From 4f3256211e82e56cbd3d3538158f9b737c96827c Mon Sep 17 00:00:00 2001
From: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
Date: Sun, 17 Jan 2021 16:35:50 +0100
Subject: [PATCH 01/48] added localized pages; added refactored page templates;
adapted test cases; introduced localization test cases
---
public/choose_password.html | 60 +
public/de-AT/invalid_link.html | 18 +
public/de/invalid_link.html | 18 +
public/invalid_link.html | 18 +
public/invalid_verification_link.html | 22 +
public/link_send_fail.html | 19 +
public/link_send_success.html | 19 +
public/password_reset_success.html | 19 +
public/verify_email_success.html | 18 +
public_html/invalid_link.html | 45 -
public_html/invalid_verification_link.html | 68 --
public_html/link_send_fail.html | 45 -
public_html/link_send_success.html | 45 -
public_html/password_reset_success.html | 27 -
public_html/verify_email_success.html | 27 -
spec/EmailVerificationToken.spec.js | 45 +-
spec/PasswordPolicy.spec.js | 85 +-
spec/PublicAPI.spec.js | 4 +-
spec/RegexVulnerabilities.spec.js | 11 +-
spec/ValidationAndPasswordsReset.spec.js | 231 +++-
src/Options/Definitions.js | 1197 ++++++++++----------
src/Options/docs.js | 2 +
src/Options/index.js | 3 +
src/Routers/PublicAPIRouter.js | 301 +++--
src/Utils.js | 87 ++
25 files changed, 1321 insertions(+), 1113 deletions(-)
create mode 100644 public/choose_password.html
create mode 100644 public/de-AT/invalid_link.html
create mode 100644 public/de/invalid_link.html
create mode 100644 public/invalid_link.html
create mode 100644 public/invalid_verification_link.html
create mode 100644 public/link_send_fail.html
create mode 100644 public/link_send_success.html
create mode 100644 public/password_reset_success.html
create mode 100644 public/verify_email_success.html
delete mode 100644 public_html/invalid_link.html
delete mode 100644 public_html/invalid_verification_link.html
delete mode 100644 public_html/link_send_fail.html
delete mode 100644 public_html/link_send_success.html
delete mode 100644 public_html/password_reset_success.html
delete mode 100644 public_html/verify_email_success.html
create mode 100644 src/Utils.js
diff --git a/public/choose_password.html b/public/choose_password.html
new file mode 100644
index 0000000000..f5fd731490
--- /dev/null
+++ b/public/choose_password.html
@@ -0,0 +1,60 @@
+
+
+
+
+Password Reset
+
+
+
+ Reset Your Password
+
+ You can set a new Password for your {{appName}} account: {{username}}
+
+ {{error}}
+
+
+
+
diff --git a/public/de-AT/invalid_link.html b/public/de-AT/invalid_link.html
new file mode 100644
index 0000000000..2d9ac315a1
--- /dev/null
+++ b/public/de-AT/invalid_link.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+ Invalid Link
+
+
+
+ Invalid Link
+
+
+
diff --git a/public/de/invalid_link.html b/public/de/invalid_link.html
new file mode 100644
index 0000000000..2d9ac315a1
--- /dev/null
+++ b/public/de/invalid_link.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+ Invalid Link
+
+
+
+ Invalid Link
+
+
+
diff --git a/public/invalid_link.html b/public/invalid_link.html
new file mode 100644
index 0000000000..2d9ac315a1
--- /dev/null
+++ b/public/invalid_link.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+ Invalid Link
+
+
+
+ Invalid Link
+
+
+
diff --git a/public/invalid_verification_link.html b/public/invalid_verification_link.html
new file mode 100644
index 0000000000..45b3e9e1ba
--- /dev/null
+++ b/public/invalid_verification_link.html
@@ -0,0 +1,22 @@
+
+
+
+
+
+ Email Verification
+
+
+
+ Invalid verification link!
+
+
+
+
diff --git a/public/link_send_fail.html b/public/link_send_fail.html
new file mode 100644
index 0000000000..a51e55242b
--- /dev/null
+++ b/public/link_send_fail.html
@@ -0,0 +1,19 @@
+
+
+
+
+
+ Email Verification
+
+
+
+ Invalid link!
+ No link sent. User not found or email already verified.
+
+
+
diff --git a/public/link_send_success.html b/public/link_send_success.html
new file mode 100644
index 0000000000..8b48da2e06
--- /dev/null
+++ b/public/link_send_success.html
@@ -0,0 +1,19 @@
+
+
+
+
+
+ Email Verification
+
+
+
+ Link sent!
+ A new link has been sent. Check your email.
+
+
+
diff --git a/public/password_reset_success.html b/public/password_reset_success.html
new file mode 100644
index 0000000000..937dffe8c9
--- /dev/null
+++ b/public/password_reset_success.html
@@ -0,0 +1,19 @@
+
+
+
+
+
+ Password Reset
+
+
+
+ Success!
+ Your password has been updated.
+
+
+
diff --git a/public/verify_email_success.html b/public/verify_email_success.html
new file mode 100644
index 0000000000..8cb4d3b902
--- /dev/null
+++ b/public/verify_email_success.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+ Email Verification
+
+
+
+ Email verified!
+ Successfully verified your email for account: {{username}}.
+
+
+
diff --git a/public_html/invalid_link.html b/public_html/invalid_link.html
deleted file mode 100644
index b19044e52f..0000000000
--- a/public_html/invalid_link.html
+++ /dev/null
@@ -1,45 +0,0 @@
-
-
-
-
- Invalid Link
-
-
-
-
-
-
Invalid Link
-
-
-
diff --git a/public_html/invalid_verification_link.html b/public_html/invalid_verification_link.html
deleted file mode 100644
index fe6914fc82..0000000000
--- a/public_html/invalid_verification_link.html
+++ /dev/null
@@ -1,68 +0,0 @@
-
-
-
-
- Invalid Link
-
-
-
-
-
-
-
Invalid Verification Link
-
-
-
-
diff --git a/public_html/link_send_fail.html b/public_html/link_send_fail.html
deleted file mode 100644
index 7f817a2cc4..0000000000
--- a/public_html/link_send_fail.html
+++ /dev/null
@@ -1,45 +0,0 @@
-
-
-
-
- Invalid Link
-
-
-
-
-
-
No link sent. User not found or email already verified
-
-
-
diff --git a/public_html/link_send_success.html b/public_html/link_send_success.html
deleted file mode 100644
index 55d9cad6f6..0000000000
--- a/public_html/link_send_success.html
+++ /dev/null
@@ -1,45 +0,0 @@
-
-
-
-
- Invalid Link
-
-
-
-
-
-
Link Sent! Check your email.
