Commit graph

131 commits

Author SHA1 Message Date
Cassie Tarakajian
e140702784 Create Asset List View and refactor overlay code (#356)
* start to create asset list

* begin refactoring overlay component to remove duplicate code

* refactoring of overlays, asset list styles

* changes to add size to asset list

* fixes to asset list

* handle case in which a user hasn't uploaded any assets

* fix bug in which asset list only grabbed first asset

* remove console.log

* update overlay exit styling to use icon mixin
2017-07-11 17:37:43 +02:00
Cassie Tarakajian
607a27a4a1 remove jsonwebtoken as a dependency 2017-06-26 15:07:51 -04:00
Andrew Nicolaou
6cbc376d6e CSRF/XSS protection (#374)
* /api endpoints only allows requests with application/json Content-Type

Otherwise sends 406 Unacceptable

* Uses CSRF token

The CSRF token is sent as the cookie 'XSRF-TOKEN' on all HTML page
requests. This token is  picked up automatically by axios
and sent to the API with all requests as an 'X-XSRF-TOKEN' header.
The middleware runs on all routes and verifies that the token matches
what's stored in the session.
2017-06-26 13:58:58 -04:00
Andrew Nicolaou
1dc0c22cb7 Email verification (#369)
* Re-introduce Email Verification code

Revert "Revert "Email verification""
This reverts commit d154d8bff259350523a0f139e844db96c43d2ee1.

* Uses MJML to generate Reset Password email

* Sends Password Reset and Email Confirmation emails using MJML template

* Sends verified status along with user data

* API endpoint for resending email verification confirmation

* Displays verification status on Account page and allows resending

* Send back error string

* Passes email address through to sign/verify helper

* Uses enum-style object to set verified state

* Sends minimal info when user verifies since it can be done without login

* Provides /verify UI and sends confirmation token to API

* Better name for JWT secret token env var

* Adds mail config variables to Readme

* Encrypts email address in JWT

The JWT sent as the token in the Confirm Password URL
can be unencoded by anyone, although it's signature can only
be verified by us. To ensure that no passwords are leaked,
we encrypt the email address before creating the token.

* Removes unused mail templates

* Resets verified flag when email is changed and sends another email

* Moves email confirmation functions next to each other

* Extracts random token generator to helper

* Moves email confirmation actions into Redux

- updates the AccountForm label with a message to check inbox
- show status when verifying email token

* Uses generated token stored in DB for email confirmation

* Sets email confirmation status to verified if logging in from Github

* Sends email using new method on account creation

* Fixes linting errors

* Removes replyTo config
2017-06-26 12:48:28 -04:00
Zach Rispoli
3f32ccc89c Remove comments before using loopProtect on scripts (fixes #218) (#364) 2017-06-05 22:46:19 -04:00
Zach Rispoli
c596b74b27 Sketch name is used as <title> (issue #108) (#363)
* Sketch name is used as <title> (#108)

* add newline to end of file
2017-06-05 22:37:41 -04:00
Andrew Nicolaou
a267837fb7 Persists Redux store to/from sessionStorage (#334)
* Persists Redux store when reloading app for login

* Disable confirmation box when leaving page for login

* Removes extra console.warn

* Sets serveSecure: true for new projects if served over HTTPS

* Clears persisted state on IDEView load

Because when a sketch is created on HTTPS and then the user logs in
the page won't be reloaded

* Appends ?source=<protocol> to URL to track return protocol
2017-04-20 14:05:15 -04:00
Cassie Tarakajian
f01a58353b initial commit to cloning files on S3, untested 2017-04-05 23:23:37 -04:00
Andrew Nicolaou
a1121e2e6b Enable CORS for all origins and requests on API (#324)
* Enable CORS for all origins and requests on API

* Whitelist CORS origins: *.p5js.org in production and also localhost in development
2017-03-23 14:53:16 -04:00
Cassie Tarakajian
abbeb7fc60 fi linting to include .jsx files 2017-03-02 15:18:58 -05:00
Cassie Tarakajian
e87390adb9 update eslint to latest version, fix lots of linting errors (#308)
* update eslint and dependencies, fix linting errors that can be fixed with --fix

* fix lots of linting errors

* update eslintrc, fix some linting errors

* fix all server side linting errors, untested

* fix errors that fixing linting errors had caused

* fix client side eslint errors

* fix client side linting errors

* fix refs lint errors

* fix more linting errors

* update eslint and dependencies, fix linting errors that can be fixed with --fix

* fix lots of linting errors

* update eslintrc, fix some linting errors

* fix all server side linting errors, untested

* fix errors that fixing linting errors had caused

* fix client side eslint errors

* fix client side linting errors

* fix refs lint errors

* fix more linting errors

* fix some accessibility linting errors

* fix a lot of linting errors

* fix a billion more linting errors

* hopefully fix all linting errors, still need to test

* fix bugs that fixing linting had caused
2017-02-22 14:29:35 -05:00
Cassie Tarakajian
36a715fc3a fix #287 2017-02-01 22:00:19 -05:00
Cassie Tarakajian
311e8442a1 Revert "Email verification" (#265) 2017-01-13 10:35:39 -05:00
Akarshit Wal
2d781e22fb Email verification (#230)
* Making the email separate for future enhancements

