closes https://github.com/TryGhost/Ghost/issues/9868
- moved submit action to the `<form>` which allowed removal of the per-input enter key handlers
- changed submit button to trigger the form submit
- improved markup for password managers
- linked labels with inputs
- changed button to a "submit" type and linked it with the form
- added hidden email input at the bottom of the form in case password managers do not take disabled inputs into account
no issue
- PasswordValidator was only adding a function to the base class but it introduced a confusing inheritance hierarchy that's easier to reason about when it's a mixin instead
- swapped the `this.properties =` and `this._super()` calls in the `init` function of `new-user` so that the default can actually be applied
- previously the BaseValidator `init` method was doing `this.properties = []` which meant the default fallback in extended classes wouldn't work
no issue
- Convert validator to an npm dependency
- clean up validator imports
- fix validator function imports
- remove unused validator extensions
- Convert devicejs to an npm dependency
- Convert remaining used bower deps to npm deps
- 🔥 Remove bower & unused bower dependencies
- remove globals imports in favor of direct module imports where possible
refs TryGhost/Ghost#9150
- added a new validator for password validations that will take care of the rules client side
- Passwort rules added:
- Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm
- Disallow passwords that contain the words "password" or "ghost"
- Disallow passwords that match the user's email address
- Disallow passwords that match the blog domain or blog title
- Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- When changing the own password, the old password is not affected by the new validations
- Validation are running on
- setup
- signup
- password change in Team - User (only new passwords are validated)
- passwort reset
refs TryGhost/Ghost#9150
- Increase the password length in validators for signups, pw resets, and password changes for users to 10 instead of 8
- Update tests
refs https://github.com/TryGhost/Ghost/issues/8958
- Ghost OAuth isn't coming back, time for the code to disappear and simply all the things
- fixes the `Usage of router is deprecated` notices that flood the console/test logs when testing
issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451
- use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server
- add OAuth flows for:
- setup
- sign-in
- sign-up
- re-authenticate
- add custom `oauth-ghost` authenticator to support our custom data structure
- add test helpers to stub successful/failed oauth authentication
- hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later)
no issue
- add ember-suave dependency
- upgrade grunt-jscs dependency
- add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc
- separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc
- standardize es6 usage across client
closes#5528
- adds empty email message to setup validation
- fixes uploads so they actually work
- fixes gravatar to not disappear when an invalid file is selected
closes#5336
- creates gh-form-group component to handle form group status
- refactors current validation methods to work on a per-property basis
- adds gh-error-message component to render error message
- removes (comments out) tests that pertain to the old notifications until the new inline validation is added