closes#3162
- removes injection of user object in application route's beforeModel
- removes injection/cleanup of user object in signedIn/signedOut actions
- removes loading of user and passing to signedIn action in signup/setup controllers
- adds 'user' property to session object
- updates header nav to reference session.user
- sets model of settings/user route to session.user and forces reload
- on leaving settings/user, rollback any unsaved changes
closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
Closes#2845.
Ref #1351.
- Refactored `PostSettingsMenuController` to appropriately set and display
slug and publish date and their placeholders.
- Removed api spam on title change by putting `slugPlaceholder` generation
inside of an `Ember.run.debounce` call.
- Renamed `gh-blur-text-field` to `gh-blur-input`
- Created `SlugGenerator` class to abstract slug generation.
- Added `timestampVerification` function to `utils/date-formatting`
- `utils/date-formatting` now uses `strict` parsing of dates
- Added more acceptable date formats to accommodate strict parsing
- Moved `isDraft` and `isPublished` computed properties from
`EditorController` to `PostModel`
- Moved `new` route into `editor` resource (`editor.new`)
- Moved the current editor controller, view, and route to `editor.edit`
- Added `editor.index`, which automatically transitions into `editor.new`
- Moved controllers, views, templates, and routes to match new router config. Also changed links to `editor` into `editor.new` and `editor.edit` as appropriate.
Closes#2418, #2714
Ref #2446, #2565
- Added and injected `popover` service to globally control popovers
- Added `gh-popover-button` component
- Added `popover-mixin` for popover and popover-buttons to mixin
- Added body-event-listener mixin for popover service to watch for body
clicks with
- Post settings and post save button both now use `gh-popover`
- Added hacks to `ember-hacks.css` to make popovers work until ghost-ui
consolidates functionality
Closes#2410
- Add signup action that posts to signup endpoint
- Fix nav bar showing on signup page
- Fix image link when a user hasn't set their image yet
- Redirect to the ember/signin page if requesting an ember page
Ref #2413
- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
issue #2418
- create ghost-popover component and template
- use it for the navigation popover
- still needs to handle global click event on the document
to close the popover
no issue
- this ports over screens from old admin to
allow people to begin working on aspects of the screen
- All logged out screens have been imported: Signup, Signin,
Forgotten password, reset password
- Those screens are now ready for behavior to be ported over
- This also updates templates to be more in line with how they were
in the old admin
- Littered through the code are @TODO comments of functionality that is
missing and will need to be resolved before this is production ready
- Also scaffolds out the settings screen and every tab