* email-verification added

* Github users are verified

* update package

* Bug fixes and improvements

* jade to pug

* Bug fix

* changed route
2017-01-13 10:24:09 -05:00
Cassie Tarakajian
1d6e59ada3 add lint-fix task, fix linting errors in fetching examples code 2017-01-11 15:17:10 -05:00
Cassie Tarakajian
fba1d06685 update webpack to latest version 2016-12-07 14:47:12 -05:00
Yining Shi
29de5fce55 Fetch examples from p5 website repo (#203)
* changed open to examples, created basic fetch-examples.js

* use dotenv babel-register polyfill

* save examples in order

* added assets

* use rawgit.com

* async process.exit

* sound:Convolution Reverb
2016-12-01 18:57:50 -05:00
Cassie Tarakajian
b4fabd4aaa optimization for webpack vendor files 2016-11-30 13:37:07 -05:00
Mathura MG
bd88e86ecc Move the interceptor code to a git module (#200)
* add p5 interceptor submodule

* update package

* remoce interceptor

* update interceptor;

* merge scripts

* change postinstall script
2016-11-23 13:35:12 -05:00
Jen Kagan
449e103fc6 Generate a two-word project name (#184)
* add name generator lib

* update reducers

* make initialState a function

* update initialState function
2016-11-16 16:29:17 -05:00
Cassie Tarakajian
04922522cc cool to share some of this code between client and server
Squashed commit of the following:

commit fb5e82cea930b011792983c7d1cc9f6ecacc7dd4
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Wed Nov 16 12:28:10 2016 -0500

    add server side rendering, untested

commit 5c60fb30c46ea49a8d9a0ecb56f39ec778464a8b
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Tue Nov 15 18:26:06 2016 -0500

    add redux-form bandage post react update, should probably update to redux-form 6 at some point

commit 057b5871e7137179abc93f7821a9690f0ea52c92
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Tue Nov 15 16:30:09 2016 -0500

    remove passing jsFiles and cssFiles to PreviewFrame, fix rendering bug

commit 88c56fd36d3a8d88902c79642171988ce37825f2
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Tue Nov 15 16:21:59 2016 -0500

    code cleanup, untested

commit 82e5dcf8bca461892f1daf06d38f1eaebe72983f
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Tue Nov 15 15:53:50 2016 -0500

    update react and react router, fix a few bugs in rendering code, add ability to parse inline js and css

commit e02f4b67803ea45328eff4e53659222f3149964c
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Tue Nov 15 14:43:38 2016 -0500

    add almost full code to create preview html correctly, untested

commit 12f61b2a1aed4607fab24d01572b647ca6210262
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Wed Nov 2 17:09:26 2016 -0400

    refactor some of the preview html generation code

commit 111825846703d5c8959cb18795a3aadb7ebe505c
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Wed Nov 2 11:06:36 2016 -0400

    add comments as plan of action

commit 1cc2cf5203674732b4057382f1937de38b687078
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Thu Oct 27 19:34:55 2016 -0400

    add href parsing

commit e67189298cda9b70645f454ecd541a363980f0e4
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Thu Oct 27 10:48:36 2016 -0400

    continue parsing html

commit 1458fb940a15a3dc5d74890211a3073e920b84b8
Author: Cassie Tarakajian <ctarakajian@gmail.com>
Date:   Wed Oct 26 17:40:31 2016 -0400

    start to add html parsing
2016-11-16 13:12:36 -05:00
Cassie Tarakajian
f40ecebfba #142 add webpack configuration to decrease loading speed 2016-11-08 18:11:12 -05:00
Cassie Tarakajian
64b4fd41d1 #174 increase loopprotect time to 500ms 2016-11-02 15:00:26 -04:00
Cassie Tarakajian
85b8f5b589 fixes #96, downloads now work on safari and firefox 2016-11-02 14:08:53 -04:00
Cassie Tarakajian
8c270c2ced generate blob urls for text and json files 2016-10-22 16:42:43 -04:00
Cassie Tarakajian
280d3e69ea fix keyboard shortcuts on safari 2016-10-19 18:35:59 -04:00
Cassie Tarakajian
32d45ea332 remove all blobutil stuff 2016-10-19 15:33:14 -04:00
Cassie Tarakajian
0ccfeb6b9c fix debounce on safari 2016-10-19 13:29:02 -04:00
Cassie Tarakajian
d055aa5af8 more password reset things 2016-10-19 12:36:58 -04:00
Cassie Tarakajian
1610b0168d start to add mailgun and nodemailer 2016-10-19 12:36:57 -04:00
Cassie Tarakajian
0b76151c67 add progress to production webpack 2016-10-18 12:33:39 -04:00
Yining Shi
43052cb675 detect infinite loop
detect infinite loop

