ceceb44e78
Add promise support to built-in model RoleMapping
2017-02-01 09:51:43 +01:00
c099d8c731
Merge pull request #3163 from ebarault/feature/promisify-acl
...
Add promise support to built-in model ACL
2017-01-31 14:54:26 +01:00
dcb2f159ec
Merge pull request #3160 from strongloop/fix/token-invalidation-on-save
...
Preserve sessions on User.save() making no changes
2017-01-31 14:38:48 +01:00
a63fad402e
Add promise support to built-in model ACL
2017-01-31 14:09:43 +01:00
3b17a0cf5c
Upgrade eslint config, fix linter errors
2017-01-31 13:44:32 +01:00
c072d0695d
Add missing type to Role properties definition
...
Fix "created" and "modified" to be defined with type "date".
2017-01-30 11:37:33 +01:00
5fd79b14f4
Merge pull request #3146 from strongloop/feature/promisify-role
...
Promise-ify built-in Role model
2017-01-30 11:32:28 +01:00
8f80aecc1f
Preserve sessions on User.save() making no changes
2017-01-30 11:30:05 +01:00
d45c1ae7bb
Fix logout to handle no or missing accessToken
...
Return 401 when the request does not provide any accessToken argument
or the token was not found.
Also simplify the implementation of the `logout` method to make only
a single database call (`deleteById`) instead of `findById` + `delete`.
2017-01-30 08:56:18 +01:00
0fd8f8af72
Promise-ify built-in Role model
2017-01-27 17:16:59 +01:00
dfa1f6035b
Merge pull request #3107 from benkroeger/master
...
Role model: resolve related models by name
2017-01-25 10:48:15 +01:00
efd8237dc6
Fix User methods to use correct Primary Key
...
Do not use hard-coded "id" property name, call `idName()` to get the
name of the PK property.
2017-01-20 16:24:59 +01:00
e63fea83f7
Fix User.resetPassword to call createAccessToken()
...
This allows User subclasses to override the algorithm used for building
one-time access tokens for password recovery.
2017-01-19 16:27:22 +01:00
a6d511d8b4
Role model: resolves related models by name
...
Resolve models related to the `Role` model by name instead of class.
2017-01-16 15:48:24 +01:00
e17cc3d23a
Preserve current session when invalidating tokens
...
Fix User model to preserve the current session (provided via
"options.accessToken") when invalidating access tokens after a change
of email or password property.
2017-01-16 10:08:30 +01:00
70eecfab70
Upgrade eslint-config to 7.x
2017-01-06 12:12:35 +01:00
cddfb9c77d
Allow password reset request for users in realms
2017-01-05 09:47:18 -05:00
298635dad1
Merge pull request #2992 from DA-14/feature/resetPasswordRequest
...
Emit resetPasswordRequest event with options
2017-01-05 15:33:22 +01:00
697614dd45
Applied as reviewed by @flowersinthesand
2016-12-23 14:47:08 +09:00
d9ae32429b
Fix false emailVerified on user model update
...
Yesterday, the loopback we are using in our system was upgraded
via npm, and since the upgrade, we noticed that every time
the user model updates, the emailVerified column would change to false.
I took a look and realized there might be an error in
https://github.com/strongloop/loopback/commit/eb640d8
The intent of the commit just mention is to make emailVerified false
when the email gets changed, but notice that ctx.data.email is null
on updates, so the condition is always met and emailVerified always
becomes false.
This commit fixes the issue just mentioned.
2016-12-23 14:04:44 +09:00
29a17f39d5
Invalidate AccessTokens on password change
...
Invalidate all existing sessions (delete all access tokens)
after user's password was changed.
2016-12-12 13:30:53 +01:00
fa8bca8d6e
Emit resetPasswordRequest event with options
2016-12-09 18:14:32 +02:00
f476613ab1
Fix registration of operation hooks in User model
...
Follow-up for 4edce47
2016-12-09 14:29:30 +01:00
4edce47b24
Fix registration of operation hooks in User model
...
Operation hooks are inherited by subclassed models, therefore they must
be registered outside of `Model.setup()` function.
This commit fixes this problem in the built-in User model.
There are not tests verifying this change, as writing a test would be
too cumbersome and not worth the cost IMO.
2016-12-09 13:16:42 +01:00
63beaa21fe
Merge pull request #3004 from strongloop/fix/email-template-in-transport
...
Remove "options.template" from Email payload
2016-12-07 10:53:04 +01:00
5016703f21
Remove "options.template" from Email payload
...
