* Cropping remove, nicer UI
* Fix MIME-type checking, add image upload tests
* Change image config settings to uploads.profile.image to build a more
rational structure for configuring other types of uploads
Idea proposed by @sparshy #1204
Suggestions, rules and tests from Trustroots @simison
Added validations on user server model
Added client side validations
Added relevant tests on user server tests
Added relevant tests on user e2e tests
Fixes#1204
Fixes the client-side tests after the removal of the <base/> tag from
the main layout.
These fixes aren't ideal. At the moment, they will suffice. This comment
(https://github.com/angular-ui/ui-router/issues/212#issuecomment-60803437),
among others in that issue, led me to choose this method as the fix to
avoid having to change any other core code.
Fixes incorrest usage of 400 HTTP responses being returned from the
server, in favor of using 422.
Also, changed a few return codes to 401 where it was more appropriate.
See this article for reasoning behind moving to 422, and why 400 isn't
appropriate for these cases.
For ref:
6be12f8a06
Related:
https://github.com/meanjs/mean/pull/1547https://github.com/meanjs/mean/pull/1510
* Added configuration for owasp. Synchronize client owap configs with the server configs.
Also added a time indicator on failed login attempts to give the user feedback on subsequent failed login attempts.
* switched to handlebar template for passing the server's owasp config down to the client.
reverted some of the other changes (regarding the http request).
* Removed debug code.
* Changed variable name to owaspConfig
* Fixed minor type-o's and set owasp.config() rather than the underlying configs.
* chore(tidy): tidying up minor lint and layout issues
* fix(lint): CSS alphabetize warnings (#1498)
Fixes css lintings warnings of properties not alphabetized.
* fix(authentication) Stops error on signin/signup (#1495)
Uses the passport info object to simplify login and remove the need to
temporarily cache the redirect within the session.
* Moved owasp config into default and reverted other config files.
Modified config to be "shared". This will allow future configurations to be easily passed to the client.
* fixed 403 redirect if not signed in (#1496)
* Update form-article.client.view.html
For New Article, delete function no required
* UI changes for mobile; autofocus
* fixed broken password popover balloon
* add e2e test for autofocus
* Remove test, fix delete social login button
* feat(core): Move template to .github folder
* Deprecated $http success/error promise methods (#1508)
Replaces the $http service calls with promise based methods
of the client-side UsersService for the following:
Users Change Password
Users Manage Social Accounts
Users Password Forgot
Users Password Reset
Users Signup
Users Signin
Modifies tests to reflect changes.
Closes#1479
* rebase
* fix(users) patch OAuth default email issue
- Intentionally omits setting email in constructor to trigger defaults when
creating user. Handles cases where email is not authorized/given by provider.
Related to issue #1250
Replaces the $http service calls with promise based methods
of the client-side UsersService for the following:
Users Change Password
Users Manage Social Accounts
Users Password Forgot
Users Password Reset
Users Signup
Users Signin
Modifies tests to reflect changes.
Closes#1479
The test for authentication use a route /api/users/me. This should probably be upgraded to use
a proper passport mock.
In the meanwhile this should make the returned user object safer - using code from core.
Fixes n/a
* Fix(users): Don't update secure profile fields
Avoid updating secure fields as password, salt ..etc through
user profile update.
Fixes#1420
* Refactor variable name
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* Use validator.js instead of regexp for validations in User Schema.
* Disables "Unexpected console statement no-console" warnings
* Fixes redirection to wrong URL after login with social networks.
* Use ViewModel vm instead of $scope in manage social accounts controller.
* preserving the option to redirect to a specific URL as done in saveOAuthUserProfile() (thanks to @OneOfTheWorld for pointing out)
Adds client-side tests for the Users Edit Profile client controller.
1) should have user context
2) should update the user profile
3) should set vm.error if error
Related #1283
* Fix for users.profile.server.controller.js security (#1338)
Fixes an issue where if req.body._id was not set to the current user it
could potentially log the current user in as another user.
Don't use req.body._id when editing user
Prevents a user from being logged in as another if edit user form _id is
not their own.
Fixes#1338