-
-
-
diff --git a/public_html/password_reset_success.html b/public_html/password_reset_success.html
deleted file mode 100644
index 774cbb350c..0000000000
--- a/public_html/password_reset_success.html
+++ /dev/null
@@ -1,27 +0,0 @@
-
-
-
-
- Password Reset
-
-
- Successfully updated your password!
-
-
diff --git a/public_html/verify_email_success.html b/public_html/verify_email_success.html
deleted file mode 100644
index 774ea38a0d..0000000000
--- a/public_html/verify_email_success.html
+++ /dev/null
@@ -1,27 +0,0 @@
-
-
-
-
- Email Verification
-
-
- Successfully verified your email!
-
-
diff --git a/spec/EmailVerificationToken.spec.js b/spec/EmailVerificationToken.spec.js
index 50b626de0d..f2cb752df6 100644
--- a/spec/EmailVerificationToken.spec.js
+++ b/spec/EmailVerificationToken.spec.js
@@ -36,10 +36,9 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=testEmailVerifyTokenValidity&appId=test'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('testEmailVerifyTokenValidity');
+ expect(response.text).toContain('/apps/test/resend_verification_email');
done();
});
}, 1000);
@@ -82,7 +81,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
user
.fetch()
.then(() => {
@@ -130,10 +129,9 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=testEmailVerifyTokenValidity'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Email verified');
+ expect(response.text).toContain('testEmailVerifyTokenValidity');
done();
});
})
@@ -171,7 +169,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
user
.fetch()
.then(() => {
@@ -218,7 +216,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
Parse.User.logIn('testEmailVerifyTokenValidity', 'expiringToken')
.then(user => {
expect(typeof user).toBe('object');
@@ -310,7 +308,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
const config = Config.get('test');
return config.database
.find('_User', {
@@ -369,7 +367,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
return user.fetch();
});
})
@@ -384,10 +382,9 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=testEmailVerifyTokenValidity'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Email verified');
+ expect(response.text).toContain('testEmailVerifyTokenValidity');
done();
});
})
@@ -437,10 +434,10 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=testEmailVerifyTokenValidity&appId=test'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Invalid verification link');
+ expect(response.text).toContain('testEmailVerifyTokenValidity');
+ expect(response.text).toContain('/apps/test/resend_verification_email');
done();
});
})
@@ -738,7 +735,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
});
})
.then(() => {
@@ -976,7 +973,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
Parse.User.logIn('testEmailVerifyTokenValidity', 'expiringToken')
.then(user => {
expect(typeof user).toBe('object');
@@ -995,7 +992,7 @@ describe('Email Verification Token Expiration: ', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(200);
done();
});
})
diff --git a/spec/PasswordPolicy.spec.js b/spec/PasswordPolicy.spec.js
index 6d00ddfa28..e31699426c 100644
--- a/spec/PasswordPolicy.spec.js
+++ b/spec/PasswordPolicy.spec.js
@@ -46,10 +46,8 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_link.html'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Invalid Link');
done();
})
.catch(error => {
@@ -106,8 +104,9 @@ describe('Password Policy: ', () => {
followRedirects: false,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=testResetTokenValidity/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
expect(response.text.match(re)).not.toBe(null);
done();
})
@@ -621,8 +620,9 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -643,10 +643,8 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Your password has been updated');
Parse.User.logIn('user1', 'has2init')
.then(function () {
@@ -713,8 +711,9 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -735,10 +734,8 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- `Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20should%20contain%20at%20least%20one%20digit.&app=passwordPolicy`
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Password should contain at least one digit');
Parse.User.logIn('user1', 'has 1 digit')
.then(function () {
@@ -899,8 +896,9 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -921,10 +919,8 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- `Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20cannot%20contain%20your%20username.&app=passwordPolicy`
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Password cannot contain your username');
Parse.User.logIn('user1', 'r@nd0m')
.then(function () {
@@ -990,8 +986,9 @@ describe('Password Policy: ', () => {
simple: false,
resolveWithFullResponse: true,
});
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -1050,8 +1047,9 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -1072,10 +1070,8 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Your password has been updated');
Parse.User.logIn('user1', 'uuser11')
.then(function () {
@@ -1316,8 +1312,9 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -1338,10 +1335,8 @@ describe('Password Policy: ', () => {
resolveWithFullResponse: true,
})
.then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Your password has been updated');
Parse.User.logIn('user1', 'uuser11')
.then(function () {
@@ -1471,8 +1466,9 @@ describe('Password Policy: ', () => {
followRedirects: false,
})
.then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -1498,10 +1494,11 @@ describe('Password Policy: ', () => {
.then(data => {
const response = data[0];
const token = data[1];
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- `Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=New%20password%20should%20not%20be%20the%20same%20as%20last%201%20passwords.&app=passwordPolicy`
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain(token);
