in re-auth modal (#770) closes https://github.com/TryGhost/Ghost/issues/8656 - prevents button stretching from flexbox and adds margin between input and button - use the `context` attribute returned from the server instead of the `message` so the error is now `Your password is incorrect.` instead of `You are not authorised to make this request.` - return truthy/falsy values from the auth tasks so that the save-state button shows the correct state 2017-07-06 13:18:20 +03:00			`return this._authenticate().then(() => {`
Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`this.get('notifications').closeAlerts();`
			`this.send('closeModal');`
🐛 fix display/message bugs in re-auth modal (#770) closes https://github.com/TryGhost/Ghost/issues/8656 - prevents button stretching from flexbox and adds margin between input and button - use the `context` attribute returned from the server instead of the `message` so the error is now `Your password is incorrect.` instead of `You are not authorised to make this request.` - return truthy/falsy values from the auth tasks so that the save-state button shows the correct state 2017-07-06 13:18:20 +03:00			`return true;`
Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`}).catch((error) => {`
			`if (error && error.errors) {`
			`error.errors.forEach((err) => {`
			`if (isVersionMismatchError(err)) {`
			`return this.get('notifications').showAPIError(error);`
			`}`
🐛 fix display/message bugs in re-auth modal (#770) closes https://github.com/TryGhost/Ghost/issues/8656 - prevents button stretching from flexbox and adds margin between input and button - use the `context` attribute returned from the server instead of the `message` so the error is now `Your password is incorrect.` instead of `You are not authorised to make this request.` - return truthy/falsy values from the auth tasks so that the save-state button shows the correct state 2017-07-06 13:18:20 +03:00			`err.message = htmlSafe(err.context \|\| err.message);`
Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`});`

			`this.get('errors').add('password', 'Incorrect password');`
			`this.get('hasValidated').pushObject('password');`
			`this.set('authenticationError', error.errors[0].message);`
			`}`
			`});`
			`}, () => {`
			`this.get('hasValidated').pushObject('password');`
🐛 fix display/message bugs in re-auth modal (#770) closes https://github.com/TryGhost/Ghost/issues/8656 - prevents button stretching from flexbox and adds margin between input and button - use the `context` attribute returned from the server instead of the `message` so the error is now `Your password is incorrect.` instead of `You are not authorised to make this request.` - return truthy/falsy values from the auth tasks so that the save-state button shows the correct state 2017-07-06 13:18:20 +03:00			`return false;`
Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`});`
			`},`
Refactor modals refs #5798, closes #5018 - adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place - adds spin-buttons to all modals with async behaviour - adds/improves behaviour of inline-validation in modals - improves re-authenticate modal to properly handle validation and authentication errors 2015-11-18 13:50:48 +03:00
switch all modals over to ember-concurrency and gh-task-button 2017-01-19 14:40:31 +03:00			`reauthenticate: task(function* () {`
Removed defunct Ghost OAuth code (#848) refs https://github.com/TryGhost/Ghost/issues/8958 - Ghost OAuth isn't coming back, time for the code to disappear and simply all the things - fixes the `Usage of router is deprecated` notices that flood the console/test logs when testing 2017-09-04 22:17:04 +03:00			`return yield this._passwordConfirm();`
switch all modals over to ember-concurrency and gh-task-button 2017-01-19 14:40:31 +03:00			`}).drop(),`

Ghost.org OAuth support (#278) issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451 - use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server - add OAuth flows for: - setup - sign-in - sign-up - re-authenticate - add custom `oauth-ghost` authenticator to support our custom data structure - add test helpers to stub successful/failed oauth authentication - hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later) 2016-09-30 14:43:40 +03:00			`actions: {`
			`confirm() {`
switch all modals over to ember-concurrency and gh-task-button 2017-01-19 14:40:31 +03:00			`this.get('reauthenticate').perform();`
Refactor modals refs #5798, closes #5018 - adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place - adds spin-buttons to all modals with async behaviour - adds/improves behaviour of inline-validation in modals - improves re-authenticate modal to properly handle validation and authentication errors 2015-11-18 13:50:48 +03:00			`}`
			`}`
			`});`