closes#3162
- removes injection of user object in application route's beforeModel
- removes injection/cleanup of user object in signedIn/signedOut actions
- removes loading of user and passing to signedIn action in signup/setup controllers
- adds 'user' property to session object
- updates header nav to reference session.user
- sets model of settings/user route to session.user and forces reload
- on leaving settings/user, rollback any unsaved changes
closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
closes#3012
- Inject notification object into router
- Listen to didTransition / observe currentPath to close notifications
- Close notifications on successful save actions
fixes#3031
- Adds an initializer for passing config to the frontend, it's not pretty but it works
- Forwards the apps route and hides the apps menu item if apps:true is not present in config.js
Closes#2988, #2752
Ref #1463, #2984,
# Shortcuts via Keymaster
- Added KeyMaster to bower dependencies. KeyMaster is a minimal keyboard
shortcuts library.
- Added `ShortcutsRouteMixin` for routes that will use shortcuts.
Currently, only routes can have shortcuts. See the extensive comment
at the top of `core/client/mixins/shortcuts-route.js` for a
description of how to implement shortcuts.
## Other Changes
- Injected popover service into ApplicationRoute
- Created `EditorRouteBase` mixin for the `editor.new` and
`editor.edit` routes to mixin.
- `StyleBodyMixin` now calls `this._super()` on `activate` and
`deactivate` to play nicely with other mixins.
## Shortcuts and Stubs implemented
#### Application-Wide
- `'esc':'closePopups'` shortcut **stub** to close popovers,
modals, and notifcations
#### Editor Shortcuts
- `'ctrl+s, command+s': 'save'` note that `command` is the
`meta` key.
- `'ctrl+alt+p': 'publish'`
- `'ctrl+alt+z': 'toggleZenMode'`
Previously, the exports were somewhat random with some files declaring
local variables then immediately exporting them, and others simply
doing the work needed in the export itself.
No issue
-inject popover:service into modal component delete post
controller so popover close can be triggered as part of
the delete action
-remove unnecessary 'needs' from the delete post controller
Closes#2418, #2714
Ref #2446, #2565
- Added and injected `popover` service to globally control popovers
- Added `gh-popover-button` component
- Added `popover-mixin` for popover and popover-buttons to mixin
- Added body-event-listener mixin for popover service to watch for body
clicks with
- Post settings and post save button both now use `gh-popover`
- Added hacks to `ember-hacks.css` to make popovers work until ghost-ui
consolidates functionality
Ref #2699
- Introduce ember data dependency
- Add loadInitializers and refactor most initializers into one combined
- Add Post ember data model
- Refactor generateSlug to use title of post and ghostPaths
- Refactor post controller to not reference model.property everywhere
- Use RESTAdapter for posts, users and tags
- Setup author and tag relations in Post model
- Fix broken API calls by adding CSRF header
- Add initiaizer for csrf value
- Use actual User model for current user initializer
- Add action for setting featured post, test with actual api call
- Fix the sending of UUID's up to the server
- Refactor current-user to use ember-data store
- If a user is preloaded in the application, use pushPayload to put it
in the store
- Do a lookup on the store to get an actual User model for injection
- Fix posts/post controllerName in route/new.js
- Alter signup process to push user into ember data store
No Issue
- Move the ghostPaths from base model to utils
- Add initializer that injects it into every route, model and controller
- Add a adminUrl and apiUrl helper method
Ref #2413
- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
addresses #2422
- creates settings user controller
- creates user model object
- updates user fixture to be compatible with user model
- updates settings/user template
- add validator to Ember Admin
- use validator to validate user model is valid
- add mock response to /users/me/ path
- creates models/base file for all models to inherit from
- add mock response to /ghost/changepw/ path
* Adding **user fixtures** for signin
* Adds an initializer for the **current logged in user**.
The created singleton object is injected into all controllers + routes.
It can be used inside routes + controllers with this.get('user').
For simple development the object is instanciated with a userFixture.
Once a proper login and api mock is in place, the fixture needs to be removed.
* Added **route 'login'** on url '/ghost/ember/signin'
* Added authenticated route with an error hook that redirects to the login route, if status 401 (unauthorized) is returned from REST API.
* All "secure" routes now extend from authenticated route
* Add /ghost/ember to noAuthNeeded routes in middleware