+ expect(response.text).toContain(user.getUsername());
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ expect(response.text).toContain('New password should not be the same as last 1 passwords');
done();
return Promise.resolve();
})
diff --git a/spec/PublicAPI.spec.js b/spec/PublicAPI.spec.js
index 545662914f..9add351cb3 100644
--- a/spec/PublicAPI.spec.js
+++ b/spec/PublicAPI.spec.js
@@ -88,7 +88,7 @@ describe('public API', () => {
appName: 'unused',
publicServerURL: 'http://localhost:8378/1',
}).then(() => {
- request('http://localhost:8378/1/apps/choose_password?id=test', (err, httpResponse) => {
+ request('http://localhost:8378/1/apps/choose_password?appId=test', (err, httpResponse) => {
expect(httpResponse.status).toBe(200);
done();
});
@@ -122,7 +122,7 @@ describe('public API without publicServerURL', () => {
});
it('should get 404 choose_password', done => {
- request('http://localhost:8378/1/apps/choose_password?id=test', (err, httpResponse) => {
+ request('http://localhost:8378/1/apps/choose_password?appId=test', (err, httpResponse) => {
expect(httpResponse.status).toBe(404);
done();
});
diff --git a/spec/RegexVulnerabilities.spec.js b/spec/RegexVulnerabilities.spec.js
index 1a96ebfdf5..60b701a866 100644
--- a/spec/RegexVulnerabilities.spec.js
+++ b/spec/RegexVulnerabilities.spec.js
@@ -132,8 +132,8 @@ describe('Regex Vulnerabilities', function () {
url: `${serverURL}/apps/test/request_password_reset?username=someemail@somedomain.com&token[$regex]=`,
method: 'GET',
});
- expect(passwordResetResponse.status).toEqual(302);
- expect(passwordResetResponse.headers.location).toMatch(`\\/invalid\\_link\\.html`);
+ expect(passwordResetResponse.status).toEqual(200);
+ expect(passwordResetResponse.text).toContain('Invalid Link');
await request({
url: `${serverURL}/apps/test/request_password_reset`,
method: 'POST',
@@ -170,10 +170,9 @@ describe('Regex Vulnerabilities', function () {
url: `${serverURL}/apps/test/request_password_reset?username=someemail@somedomain.com&token=${token}`,
method: 'GET',
});
- expect(passwordResetResponse.status).toEqual(302);
- expect(passwordResetResponse.headers.location).toMatch(
- `\\/choose\\_password\\?token\\=${token}\\&`
- );
+ expect(passwordResetResponse.status).toEqual(200);
+ expect(passwordResetResponse.text).toContain(token);
+ expect(passwordResetResponse.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
await request({
url: `${serverURL}/apps/test/request_password_reset`,
method: 'POST',
diff --git a/spec/ValidationAndPasswordsReset.spec.js b/spec/ValidationAndPasswordsReset.spec.js
index 94d9793a39..8dde98bbbd 100644
--- a/spec/ValidationAndPasswordsReset.spec.js
+++ b/spec/ValidationAndPasswordsReset.spec.js
@@ -1,8 +1,10 @@
'use strict';
+const { PublicAPIRouter, pages } = require('../lib/Routers/PublicAPIRouter');
const MockEmailAdapterWithOptions = require('./MockEmailAdapterWithOptions');
const request = require('../lib/request');
const Config = require('../lib/Config');
+const Utils = require('../lib/Utils');
describe('Custom Pages, Email Verification, Password Reset', () => {
it('should set the custom pages', done => {
@@ -271,10 +273,9 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=user'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Successfully verified your email');
+ expect(response.text).toContain('account: user');
user
.fetch()
.then(
@@ -596,7 +597,7 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
})
.then(() => {
user.setPassword('other-password');
- user.setUsername('user');
+ user.setUsername('exampleUsername');
user.set('email', 'user@parse.com');
return user.signUp();
})
@@ -606,10 +607,9 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: sendEmailOptions.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=user'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Successfully verified your email');
+ expect(response.text).toContain('exampleUsername');
user
.fetch()
.then(
@@ -646,10 +646,8 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: 'http://localhost:8378/1/apps/test/verify_email',
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_link.html'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Invalid Link');
done();
});
});
@@ -667,13 +665,12 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
publicServerURL: 'http://localhost:8378/1',
}).then(() => {
request({
- url: 'http://localhost:8378/1/apps/test/verify_email?token=asdfasdf&username=sadfasga',
+ url: 'http://localhost:8378/1/apps/test/verify_email?token=exampleToken&username=exampleUsername',
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=sadfasga&appId=test'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('value="exampleUsername"');
+ expect(response.text).toContain('action="/apps/test/resend_verification_email"');
done();
});
});
@@ -695,12 +692,12 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
method: 'POST',
followRedirects: false,
body: {
- username: 'sadfasga',
+ username: 'exampleUsername',
},
}).then(response => {
- expect(response.status).toEqual(302);
+ expect(response.status).toEqual(303);
expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/link_send_fail.html'
+ 'Found. Redirecting to http://localhost:8378/apps/link_send_fail.html'
);
done();
});
@@ -712,13 +709,12 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
const emailAdapter = {
sendVerificationEmail: () => {
request({
- url: 'http://localhost:8378/1/apps/test/verify_email?token=invalid&username=zxcv',
+ url: 'http://localhost:8378/1/apps/test/verify_email?token=invalidToken&username=exampleUsername',
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=zxcv&appId=test'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('value="exampleUsername"');
+ expect(response.text).toContain('action="/apps/test/resend_verification_email"');
user.fetch().then(() => {
expect(user.get('emailVerified')).toEqual(false);
done();
@@ -729,13 +725,13 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
