* Set trust proxy option on Express app.
* Fix replacement of filePath for full screen and embed sketches.
* Use const rather than let because is never reassigned.
* replaced () with {} to fix implicit return error
* added first version of fetching generative-design examples
* ignore local testing files
* formatting
* updated examples-gg-latest
* updated examples-gg-latest.js
- data files not served via rawgit - hallelujah!
- added jquery
* updated p5 version
* refactoring and code cleanup
* added comment
* comment out link to svgFiles - unused
* moved commented code
* fixed conflicts
* linted examples-gg-latest
* changed branch ref to master
* rm spaces
* replaced () with {} to fix implicit return error
* added first version of fetching generative-design examples
* ignore local testing files
* formatting
* updated examples-gg-latest
* updated examples-gg-latest.js
- data files not served via rawgit - hallelujah!
- added jquery
* updated p5 version
* refactoring and code cleanup
* added comment
* comment out link to svgFiles - unused
* moved commented code
* fixed conflicts
* linted examples-gg-latest
* Fixes#497 by adding support for an optional new env variable, S3_BUCKET_URL_BASE
* Add a section to README about optional S3 bucket URL base configuration.
* External libraries are bundled with zip when project is downloaded (#44)
* Fix linting errors
* Add a check for valid URLs before trying to bundle a library into project
* Add is-url lib to package.json
* start to create asset list
* begin refactoring overlay component to remove duplicate code
* refactoring of overlays, asset list styles
* changes to add size to asset list
* fixes to asset list
* handle case in which a user hasn't uploaded any assets
* fix bug in which asset list only grabbed first asset
* remove console.log
* update overlay exit styling to use icon mixin
* /api endpoints only allows requests with application/json Content-Type
Otherwise sends 406 Unacceptable
* Uses CSRF token
The CSRF token is sent as the cookie 'XSRF-TOKEN' on all HTML page
requests. This token is picked up automatically by axios
and sent to the API with all requests as an 'X-XSRF-TOKEN' header.
The middleware runs on all routes and verifies that the token matches
what's stored in the session.
* Re-introduce Email Verification code
Revert "Revert "Email verification""
This reverts commit d154d8bff259350523a0f139e844db96c43d2ee1.
* Uses MJML to generate Reset Password email
* Sends Password Reset and Email Confirmation emails using MJML template
* Sends verified status along with user data
* API endpoint for resending email verification confirmation
* Displays verification status on Account page and allows resending
* Send back error string
* Passes email address through to sign/verify helper
* Uses enum-style object to set verified state
* Sends minimal info when user verifies since it can be done without login
* Provides /verify UI and sends confirmation token to API
* Better name for JWT secret token env var
* Adds mail config variables to Readme
* Encrypts email address in JWT
The JWT sent as the token in the Confirm Password URL
can be unencoded by anyone, although it's signature can only
be verified by us. To ensure that no passwords are leaked,
we encrypt the email address before creating the token.
* Removes unused mail templates
* Resets verified flag when email is changed and sends another email
* Moves email confirmation functions next to each other
* Extracts random token generator to helper
* Moves email confirmation actions into Redux
- updates the AccountForm label with a message to check inbox
- show status when verifying email token
* Uses generated token stored in DB for email confirmation
* Sets email confirmation status to verified if logging in from Github
* Sends email using new method on account creation
* Fixes linting errors
* Removes replyTo config