Fix User.confirm to exclude "options.template" when sending the
confirmation email. Certain nodemailer transport plugins are rejecting
such requests.
2016-12-06 16:18:19 +01:00
acdfb432d0
Upgrade eslint config and grunt-eslint to latest
...
- disable ES6 because PhantomJS does not support it yet
- fix linter errors reported after the upgrade.
2016-12-06 16:05:13 +01:00
b0d6c4a7d2
Add "returnOnlyRoleNames" option to Role.getRoles
...
Currently the return type of Role.getRoles() method is inconsistent:
role names are returned for smart roles and role ids are returned for
static roles (configured through user-role mapping).
This commit adds a new option to Role.getRoles() allowing the caller
to request role names to be returned for all types of roles.
2016-11-30 16:46:59 +01:00
f72a29671f
Remove workaround for default value
2016-11-22 20:58:27 -05:00
06cb481c3f
Update eslint to loopback config v5
...
Notable side-effects:
- loopback no longer exports "caller" and "arguments" properties
- kv-memory connector is now properly added to the connector registry
- the file "test/support.js" was finally removed
2016-11-22 14:08:02 +01:00
3f5e49c3d6
Fix context within listByPrincipalType role method
...
- Fix for current implimentation that returned all models that had any
assigned roles. Context was not carried into listByPrincipalType,
setting roleId as null.
2016-11-15 14:51:05 +01:00
85da50cbc8
Add templateFn option to User#verify()
2016-11-14 16:22:10 +01:00
eb640d8da0
Require verification after email change
...
When the User model is configured to require email verification,
then any change of the email address should trigger re-verification.
2016-11-09 13:06:25 +01:00
8f08398c30
Update doc links
2016-11-04 16:47:12 -04:00
4922f425fc
adding check of string for case insensitive emails
2016-11-01 18:13:56 -04:00
dcc58a9d50
Need index on principalId for performance. ( #2883 )
2016-10-21 16:13:16 -07:00
6808159427
Allow tokens with eternal TTL (value -1)
...
- Add a new User setting 'allowEternalTokens'
- Enhance 'AccessToken.validate' to support eternal tokens with ttl
value -1 when the user model allows it.
2016-10-10 13:27:22 +02:00
5f5e874564
Validate non-email property partial update
2016-10-03 15:45:52 -04:00
640f3a8ca7
Update globalization structure
2016-09-22 11:58:00 +02:00
d544ae1bf8
Support uniqueness for realm users
2016-09-20 11:26:56 -04:00
c3ba632aa3
Merge pull request #2743 from strongloop/docs-for-kv-model
...
Add docs for KeyValue model
2016-09-19 15:29:47 -07:00
bcc2d99a95
Invalidate sessions after email change
2016-09-19 10:24:30 -04:00
845b73d4eb
Add docs for KeyValue model
2016-09-18 19:45:13 -07:00
21ff383eb3
Fix double-slash in confirmation URL
...
Fix the code building the URL used in the email-verification email
to prevent double-slash in the URL when e.g. restApiRoot is '/'.
Before:
http://example.com//users/confirm ?...
Now:
http://example.com/users/confirm ?...
2016-09-13 08:52:49 +02:00
9a75ee6f30
Rework email validation to use isemail
...
Drop hand-crafted RegExp in favour of a 3rd-party module that supports
RFC5321, RFC5322 and other relevant standards.
2016-09-06 14:09:00 +02:00
9db0682b07
Add remoting for KeyValue model TTL feature
2016-08-29 14:46:41 -07:00
0f5136d072
Apply g.f to literal strings
2016-08-27 22:42:21 -07:00
5567917c12
Allow resetPassword if emailVerified
2016-08-26 13:11:42 -04:00
4ff9a4c2ef
streamline use if `self`
2016-08-25 12:51:51 +02:00
01c1656fc2
resolve related models from correct registry
...
Also modify setup of test servers when ACL was used, force the app
to `loadBuiltinModels` with localRegistry.
2016-08-25 12:51:29 +02:00
ebarault
Miroslav Bajtoš
Miroslav Bajtoš
David Hernandez
Ritchie Martori
Aris Kemper
João Ribeiro
Benjamin Kroeger
Bram Borggreve
박대선
Sergey Reus
Loay
codyolsen
Adrien Kiren
Candy
Dhaval Trivedi
Simon Ho
David Cheung
Simon Ho
Setogit