sendMail: () => {},
};
reconfigureServer({
- appName: 'emailing app',
+ appName: 'ExampleApp',
verifyUserEmails: true,
emailAdapter: emailAdapter,
publicServerURL: 'http://localhost:8378/1',
}).then(() => {
- user.setPassword('asdf');
- user.setUsername('zxcv');
+ user.setPassword('examplePassword');
+ user.setUsername('exampleUsername');
user.set('email', 'user@parse.com');
user.signUp(null, {
success: () => {},
@@ -756,22 +752,23 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: options.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=zxcv%2Bzxcv/;
- expect(response.text.match(re)).not.toBe(null);
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('ExampleApp');
+ expect(response.text).toContain('exampleUsername');
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
done();
});
},
sendMail: () => {},
};
reconfigureServer({
- appName: 'emailing app',
+ appName: 'ExampleApp',
verifyUserEmails: true,
emailAdapter: emailAdapter,
publicServerURL: 'http://localhost:8378/1',
}).then(() => {
- user.setPassword('asdf');
- user.setUsername('zxcv+zxcv');
+ user.setPassword('examplePassword');
+ user.setUsername('exampleUsername');
user.set('email', 'user@parse.com');
user.signUp().then(() => {
Parse.User.requestPasswordReset('user@parse.com', {
@@ -801,10 +798,8 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
'http://localhost:8378/1/apps/test/request_password_reset?token=asdfasdf&username=sadfasga',
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/invalid_link.html'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Invalid Link');
done();
});
});
@@ -819,8 +814,9 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: options.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=zxcv/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -838,10 +834,8 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
},
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=zxcv'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Your password has been updated.');
Parse.User.logIn('zxcv', 'hello').then(
function () {
@@ -896,8 +890,9 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: options.link,
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=zxcv%2B1/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -915,10 +910,8 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
},
followRedirects: false,
}).then(response => {
- expect(response.status).toEqual(302);
- expect(response.text).toEqual(
- 'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=zxcv%2B1'
- );
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('Your password has been updated.');
done();
});
});
@@ -955,8 +948,9 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
url: options.link,
followRedirects: false,
});
- expect(response.status).toEqual(302);
- const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=zxcv/;
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('http://localhost:8378/1/apps/test/request_password_reset');
+ const re = /id="token" value="([a-zA-Z0-9]+)"/
const match = response.text.match(re);
if (!match) {
fail('should have a token');
@@ -1082,4 +1076,135 @@ describe('Custom Pages, Email Verification, Password Reset', () => {
done();
});
});
+
+ describe('localization of custom pages', () => {
+ let router = new PublicAPIRouter();
+ let req;
+ let pageResponse;
+ let redirectResponse;
+ const config = {
+ appId: "test",
+ appName: 'ExampleAppName',
+ verifyUserEmails: true,
+ emailAdapter: {
+ sendVerificationEmail: () => Promise.resolve(),
+ sendPasswordResetEmail: () => Promise.resolve(),
+ sendMail: () => {},
+ },
+ publicServerURL: 'http://localhost:8378/1',
+ enablePageLocalization: true,
+ };
+
+ beforeEach(async () => {
+ router = new PublicAPIRouter();
+ pageResponse = spyOn(router, 'pageResponse').and.callThrough();
+ redirectResponse = spyOn(router, 'redirectResponse').and.callThrough();
+ req = {
+ method: 'GET',
+ config: {
+ customPages: {},
+ enablePageLocalization: true,
+ publicServerURL: 'http://example.com',
+ },
+ query: {
+ locale: 'de-AT',
+ }
+ }
+ });
+
+ it('returns default file if localization is disabled', async () => {
+ delete req.config.enablePageLocalization;
+
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse.calls.all()[0].args[1]).toBeDefined();
+ expect(pageResponse.calls.all()[0].args[1]).not.toMatch(new RegExp(`\/de(-AT)?\/${pages.invalidLink.defaultFile}`));
+ });
+
+ it('returns default file if no locale is specified', async () => {
+ delete req.query.locale;
+
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse.calls.all()[0].args[1]).toBeDefined();
+ expect(pageResponse.calls.all()[0].args[1]).not.toMatch(new RegExp(`\/de(-AT)?\/${pages.invalidLink.defaultFile}`));
+ });
+
+ it('returns custom page regardless of localization enabled', async () => {
+ req.config.customPages = { invalidLink: 'http://invalid-link.example.com' };
+
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse).not.toHaveBeenCalled();
+ expect(redirectResponse.calls.all()[0].args[0]).toBe(req.config.customPages.invalidLink);
+ });
+
+ it('returns file for locale match', async () => {
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse.calls.all()[0].args[1]).toBeDefined();
+ expect(pageResponse.calls.all()[0].args[1]).toMatch(new RegExp(`\/de-AT\/${pages.invalidLink.defaultFile}`));
+ });
+
+ it('returns file for language match', async () => {
+ // Pretend no locale matching file exists
+ spyOn(Utils, 'fileExists').and.callFake(async (path) => {
+ return !path.includes(`/de-AT/${pages.invalidLink.defaultFile}`);
+ });
+
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse.calls.all()[0].args[1]).toBeDefined();
+ expect(pageResponse.calls.all()[0].args[1]).toMatch(new RegExp(`\/de\/${pages.invalidLink.defaultFile}`));
+ });
+
+ it('returns default file for neither locale nor language match', async () => {
+ req.query.locale = 'yo-LO';
+
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse.calls.all()[0].args[1]).toBeDefined();