detect infinite loop
2016-09-17 00:11:33 -04:00
catarak
506c959f8c map shift+tab to beautifier, only for js 2016-09-07 12:16:26 -04:00
catarak
1d86d766d9 add login error for invalid username or password 2016-09-02 17:31:07 -04:00
catarak
93d6d8777f add resizers 2016-08-11 15:41:13 -04:00
catarak
8faabe3f56 remove es6 promise polyfill since it's already included in babel polyfill 2016-07-22 17:24:19 -04:00
catarak
99106e2bb8 change dev/production babel configuration 2016-07-22 13:14:26 -04:00
catarak
4c5fafe251 add promise polyfill 2016-07-22 12:42:38 -04:00
catarak
979fcf2152 add support for audio files 2016-07-21 14:18:38 -04:00
catarak
2affe457d2 when exporting to zip, also add images 2016-07-20 15:33:37 -04:00
catarak
0491c00bb5 add function to create all blob urls 2016-07-19 18:27:27 -04:00
catarak
c677c37597 get dropzone to render 2016-07-19 18:27:27 -04:00
catarak
78ed7b4b5f add download as zip 2016-07-15 13:11:50 -04:00
catarak
d9a11cea4c add debounce to editor input 2016-07-13 21:50:59 -04:00
catarak
c29f5aee68 add syntax highlighting for different file types, and linting for html and css 2016-07-13 19:52:50 -04:00
catarak
bc69995fb1 super ugly, but added jslinting 2016-07-12 17:38:24 -04:00
catarak
016325be9b add srcdoc polyfill 2016-07-11 15:50:08 -04:00
catarak
7a164d9cdd multiple files rendering 2016-07-11 15:22:29 -04:00
catarak
7a84137e9b start to add selected file stuff 2016-07-08 14:57:22 -04:00
catarak
6563d9d90b add sketch list, with links 2016-07-05 16:04:14 -04:00
catarak
821e6d418f add main to package.json 2016-06-28 17:26:53 -04:00
catarak
4f82a8fd31 add production build 2016-06-28 14:41:15 -04:00
catarak
248744b186 start to add production webpack 2016-06-27 18:46:08 -04:00
catarak
3d42da18a8 fix a ton of eslint errors 2016-06-23 18:29:55 -04:00
catarak
77cc7b2a8c start to add eslint, add repository to package.json 2016-06-22 19:59:12 -04:00
catarak
3aa3a4d03f add nodemon, remove .env from being tracked 2016-06-22 18:48:45 -04:00
catarak
3c39574041 add redux dev tools 2016-06-22 18:36:04 -04:00
catarak
1045cddaeb figure out how redux-thunk works 2016-06-20 18:00:40 -04:00
catarak
a79391c96c add signup for styling 2016-06-20 17:50:16 -04:00
catarak
c4cdc92c4b remove unused dependencies 2016-06-20 17:47:47 -04:00
catarak
341158579f add dotenv, start to add signup 2016-06-20 17:47:46 -04:00
catarak
86c124d84b add react router 2016-06-20 17:47:46 -04:00
catarak
75b33a18c2 add signup, not functional authentication yet though 2016-06-20 17:47:17 -04:00
catarak
c496f20699 add dotenv, start to add signup 2016-06-20 17:47:17 -04:00
catarak
1136ac3f16 add a lot of server side libraries, preemptively, still hooking everything up 2016-06-20 17:47:16 -04:00
catarak
4c8684877e add framework for sessions 2016-06-20 17:47:16 -04:00
catarak
d8bdc9a232 add session and cookie and passport config for server 2016-06-20 17:47:16 -04:00
catarak
fdd946b961 add sign up server side, still working on client side 2016-06-20 17:47:16 -04:00
catarak
1f75b4d390 add dotenv, start to add signup 2016-06-20 17:46:42 -04:00
catarak
47491f63ba add a lot of server side libraries, preemptively, still hooking everything up 2016-06-20 17:44:36 -04:00
catarak
65c02922c7 add session and cookie and passport config for server 2016-06-20 17:44:36 -04:00
catarak
8b04d04bb3 make start and stop buttons work 2016-05-12 17:40:49 -04:00
catarak
62c4e2244b add play and stop button styling 2016-05-12 17:22:54 -04:00
catarak
60364f6213 start to add toolbar 2016-05-11 13:57:45 -04:00
catarak
5f00c4a5ef add codemirror to package.json 2016-05-11 13:21:20 -04:00
catarak
0ed3a9e416 add express to package.json 2016-05-11 10:46:53 -04:00
catarak
d833ff9f19 update README and add npm start script 2016-05-11 00:02:12 -04:00
catarak
bd3a554121 set up styles with scss + webpack 2016-05-10 14:18:36 -04:00
catarak
d5d6f8d7e7 add full redux/react flow to editor 2016-05-05 17:48:26 -04:00
catarak
2f2c1d1e8b render editor 2016-05-03 16:13:04 -04:00
catarak
5e2a57d9eb initial commit 2016-05-03 00:09:16 -04:00