David Cheung
d544ae1bf8
Support uniqueness for realm users
2016-09-20 11:26:56 -04:00
Loay
bcc2d99a95
Invalidate sessions after email change
2016-09-19 10:24:30 -04:00
Miroslav Bajtoš
21ff383eb3
Fix double-slash in confirmation URL
...
Fix the code building the URL used in the email-verification email
to prevent double-slash in the URL when e.g. restApiRoot is '/'.
Before:
http://example.com//users/confirm ?...
Now:
http://example.com/users/confirm ?...
2016-09-13 08:52:49 +02:00
Miroslav Bajtoš
9a75ee6f30
Rework email validation to use isemail
...
Drop hand-crafted RegExp in favour of a 3rd-party module that supports
RFC5321, RFC5322 and other relevant standards.
2016-09-06 14:09:00 +02:00
Setogit
0f5136d072
Apply g.f to literal strings
2016-08-27 22:42:21 -07:00
Loay
5567917c12
Allow resetPassword if emailVerified
2016-08-26 13:11:42 -04:00
Miroslav Bajtoš
eec326dc80
Revert globalization of Swagger descriptions
2016-08-15 11:06:05 +02:00
Loay
7aebf0d132
Add bcrypt validation
2016-08-12 21:34:50 -04:00
Candy
bb9a1b5b24
Update globalization string
2016-08-05 15:49:43 -04:00
Candy
b52a7217a9
Add globalization
2016-08-04 15:08:16 -04:00
Loay
8f7e032a01
Update user.js
2016-07-25 00:55:55 -04:00
Loay
b53a22bfb3
Fix security issue 580
2016-07-22 17:48:57 -04:00
Loay
ec51e833b6
Fix verificationToken bug
2016-06-17 10:21:59 -04:00
David Cheung
817e76e424
Remove unused UserModel properties
...
- credentials
- challenges
- status
- created
- lastUpdated
2016-05-10 14:29:08 -04:00
Rik
341390a74e
Update user.js
...
allow to change all {href} instances in user.verify() mail into generated url instead of just one
2016-05-08 13:10:56 +02:00
Ryan Graham
6964914bab
update copyright statements
2016-05-03 15:50:21 -07:00
Miroslav Bajtoš
f9702b0ace
Use eslint with loopback config
...
Drop jshint and jscs in favour of eslint.
Fix style violations.
While we are at this, reduce the max line length from 150 to 100.
2016-04-06 10:45:30 +02:00
Jue Hou
eb09681f21
promise docs
...
Add promise jsdoc in loopback
2016-04-04 12:35:35 -04:00
Candy
0e637962d5
Use new strong-remoting API
2016-02-05 11:11:38 -05:00
Jue Hou
865789017d
Fix description for User.prototype.hasPassword
2016-01-11 14:28:10 -05:00
Miroslav Bajtoš
6d040a98ae
Merge pull request #1804 from richardpringle/master
...
Add case-sensitive email option for User model
2015-12-08 12:47:58 +01:00
David Cheung
c4917819af
Adding properties description for User Model
...
- Added description for `realm` `created` `lastUpdated` `status`
- End of line for descriptions to be peroid
2015-12-04 14:55:01 -05:00
Richard Pringle
2cca83c4ff
Add case-sensitve email option for User model.
2015-12-03 13:18:49 -05:00
Simo Moujami
403e677155
Fix user.resetPassword to fail on email not found
2015-11-02 12:55:24 +01:00
Samuel Gaus
351b8026a0
Do not include redundant ports in verify links
...
If the protocol and port match we can ignore the port for a more
visually appealing link.
2015-10-12 16:24:30 +02:00
Felipe Oliveira Carvalho
355ff8ee41
Update comment about user ACL to reflect implementation
2015-09-11 21:57:55 -03:00
Farid Nouri Neshat
1cc25923a7
Fix options.to assertion message in user.verify
2015-08-27 00:25:09 +08:00
Miroslav Bajtoš
004baad44c
Merge pull request #1501 from digitalsadhu/master
...
Add missing . to user model property descriptions
2015-08-06 09:40:22 +02:00
Miroslav Bajtoš
aa5c9e3628
Merge pull request #1493 from PradnyaBaviskar/issue418-userModel
...
Promisify User model
2015-08-04 10:32:44 +02:00
Berkeley Martinez
68fd106510
fix exit early when password is non-string
...
closes #1437
2015-07-29 13:14:06 -07:00
Pradnya Baviskar
dc987a59a9
Promisify User model
2015-07-14 13:01:46 +05:30
Richard Walker
83dca3e838
Add missing . to user model property descriptions
2015-07-04 22:30:45 +02:00
Alexandru Savin
f70c209526
Pass the full options object to the email send method in user verification process.
2015-05-06 15:52:07 +02:00
Miroslav Bajtoš
03d9f64c82
Fix remoting metadata for User.login#include
...
Change the type of the "include" argument to "string array".
The type used to be "string" before and thus requests sending multiple
include items were technically incorrect.
2015-04-24 08:58:30 +02:00
Edmond Lau
ef7c1439b6
fixed the missing '.' in various description fields.
2015-04-15 09:47:38 -04:00
Miroslav Bajtoš
b61fae58f6
Merge pull request #1272 from strongloop/feature/after-remote-error-hook
...
Model.afterRemoteError hook
2015-04-07 09:47:51 +02:00
Ritchie Martori
b9170751bc
Add support for app level Model isolation
...
- `loopback.registry` is now a true global registry
- `app.registry` is unique per app object
- `Model.registry` is set when a Model is created using any registry method
- `loopback.localRegistry` and `loopback({localRegistry: true})` when set to `true` this will create a `Registry` per `Application`. It defaults to `false`.
