* Converts import script to use public API endpoints
The endpoints don't exist yet, but this is a good way to see how
the implementation of the data structures differ.
* Exposes public API endpoint to fetch user's sketches
* Implements public API delete endpoint
* Adds helper to create custom ApplicationError classes
* Adds create project endpoint that understand API's data structure
This transforms the nested tree of file data into a mongoose
Project model
* Returns '201 Created' to match API spec
* Removes 'CustomError' variable assignment as it shows up in test output
* transformFiles will return file validation errors
* Tests API project controller
* Tests toModel()
* Creates default files if no root-level .html file is provided
* Do not auto-generate a slug if it is provided
Fixes a bug where the slug was auto-generated using the sketch name,
even if a slug property had been provided.
* Validates uniqueness of slugs for projects created by the public API
* Adds tests for slug uniqueness
* Configures node's Promise implementation for mongoose (fixes warnings)
* Moves createProject tests to match controller location
* Adds support for code to ApplicationErrors
* deleteProject controller tests
* getProjectsForUser controller tests
- implements tests
- update apiKey tests to use new User mocks
* Ensure error objects have consistent property names
`message` is used as a high-level description of the errors
`detail` is optional and has an plain language explanation of the
individual errors
`errors` is an array of each individual problem from `detail` in a
machine-readable format
* Assert environment variables are provided at script start
* Version public API
* Expect "files" property to always be provided
* Fixes linting error
* Converts import script to use public API endpoints
The endpoints don't exist yet, but this is a good way to see how
the implementation of the data structures differ.
* Exposes public API endpoint to fetch user's sketches
* Implements public API delete endpoint
* Adds helper to create custom ApplicationError classes
* Adds create project endpoint that understand API's data structure
This transforms the nested tree of file data into a mongoose
Project model
* Returns '201 Created' to match API spec
* Removes 'CustomError' variable assignment as it shows up in test output
* transformFiles will return file validation errors
* Tests API project controller
* Tests toModel()
* Creates default files if no root-level .html file is provided
* Do not auto-generate a slug if it is provided
Fixes a bug where the slug was auto-generated using the sketch name,
even if a slug property had been provided.
* Validates uniqueness of slugs for projects created by the public API
* Adds tests for slug uniqueness
* Configures node's Promise implementation for mongoose (fixes warnings)
* Moves createProject tests to match controller location
* deleteProject controller tests
* Adds support for code to ApplicationErrors
* getProjectsForUser controller tests
- implements tests
- update apiKey tests to use new User mocks
* Ensure error objects have consistent property names
`message` is used as a high-level description of the errors
`detail` is optional and has an plain language explanation of the
individual errors
`errors` is an array of each individual problem from `detail` in a
machine-readable format
* Assert environment variables are provided at script start
* Version public API
* Expect "files" property to always be provided
* Fixes linting error
* Checks that authenticated user has permission to create under this namespace
Previously, the project was always created under the authenticated user's
namespace, but this not obvious behaviour.
* Set trust proxy option on Express app.
* Fix replacement of filePath for full screen and embed sketches.
* Use const rather than let because is never reassigned.
* /api endpoints only allows requests with application/json Content-Type
Otherwise sends 406 Unacceptable
* Uses CSRF token
The CSRF token is sent as the cookie 'XSRF-TOKEN' on all HTML page
requests. This token is picked up automatically by axios
and sent to the API with all requests as an 'X-XSRF-TOKEN' header.
The middleware runs on all routes and verifies that the token matches
what's stored in the session.
* Re-introduce Email Verification code
Revert "Revert "Email verification""
This reverts commit d154d8bff259350523a0f139e844db96c43d2ee1.
* Uses MJML to generate Reset Password email
* Sends Password Reset and Email Confirmation emails using MJML template
* Sends verified status along with user data
* API endpoint for resending email verification confirmation
* Displays verification status on Account page and allows resending
* Send back error string
* Passes email address through to sign/verify helper
* Uses enum-style object to set verified state
* Sends minimal info when user verifies since it can be done without login
* Provides /verify UI and sends confirmation token to API
* Better name for JWT secret token env var
* Adds mail config variables to Readme
* Encrypts email address in JWT
The JWT sent as the token in the Confirm Password URL
can be unencoded by anyone, although it's signature can only
be verified by us. To ensure that no passwords are leaked,
we encrypt the email address before creating the token.
* Removes unused mail templates
* Resets verified flag when email is changed and sends another email
* Moves email confirmation functions next to each other
* Extracts random token generator to helper
* Moves email confirmation actions into Redux
- updates the AccountForm label with a message to check inbox
- show status when verifying email token
* Uses generated token stored in DB for email confirmation
* Sets email confirmation status to verified if logging in from Github
* Sends email using new method on account creation
* Fixes linting errors
* Removes replyTo config
* update eslint and dependencies, fix linting errors that can be fixed with --fix
* fix lots of linting errors
* update eslintrc, fix some linting errors
* fix all server side linting errors, untested
* fix errors that fixing linting errors had caused
* fix client side eslint errors
* fix client side linting errors
* fix refs lint errors
* fix more linting errors
* update eslint and dependencies, fix linting errors that can be fixed with --fix
* fix lots of linting errors
* update eslintrc, fix some linting errors
* fix all server side linting errors, untested
* fix errors that fixing linting errors had caused
* fix client side eslint errors
* fix client side linting errors
* fix refs lint errors
* fix more linting errors
* fix some accessibility linting errors
* fix a lot of linting errors
* fix a billion more linting errors
* hopefully fix all linting errors, still need to test
* fix bugs that fixing linting had caused
* Making the email separate for future enhancements
* email-verification added
* Github users are verified
* update package
* Bug fixes and improvements
* jade to pug
* Bug fix
* changed route