Commit Graph

29 Commits

Author SHA1 Message Date
Daniel Lockyer
1068070bd2 Renamed passwordreset body object to password_reset
refs https://github.com/TryGhost/Toolbox/issues/308

- I've just renamed the endpoint to `password_reset` but we might as
  well change the body object to make the change in v5 too
2022-04-28 15:33:09 +01:00
Daniel Lockyer
5aa5770791 Renamed /passwordreset authentication API endpoint to /password_reset
refs https://github.com/TryGhost/Toolbox/issues/308

- we have a pattern of splitting words via an underscore in the API, so
  v5 splits apart `passwordreset` to `password_reset`
- I'll follow up whether we want to fixup the `passwordreset` body
  object
2022-04-28 15:33:09 +01:00
Kevin Ansfield
352c4af1d7 Refactored usage of .get('property') with es5 getters
no issue
- ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod)
- [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md)
- updates the majority of `object.get('property')` with `object.property` with exceptions:
  - `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist
  - `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters
- this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion
2019-03-06 13:54:14 +00:00
Fabien O'Carroll
3e5a62309f Use Admin API v2 with session auth (#1046)
refs #9865
- removed all `oauth2` and token-based ESA auth
- added new `cookie` authenticator which handles session creation
- updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state
  - ESA automatically calls this `.restore()` method on app boot
  - the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state
- removed the now-unnecessary token refresh and logout routines from the `application` route
- removed the now-unnecessary token refresh routines from the `ajax` service
- removed `access_token` query param from iframe file downloaders
- changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
2018-10-05 19:46:33 +01:00
Kevin Ansfield
48e3bf003d ESLint: Consistent ember property/method ordering
no issue
- https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-components.md
- https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-controllers.md
- https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/order-in-routes.md
2018-01-12 12:17:56 +00:00
Kevin Ansfield
fda94fedab ESLint: Alias model in controllers
no issue
- https://github.com/ember-cli/eslint-plugin-ember/blob/HEAD/docs/rules/alias-model-in-controller.md
- replace `model` with a meaningful property name everywhere possible
- refactor `design` and `general` settings controllers to use a directly injected settings service rather than passing it in as a "model" to be more explicit
2018-01-12 12:17:56 +00:00
Kevin Ansfield
9adbcd1fd0 Match service/controller import to ember-modules-codemod style for consistency
no issue

Automated tools, code generators, and editor integrations are increasingly standardising on the import style used in `ember-modules-codemod`. Our import style differed a little with regards to service/controller injection imports which meant we were starting to see inconsistent naming.
2017-10-30 09:38:01 +00:00
Aileen Nowak
8f2dc2ff02 Match client-side password validation to new server-side rules (#899)
refs TryGhost/Ghost#9150

- added a new validator for password validations that will take care of the rules client side
- Passwort rules added:
   - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm
   - Disallow passwords that contain the words "password" or "ghost"
   - Disallow passwords that match the user's email address
   - Disallow passwords that match the blog domain or blog title
   - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- When changing the own password, the old password is not affected by the new validations
- Validation are running on
   - setup
   - signup
   - password change in Team - User (only new passwords are validated)
   - passwort reset
2017-10-26 11:02:17 +01:00
Kevin Ansfield
983110d931 Switched from ember-cli-shims to new module imports (#779)
no issue

- add eslint-plugin-ember, configure no-old-shims rule
- run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports
- further cleanup of Ember globals usage
- remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
2017-08-22 14:53:26 +07:00
Kevin Ansfield
ec2a257443 🐛 fix "failed" button flash on password reset (#791)
closes https://github.com/TryGhost/Ghost/issues/8688
- `reset` task wasn't returning a truthy value on success so `gh-task-button` flashed the "retry" state before the transition happened
2017-07-20 19:12:33 +07:00
Kevin Ansfield
cb59388c5b 💄🐷 sort-imports eslint rule (#712)
no issue

- adds `eslint-plugin-sort-imports-es6-autofix` dependency
  - implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single`
  - fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order
- updates all unordered import rules by using `eslint --fix`