+ expect(pageResponse.calls.all()[0].args[1]).not.toMatch(new RegExp(`\/yo(-LO)?\/${pages.invalidLink.defaultFile}`));
+ });
+
+ it('returns a file for GET request', async () => {
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse).toHaveBeenCalled();
+ expect(redirectResponse).not.toHaveBeenCalled();
+ });
+
+ it('returns a redirect for POST request', async () => {
+ req.method = 'POST';
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse).not.toHaveBeenCalled();
+ expect(redirectResponse).toHaveBeenCalled();
+ });
+
+ it('returns a redirect for custom pages for GET and POST', async () => {
+ req.config.customPages = { invalidLink: 'http://invalid-link.example.com' };
+
+ for (const method of ['GET', 'POST']) {
+ req.method = method;
+ await expectAsync(router.goToPage(req, pages.invalidLink)).toBeResolved();
+ expect(pageResponse).not.toHaveBeenCalled();
+ expect(redirectResponse).toHaveBeenCalled();
+ }
+ });
+
+ it('localizes invalid link page with file response (e2e test)', async () => {
+ await reconfigureServer(config);
+ const response = await request({
+ url: 'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=de-AT',
+ followRedirects: false,
+ method: 'POST'
+ });
+ expect(response.status).toEqual(303);
+ expect(response.headers.location).toEqual('http://localhost:8378/apps/de-AT/invalid_link.html');
+ });
+
+ it('localizes invalid link page with redirect response (e2e test)', async () => {
+ await reconfigureServer(config);
+ const response = await request({
+ url: 'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=de-AT',
+ followRedirects: false,
+ method: 'GET'
+ });
+ expect(response.status).toEqual(200);
+ expect(response.text).toContain('');
+ });
+ });
});
diff --git a/src/Options/Definitions.js b/src/Options/Definitions.js
index 22e0680fce..2359123568 100644
--- a/src/Options/Definitions.js
+++ b/src/Options/Definitions.js
@@ -3,626 +3,611 @@
This code has been generated by resources/buildConfigDefinitions.js
Do not edit manually, but update Options/index.js
*/
-var parsers = require('./parsers');
+var parsers = require("./parsers");
module.exports.ParseServerOptions = {
- accountLockout: {
- env: 'PARSE_SERVER_ACCOUNT_LOCKOUT',
- help: 'account lockout policy for failed login attempts',
- action: parsers.objectParser,
- },
- allowClientClassCreation: {
- env: 'PARSE_SERVER_ALLOW_CLIENT_CLASS_CREATION',
- help: 'Enable (or disable) client class creation, defaults to true',
- action: parsers.booleanParser,
- default: true,
- },
- allowCustomObjectId: {
- env: 'PARSE_SERVER_ALLOW_CUSTOM_OBJECT_ID',
- help: 'Enable (or disable) custom objectId',
- action: parsers.booleanParser,
- default: false,
- },
- allowHeaders: {
- env: 'PARSE_SERVER_ALLOW_HEADERS',
- help: 'Add headers to Access-Control-Allow-Headers',
- action: parsers.arrayParser,
- },
- allowOrigin: {
- env: 'PARSE_SERVER_ALLOW_ORIGIN',
- help: 'Sets the origin to Access-Control-Allow-Origin',
- },
- analyticsAdapter: {
- env: 'PARSE_SERVER_ANALYTICS_ADAPTER',
- help: 'Adapter module for the analytics',
- action: parsers.moduleOrObjectParser,
- },
- appId: {
- env: 'PARSE_SERVER_APPLICATION_ID',
- help: 'Your Parse Application ID',
- required: true,
- },
- appName: {
- env: 'PARSE_SERVER_APP_NAME',
- help: 'Sets the app name',
- },
- auth: {
- env: 'PARSE_SERVER_AUTH_PROVIDERS',
- help:
- 'Configuration for your authentication providers, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication',
- action: parsers.objectParser,
- },
- cacheAdapter: {
- env: 'PARSE_SERVER_CACHE_ADAPTER',
- help: 'Adapter module for the cache',
- action: parsers.moduleOrObjectParser,
- },
- cacheMaxSize: {
- env: 'PARSE_SERVER_CACHE_MAX_SIZE',
- help: 'Sets the maximum size for the in memory cache, defaults to 10000',
- action: parsers.numberParser('cacheMaxSize'),
- default: 10000,
- },
- cacheTTL: {
- env: 'PARSE_SERVER_CACHE_TTL',
- help: 'Sets the TTL for the in memory cache (in ms), defaults to 5000 (5 seconds)',
- action: parsers.numberParser('cacheTTL'),
- default: 5000,
- },
- clientKey: {
- env: 'PARSE_SERVER_CLIENT_KEY',
- help: 'Key for iOS, MacOS, tvOS clients',
- },
- cloud: {
- env: 'PARSE_SERVER_CLOUD',
- help: 'Full path to your cloud code main.js',
- },
- cluster: {
- env: 'PARSE_SERVER_CLUSTER',
- help: 'Run with cluster, optionally set the number of processes default to os.cpus().length',
- action: parsers.numberOrBooleanParser,
- },
- collectionPrefix: {
- env: 'PARSE_SERVER_COLLECTION_PREFIX',
- help: 'A collection prefix for the classes',
- default: '',
- },
- customPages: {
- env: 'PARSE_SERVER_CUSTOM_PAGES',
- help: 'custom pages for password validation and reset',
- action: parsers.objectParser,
- default: {},
- },
- databaseAdapter: {
- env: 'PARSE_SERVER_DATABASE_ADAPTER',
- help: 'Adapter module for the database',
- action: parsers.moduleOrObjectParser,
- },
- databaseOptions: {
- env: 'PARSE_SERVER_DATABASE_OPTIONS',
- help: 'Options to pass to the mongodb client',
- action: parsers.objectParser,
- },
- databaseURI: {
- env: 'PARSE_SERVER_DATABASE_URI',
- help: 'The full URI to your database. Supported databases are mongodb or postgres.',
- required: true,
- default: 'mongodb://localhost:27017/parse',
- },
- directAccess: {
- env: 'PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS',
- help:
- 'Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.',
- action: parsers.booleanParser,
- default: false,
- },
- dotNetKey: {
- env: 'PARSE_SERVER_DOT_NET_KEY',
- help: 'Key for Unity and .Net SDK',
- },
- emailAdapter: {
- env: 'PARSE_SERVER_EMAIL_ADAPTER',
- help: 'Adapter module for email sending',
- action: parsers.moduleOrObjectParser,
- },
- emailVerifyTokenReuseIfValid: {
- env: 'PARSE_SERVER_EMAIL_VERIFY_TOKEN_REUSE_IF_VALID',
- help:
- 'an existing email verify token should be reused when resend verification email is requested',
- action: parsers.booleanParser,
- default: false,