2015-04-03 11:48:45 -07:00
Miroslav Bajtoš
a71c8253e2
Code cleanup, add Model._runWhenAttachedToApp
2015-04-03 10:06:49 +02:00
jakerella
713001913e
Ability to pass in custom verification token generator
...
This commit adds the ability for the developer to use a custom token generator function for the user.verify(...) method. By default, the system will still use the crypto.randomBytes() method if no option is provided.
2015-03-19 16:56:38 -04:00
Raymond Feng
78550a9bc5
Pass options from User.login to createAccessToken
...
It will allow subclass of User to create access token based on additional
properties such as 'scope'.
2015-03-02 14:48:08 -08:00
Miroslav Bajtoš
3c43eccac7
Merge pull request #1120 from PradnyaBaviskar/lb-issue-416
...
Fix "User.confirm" to always call afterRemote hook
Close #1120
2015-02-25 14:26:07 +01:00
Pradnya Baviskar
8766d4a68d
Fix "User.confirm" to always call afterRemote hook
...
Make the "redirect" parameter optional. When the parameter is not
specified, the server responds with an empty response (204). This allows
API clients to call the method without the need to handle redirects
and HTML responses.
Even when the "redirect" parameter is included, the builtin afterRemote
hook still calls next(), so that user-provided afterRemote hooks
are executed too.
2015-02-25 14:20:47 +01:00
Raymond Feng
13e618bff2
Skip hashing password if it's already hashed
...
See https://github.com/strongloop/loopback-datasource-juggler/issues/471
2015-02-24 16:36:51 -08:00
crandmck
a82b33ec5c
Add docs for settings per #1069
2015-02-23 13:13:52 -08:00
Ritchie Martori
4b6dcd6271
Document user settings
2015-02-04 14:09:01 -08:00
Miroslav Bajtoš
a77b3bbac7
Remove usages of deprecated `req.param()`
...
Express has recently deprecated `req.param()` to force developers
to be explicit about the source of the value. To avoid deprecation
warnings, this commit replaces all calls of `req.param()` with a
simplified inline version.
2015-01-21 19:27:53 +01:00
Ron Edgecomb
a028d9d198
Add error code property to known error responses.
...
Enhance the error objects with a `code` property containing
a machine-readable string code describing the error, for example
INVALID_TOKEN or USER_NOT_FOUND.
Also improve 404 error messages to include the model name.
2015-01-21 19:04:47 +01:00
Ritchie Martori
e0e9d6ecff
Merge pull request #943 from BerkeleyTrue/refactor/user-remote-method
...
Use User.remoteMethod instead of loopbacks method
2015-01-13 10:20:43 -08:00
Raymond Feng
f5eac871fd
Merge branch 'master' of https://github.com/greaterweb/loopback into greaterweb-master
2015-01-07 16:35:00 -08:00
Raymond Feng
90fd62ec0a
Merge pull request #941 from strongloop/feature/workaround-issue-251
...
Allow User.hashPassword/validatePassword to be overridden
2015-01-07 14:01:03 -08:00
Raymond Feng
b7db9808b2
Allow User.hashPassword/validatePassword to be overridden
...
See https://github.com/strongloop/loopback/issues/251
2015-01-06 16:03:30 -08:00
Berkeley Martinez
4fc07fe125
Use User.remoteMethod instead of loopbacks method
...
This is needed for loopback-connector-remote authorization.
Addresses https://github.com/strongloop/loopback/issues/622 .
2015-01-06 08:18:57 -08:00
Ron Edgecomb
dc055e5559
Require valid login credentials before verified email check.
...
- strongloop/loopback#931 .
2015-01-05 18:40:59 -05:00
Clark Wang
2f9400fc87
fix User.settings.ttl can't be overridden in sub model
...
Signed-off-by: Clark Wang <clark.wangs@gmail.com>
2014-12-28 16:02:37 +08:00
Raymond Feng
cb2f40bb86
Fix bcrypt issues for browserify
2014-12-08 14:59:21 -08:00
Raymond Feng
1e932e72ed
Allow native bcrypt for performance
...
See https://github.com/strongloop/loopback/issues/892
2014-12-03 09:03:36 -08:00
Miroslav Bajtoš
dc762d2514
common: coding style cleanup
2014-11-04 13:52:49 +01:00
Raymond Feng
842d9b0bcd
Fix the jsdoc for User.login
2014-11-03 14:07:19 -08:00
Miroslav Bajtoš
fec8234c4c
Merge pull request #616 from jpizarrom/master
...
added email custom headers in user verify
2014-10-24 19:51:10 +02:00
Juan Pizarro
4098bec2c6
User: custom email headers in verify
2014-10-24 14:42:49 -03:00
Raymond Feng
46d1430023
Add realm support
2014-10-23 11:10:39 -07:00
Miroslav Bajtoš
20026a9d04
Fix places using undefined variables
...
Also enable jshint option "undefined" in order to catch these kind
of errors in the future.
2014-10-15 16:44:00 +02:00
crandmck
2f4a54d93c
Clean up jsdoc comments
...
Add class properties, expose some methods that should have
been documented, etc.
2014-10-15 09:42:24 +02:00
Miroslav Bajtoš
920d3be6a3
models: move User LDL def into `user.json`
2014-10-14 08:58:17 +02:00
Miroslav Bajtoš
1fe0110849
Dismantle `lib/models`.
...
- Move core models `Model` and `PersistedModel` to `lib/`.
- Move `AccessContext` class to `lib/`, since it is not a model.
- Move all other built-in models to `common/models`.
This is a preparation for extracting model definitions to JSON files.
By splitting the change into multiple commits, git is able to keep track
of file moves (renames).
2014-10-13 12:09:27 +02:00