With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it.
2017-05-29 20:50:03 +02:00
Kevin Ansfield
74b020e0e3 refactor reset password screen to use ember-concurrency (#502)
refs https://github.com/TryGhost/Ghost/issues/7865
- swap promise based action for an ember-concurrency task
2017-01-25 07:00:58 -06:00
Austin Burdine
bfe542b27d more shimming of controllers (#110)
refs #101, #95
- shim controllers that were missed initially
2016-07-06 20:47:30 +01:00
Kevin Ansfield
d53ef125e0 Update package.json details, rename module to ghost-admin
no issue
- updates `package.json` details to better reflect the separation from the `Ghost` package
- update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
2016-06-03 16:12:54 +01:00
Austin Burdine
3154dfe988 cleanup usage of Ember.inject 2016-01-19 07:03:27 -06:00
Austin Burdine
8ff1a6954c deps: ember-ajax@0.7.1 2016-01-18 09:37:14 -06:00
Kevin Ansfield
b006eda9f0 Fix password reset
closes #6229
- removes `_super` call in the reset route's `setupController` hook to avoid a `model` property being set which was being picked up by the validation engine
- throw the error if we fail in the password reset process from something we aren't expecting
2015-12-15 21:51:36 +00:00
Kevin Ansfield
2f4f6db133 Use es6 across client and add ember-suave to enforce rules
no issue
- add ember-suave dependency
- upgrade grunt-jscs dependency
- add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc
- separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc
- standardize es6 usage across client
2015-11-30 10:41:01 +00:00
Austin Burdine
511d5d9b4c deps: ember-simple-auth@1.0.0
closes #5951
- update to esa 1.0
2015-10-18 13:17:02 -05:00
Kevin Ansfield
c5a8a0c860 Avoid duplicate alerts, clear alerts on successful retry or sign-in
closes #5903, refs #5409
- switch alert/notification component tests from unit to integration where appropriate
- rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour
- add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service
- close duplicate alerts/notifications before showing a new one
- specify a key for all existing alerts
- close failure alerts on successful retries
- clear all currently displayed alerts on successful sign-in
2015-10-12 19:21:30 +01:00
Hannah Wolfe
09bcbb9463 Form field icons load in default 'grey' state
ref #5652

- validations can be in default, success or error state
- adds check for 'hasValidated' if the validations haven't fired yet, the field is in the default state
- hasValidated is an Ember.Array which tracks the state for each field
2015-09-01 13:02:27 +01:00
Kevin Ansfield
6989843b19 Fix auth token refresh failing on app-boot with expired access_token
issue #5751
- moves `makeRequest` override of simple-auth's OAuth authenticator into our own custom authenticator (previously our override was not taking effect until after ember-simple-auth's initial authentication routines, hence why it was working for post-login token refreshes but failing on app-boot)
2015-08-28 16:00:34 +01:00
cobbspur
0987518859 Change reset page errors to match sign-in page
No Issue

- Takes the inline validation messages and displays below form
- Removes unnecessary gh-error-message components from signin and reset pages
 - Returns error messages to sign-in validations
2015-08-26 12:00:37 +01:00
Kevin Ansfield
61e5ebdd2f WIP: review uses of notifications.showErrors
issue #5409

`notifications.showErrors` was historically used to display multiple error notifications whether from validation errors or responses form the API. This usage needs to be reviewed as inline validations should handle the validation side and we should be displaying alerts for actual errors.

Eventually `notifications.showErrors` should be left unused and therefore removed.
2015-07-28 12:27:57 +01:00
Kevin Ansfield
ee89b11a6a Refactor notifications service & components
issue #5409

- change persistent/passive notification status to alert/notification
- replace showSuccess/Info/Warn/Error with showNotification/showAlert
- fix and clean up notification/alert components
2015-07-28 12:26:11 +01:00
Jason Williams
71c358b638 Use Ember.inject instead of needs and initializers
No Issue
- Switches to the newer style of dependency injection.
- Instead of injection Controllers via "needs," use
  Ember.inject.controller().
- Get rid of initializers that were only injecting objects
  into various factories. Converts these objects into Ember.Service
  objects and declaratively inject them where needed via
  Ember.inject.service().  The added benefit to this is that it's no
  longer a mystery where these properties/methods come from and it's
  straightforward to inject them where needed.
2015-05-27 07:41:42 -05:00
Jason Williams
02526cbd6d ES6 module version of ic-ajax instead of global 2015-05-26 22:13:25 -05:00
Matt Enlow
6d80907c99 Ember init, bower deps, es6 modules 2015-03-11 12:37:41 -06:00
Matt Enlow
589a563b30 The great migration (EAK -> ember-cli) 2015-03-11 12:37:41 -06:00