- },
- emailVerifyTokenValidityDuration: {
- env: 'PARSE_SERVER_EMAIL_VERIFY_TOKEN_VALIDITY_DURATION',
- help: 'Email verification token validity duration, in seconds',
- action: parsers.numberParser('emailVerifyTokenValidityDuration'),
- },
- enableAnonymousUsers: {
- env: 'PARSE_SERVER_ENABLE_ANON_USERS',
- help: 'Enable (or disable) anonymous users, defaults to true',
- action: parsers.booleanParser,
- default: true,
- },
- enableExpressErrorHandler: {
- env: 'PARSE_SERVER_ENABLE_EXPRESS_ERROR_HANDLER',
- help: 'Enables the default express error handler for all errors',
- action: parsers.booleanParser,
- default: false,
- },
- enableSingleSchemaCache: {
- env: 'PARSE_SERVER_ENABLE_SINGLE_SCHEMA_CACHE',
- help:
- 'Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.',
- action: parsers.booleanParser,
- default: false,
- },
- encryptionKey: {
- env: 'PARSE_SERVER_ENCRYPTION_KEY',
- help: 'Key for encrypting your files',
- },
- expireInactiveSessions: {
- env: 'PARSE_SERVER_EXPIRE_INACTIVE_SESSIONS',
- help: 'Sets wether we should expire the inactive sessions, defaults to true',
- action: parsers.booleanParser,
- default: true,
- },
- fileKey: {
- env: 'PARSE_SERVER_FILE_KEY',
- help: 'Key for your files',
- },
- filesAdapter: {
- env: 'PARSE_SERVER_FILES_ADAPTER',
- help: 'Adapter module for the files sub-system',
- action: parsers.moduleOrObjectParser,
- },
- fileUpload: {
- env: 'PARSE_SERVER_FILE_UPLOAD_OPTIONS',
- help: 'Options for file uploads',
- action: parsers.objectParser,
- default: {},
- },
- graphQLPath: {
- env: 'PARSE_SERVER_GRAPHQL_PATH',
- help: 'Mount path for the GraphQL endpoint, defaults to /graphql',
- default: '/graphql',
- },
- graphQLSchema: {
- env: 'PARSE_SERVER_GRAPH_QLSCHEMA',
- help: 'Full path to your GraphQL custom schema.graphql file',
- },
- host: {
- env: 'PARSE_SERVER_HOST',
- help: 'The host to serve ParseServer on, defaults to 0.0.0.0',
- default: '0.0.0.0',
- },
- idempotencyOptions: {
- env: 'PARSE_SERVER_EXPERIMENTAL_IDEMPOTENCY_OPTIONS',
- help:
- 'Options for request idempotency to deduplicate identical requests that may be caused by network issues. Caution, this is an experimental feature that may not be appropriate for production.',
- action: parsers.objectParser,
- default: {},
- },
- javascriptKey: {
- env: 'PARSE_SERVER_JAVASCRIPT_KEY',
- help: 'Key for the Javascript SDK',
- },
- jsonLogs: {
- env: 'JSON_LOGS',
- help: 'Log as structured JSON objects',
- action: parsers.booleanParser,
- },
- liveQuery: {
- env: 'PARSE_SERVER_LIVE_QUERY',
- help: "parse-server's LiveQuery configuration object",
- action: parsers.objectParser,
- },
- liveQueryServerOptions: {
- env: 'PARSE_SERVER_LIVE_QUERY_SERVER_OPTIONS',
- help: 'Live query server configuration options (will start the liveQuery server)',
- action: parsers.objectParser,
- },
- loggerAdapter: {
- env: 'PARSE_SERVER_LOGGER_ADAPTER',
- help: 'Adapter module for the logging sub-system',
- action: parsers.moduleOrObjectParser,
- },
- logLevel: {
- env: 'PARSE_SERVER_LOG_LEVEL',
- help: 'Sets the level for logs',
- },
- logsFolder: {
- env: 'PARSE_SERVER_LOGS_FOLDER',
- help: "Folder for the logs (defaults to './logs'); set to null to disable file based logging",
- default: './logs',
- },
- masterKey: {
- env: 'PARSE_SERVER_MASTER_KEY',
- help: 'Your Parse Master Key',
- required: true,
- },
- masterKeyIps: {
- env: 'PARSE_SERVER_MASTER_KEY_IPS',
- help: 'Restrict masterKey to be used by only these ips, defaults to [] (allow all ips)',
- action: parsers.arrayParser,
- default: [],
- },
- maxLimit: {
- env: 'PARSE_SERVER_MAX_LIMIT',
- help: 'Max value for limit option on queries, defaults to unlimited',
- action: parsers.numberParser('maxLimit'),
- },
- maxLogFiles: {
- env: 'PARSE_SERVER_MAX_LOG_FILES',
- help:
- "Maximum number of logs to keep. If not set, no logs will be removed. This can be a number of files or number of days. If using days, add 'd' as the suffix. (default: null)",
- action: parsers.objectParser,
- },
- maxUploadSize: {
- env: 'PARSE_SERVER_MAX_UPLOAD_SIZE',
- help: 'Max file size for uploads, defaults to 20mb',
- default: '20mb',
- },
- middleware: {
- env: 'PARSE_SERVER_MIDDLEWARE',
- help: 'middleware for express server, can be string or function',
- },
- mountGraphQL: {
- env: 'PARSE_SERVER_MOUNT_GRAPHQL',
- help: 'Mounts the GraphQL endpoint',
- action: parsers.booleanParser,
- default: false,
- },
- mountPath: {
- env: 'PARSE_SERVER_MOUNT_PATH',
- help: 'Mount path for the server, defaults to /parse',
- default: '/parse',
- },
- mountPlayground: {
- env: 'PARSE_SERVER_MOUNT_PLAYGROUND',
- help: 'Mounts the GraphQL Playground - never use this option in production',
- action: parsers.booleanParser,
- default: false,
- },
- objectIdSize: {
- env: 'PARSE_SERVER_OBJECT_ID_SIZE',
- help: "Sets the number of characters in generated object id's, default 10",
- action: parsers.numberParser('objectIdSize'),
- default: 10,
- },
- passwordPolicy: {
- env: 'PARSE_SERVER_PASSWORD_POLICY',
- help: 'Password policy for enforcing password related rules',
- action: parsers.objectParser,
- },
- playgroundPath: {
- env: 'PARSE_SERVER_PLAYGROUND_PATH',
- help: 'Mount path for the GraphQL Playground, defaults to /playground',
- default: '/playground',
- },
- port: {
- env: 'PORT',
- help: 'The port to run the ParseServer, defaults to 1337.',
- action: parsers.numberParser('port'),
- default: 1337,
- },
- preserveFileName: {
- env: 'PARSE_SERVER_PRESERVE_FILE_NAME',
- help: 'Enable (or disable) the addition of a unique hash to the file names',
- action: parsers.booleanParser,
- default: false,
- },
- preventLoginWithUnverifiedEmail: {
- env: 'PARSE_SERVER_PREVENT_LOGIN_WITH_UNVERIFIED_EMAIL',
- help:
- 'Prevent user from login if email is not verified and PARSE_SERVER_VERIFY_USER_EMAILS is true, defaults to false',
- action: parsers.booleanParser,
- default: false,
- },
- protectedFields: {
- env: 'PARSE_SERVER_PROTECTED_FIELDS',
- help: 'Protected fields that should be treated with extra security when fetching details.',
- action: parsers.objectParser,
- default: {
- _User: {
- '*': ['email'],
- },
- },
- },
- publicServerURL: {
- env: 'PARSE_PUBLIC_SERVER_URL',
- help: 'Public URL to your parse server with http:// or https://.',
- },
- push: {
- env: 'PARSE_SERVER_PUSH',
- help:
- 'Configuration for push, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#push-notifications',
- action: parsers.objectParser,
- },
- readOnlyMasterKey: {
- env: 'PARSE_SERVER_READ_ONLY_MASTER_KEY',
- help: 'Read-only key, which has the same capabilities as MasterKey without writes',
- },
- restAPIKey: {
- env: 'PARSE_SERVER_REST_API_KEY',
- help: 'Key for REST calls',
- },
- revokeSessionOnPasswordReset: {
- env: 'PARSE_SERVER_REVOKE_SESSION_ON_PASSWORD_RESET',
- help:
- "When a user changes their password, either through the reset password email or while logged in, all sessions are revoked if this is true. Set to false if you don't want to revoke sessions.",
- action: parsers.booleanParser,
- default: true,
- },
- scheduledPush: {
- env: 'PARSE_SERVER_SCHEDULED_PUSH',
- help: 'Configuration for push scheduling, defaults to false.',
- action: parsers.booleanParser,
- default: false,
- },
- schemaCacheTTL: {
- env: 'PARSE_SERVER_SCHEMA_CACHE_TTL',
- help:
- 'The TTL for caching the schema for optimizing read/write operations. You should put a long TTL when your DB is in production. default to 5000; set 0 to disable.',
- action: parsers.numberParser('schemaCacheTTL'),
- default: 5000,
- },
- serverCloseComplete: {
- env: 'PARSE_SERVER_SERVER_CLOSE_COMPLETE',
- help: 'Callback when server has closed',
- },
- serverStartComplete: {
- env: 'PARSE_SERVER_SERVER_START_COMPLETE',
- help: 'Callback when server has started',
- },
- serverURL: {
- env: 'PARSE_SERVER_URL',
- help: 'URL to your parse server with http:// or https://.',
- required: true,
- },
- sessionLength: {
- env: 'PARSE_SERVER_SESSION_LENGTH',
- help: 'Session duration, in seconds, defaults to 1 year',
- action: parsers.numberParser('sessionLength'),
- default: 31536000,
- },
- silent: {
- env: 'SILENT',
- help: 'Disables console output',
- action: parsers.booleanParser,
- },
- startLiveQueryServer: {
- env: 'PARSE_SERVER_START_LIVE_QUERY_SERVER',
- help: 'Starts the liveQuery server',
- action: parsers.booleanParser,
- },
- userSensitiveFields: {
- env: 'PARSE_SERVER_USER_SENSITIVE_FIELDS',
- help:
- 'Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields',
- action: parsers.arrayParser,
- },
- verbose: {
- env: 'VERBOSE',
- help: 'Set the logging to verbose',
- action: parsers.booleanParser,
- },
- verifyUserEmails: {
- env: 'PARSE_SERVER_VERIFY_USER_EMAILS',
- help: 'Enable (or disable) user email validation, defaults to false',
- action: parsers.booleanParser,
- default: false,
- },
- webhookKey: {
- env: 'PARSE_SERVER_WEBHOOK_KEY',
- help: 'Key sent with outgoing webhook calls',
- },
+ "accountLockout": {
+ "env": "PARSE_SERVER_ACCOUNT_LOCKOUT",
+ "help": "account lockout policy for failed login attempts",
+ "action": parsers.objectParser
+ },
+ "allowClientClassCreation": {
+ "env": "PARSE_SERVER_ALLOW_CLIENT_CLASS_CREATION",
+ "help": "Enable (or disable) client class creation, defaults to true",
+ "action": parsers.booleanParser,
+ "default": true
+ },
+ "allowCustomObjectId": {
+ "env": "PARSE_SERVER_ALLOW_CUSTOM_OBJECT_ID",
+ "help": "Enable (or disable) custom objectId",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "allowHeaders": {
+ "env": "PARSE_SERVER_ALLOW_HEADERS",
+ "help": "Add headers to Access-Control-Allow-Headers",
+ "action": parsers.arrayParser
+ },
+ "allowOrigin": {
+ "env": "PARSE_SERVER_ALLOW_ORIGIN",
+ "help": "Sets the origin to Access-Control-Allow-Origin"
+ },
+ "analyticsAdapter": {
+ "env": "PARSE_SERVER_ANALYTICS_ADAPTER",
+ "help": "Adapter module for the analytics",
+ "action": parsers.moduleOrObjectParser
+ },
+ "appId": {
+ "env": "PARSE_SERVER_APPLICATION_ID",
+ "help": "Your Parse Application ID",
+ "required": true
+ },
+ "appName": {
+ "env": "PARSE_SERVER_APP_NAME",
+ "help": "Sets the app name"
+ },
+ "auth": {
+ "env": "PARSE_SERVER_AUTH_PROVIDERS",
+ "help": "Configuration for your authentication providers, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication",
+ "action": parsers.objectParser
+ },
+ "cacheAdapter": {
+ "env": "PARSE_SERVER_CACHE_ADAPTER",
+ "help": "Adapter module for the cache",
+ "action": parsers.moduleOrObjectParser
+ },
+ "cacheMaxSize": {
+ "env": "PARSE_SERVER_CACHE_MAX_SIZE",
+ "help": "Sets the maximum size for the in memory cache, defaults to 10000",
+ "action": parsers.numberParser("cacheMaxSize"),
+ "default": 10000
+ },
+ "cacheTTL": {
+ "env": "PARSE_SERVER_CACHE_TTL",
+ "help": "Sets the TTL for the in memory cache (in ms), defaults to 5000 (5 seconds)",
+ "action": parsers.numberParser("cacheTTL"),
+ "default": 5000
+ },
+ "clientKey": {
+ "env": "PARSE_SERVER_CLIENT_KEY",
+ "help": "Key for iOS, MacOS, tvOS clients"
+ },
+ "cloud": {
+ "env": "PARSE_SERVER_CLOUD",
+ "help": "Full path to your cloud code main.js"
+ },
+ "cluster": {
+ "env": "PARSE_SERVER_CLUSTER",
+ "help": "Run with cluster, optionally set the number of processes default to os.cpus().length",
+ "action": parsers.numberOrBooleanParser
+ },
+ "collectionPrefix": {
+ "env": "PARSE_SERVER_COLLECTION_PREFIX",
+ "help": "A collection prefix for the classes",
+ "default": ""
+ },
+ "customPages": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES",
+ "help": "custom pages for password validation and reset",
+ "action": parsers.objectParser,
+ "default": {}
+ },
+ "databaseAdapter": {
+ "env": "PARSE_SERVER_DATABASE_ADAPTER",
+ "help": "Adapter module for the database",
+ "action": parsers.moduleOrObjectParser
+ },
+ "databaseOptions": {
+ "env": "PARSE_SERVER_DATABASE_OPTIONS",
+ "help": "Options to pass to the mongodb client",
+ "action": parsers.objectParser
+ },
+ "databaseURI": {
+ "env": "PARSE_SERVER_DATABASE_URI",
+ "help": "The full URI to your database. Supported databases are mongodb or postgres.",
+ "required": true,
+ "default": "mongodb://localhost:27017/parse"
+ },
+ "directAccess": {
+ "env": "PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS",
+ "help": "Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "dotNetKey": {
+ "env": "PARSE_SERVER_DOT_NET_KEY",
+ "help": "Key for Unity and .Net SDK"
+ },
+ "emailAdapter": {
+ "env": "PARSE_SERVER_EMAIL_ADAPTER",
+ "help": "Adapter module for email sending",
+ "action": parsers.moduleOrObjectParser
+ },
+ "emailVerifyTokenReuseIfValid": {
+ "env": "PARSE_SERVER_EMAIL_VERIFY_TOKEN_REUSE_IF_VALID",
+ "help": "an existing email verify token should be reused when resend verification email is requested",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "emailVerifyTokenValidityDuration": {
+ "env": "PARSE_SERVER_EMAIL_VERIFY_TOKEN_VALIDITY_DURATION",
+ "help": "Email verification token validity duration, in seconds",
+ "action": parsers.numberParser("emailVerifyTokenValidityDuration")
+ },
+ "enableAnonymousUsers": {
+ "env": "PARSE_SERVER_ENABLE_ANON_USERS",
+ "help": "Enable (or disable) anonymous users, defaults to true",
+ "action": parsers.booleanParser,
+ "default": true
+ },
+ "enableExpressErrorHandler": {
+ "env": "PARSE_SERVER_ENABLE_EXPRESS_ERROR_HANDLER",
+ "help": "Enables the default express error handler for all errors",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "enablePageLocalization": {
+ "env": "PARSE_SERVER_ENABLE_PAGE_LOCALIZATION",
+ "help": "Is true if pages should be localized; customPages must not be set.",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "enableSingleSchemaCache": {
+ "env": "PARSE_SERVER_ENABLE_SINGLE_SCHEMA_CACHE",
+ "help": "Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "encryptionKey": {
+ "env": "PARSE_SERVER_ENCRYPTION_KEY",
+ "help": "Key for encrypting your files"
+ },
+ "expireInactiveSessions": {
+ "env": "PARSE_SERVER_EXPIRE_INACTIVE_SESSIONS",
+ "help": "Sets wether we should expire the inactive sessions, defaults to true",
+ "action": parsers.booleanParser,
+ "default": true
+ },
+ "fileKey": {
+ "env": "PARSE_SERVER_FILE_KEY",
+ "help": "Key for your files"
+ },
+ "filesAdapter": {
+ "env": "PARSE_SERVER_FILES_ADAPTER",
+ "help": "Adapter module for the files sub-system",
+ "action": parsers.moduleOrObjectParser
+ },
+ "fileUpload": {
+ "env": "PARSE_SERVER_FILE_UPLOAD_OPTIONS",
+ "help": "Options for file uploads",
+ "action": parsers.objectParser,
+ "default": {}
+ },
+ "graphQLPath": {
+ "env": "PARSE_SERVER_GRAPHQL_PATH",
+ "help": "Mount path for the GraphQL endpoint, defaults to /graphql",
+ "default": "/graphql"
+ },
+ "graphQLSchema": {
+ "env": "PARSE_SERVER_GRAPH_QLSCHEMA",
+ "help": "Full path to your GraphQL custom schema.graphql file"
+ },
+ "host": {
+ "env": "PARSE_SERVER_HOST",
+ "help": "The host to serve ParseServer on, defaults to 0.0.0.0",
+ "default": "0.0.0.0"
+ },
+ "idempotencyOptions": {
+ "env": "PARSE_SERVER_EXPERIMENTAL_IDEMPOTENCY_OPTIONS",
+ "help": "Options for request idempotency to deduplicate identical requests that may be caused by network issues. Caution, this is an experimental feature that may not be appropriate for production.",
+ "action": parsers.objectParser,
+ "default": {}
+ },
+ "javascriptKey": {
+ "env": "PARSE_SERVER_JAVASCRIPT_KEY",
+ "help": "Key for the Javascript SDK"
+ },
+ "jsonLogs": {
+ "env": "JSON_LOGS",
+ "help": "Log as structured JSON objects",
+ "action": parsers.booleanParser
+ },
+ "liveQuery": {
+ "env": "PARSE_SERVER_LIVE_QUERY",
+ "help": "parse-server's LiveQuery configuration object",
+ "action": parsers.objectParser
+ },
+ "liveQueryServerOptions": {
+ "env": "PARSE_SERVER_LIVE_QUERY_SERVER_OPTIONS",
+ "help": "Live query server configuration options (will start the liveQuery server)",
+ "action": parsers.objectParser
+ },
+ "loggerAdapter": {
+ "env": "PARSE_SERVER_LOGGER_ADAPTER",
+ "help": "Adapter module for the logging sub-system",
+ "action": parsers.moduleOrObjectParser
+ },
+ "logLevel": {
+ "env": "PARSE_SERVER_LOG_LEVEL",
+ "help": "Sets the level for logs"
+ },
+ "logsFolder": {
+ "env": "PARSE_SERVER_LOGS_FOLDER",
+ "help": "Folder for the logs (defaults to './logs'); set to null to disable file based logging",
+ "default": "./logs"
+ },
+ "masterKey": {
+ "env": "PARSE_SERVER_MASTER_KEY",
+ "help": "Your Parse Master Key",
+ "required": true
+ },
+ "masterKeyIps": {
+ "env": "PARSE_SERVER_MASTER_KEY_IPS",
+ "help": "Restrict masterKey to be used by only these ips, defaults to [] (allow all ips)",
+ "action": parsers.arrayParser,
+ "default": []
+ },
+ "maxLimit": {
+ "env": "PARSE_SERVER_MAX_LIMIT",
+ "help": "Max value for limit option on queries, defaults to unlimited",
+ "action": parsers.numberParser("maxLimit")
+ },
+ "maxLogFiles": {
+ "env": "PARSE_SERVER_MAX_LOG_FILES",
+ "help": "Maximum number of logs to keep. If not set, no logs will be removed. This can be a number of files or number of days. If using days, add 'd' as the suffix. (default: null)",
+ "action": parsers.objectParser
+ },
+ "maxUploadSize": {
+ "env": "PARSE_SERVER_MAX_UPLOAD_SIZE",
+ "help": "Max file size for uploads, defaults to 20mb",
+ "default": "20mb"
+ },
+ "middleware": {
+ "env": "PARSE_SERVER_MIDDLEWARE",
+ "help": "middleware for express server, can be string or function"
+ },
+ "mountGraphQL": {
+ "env": "PARSE_SERVER_MOUNT_GRAPHQL",
+ "help": "Mounts the GraphQL endpoint",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "mountPath": {
+ "env": "PARSE_SERVER_MOUNT_PATH",
+ "help": "Mount path for the server, defaults to /parse",
+ "default": "/parse"
+ },
+ "mountPlayground": {
+ "env": "PARSE_SERVER_MOUNT_PLAYGROUND",
+ "help": "Mounts the GraphQL Playground - never use this option in production",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "objectIdSize": {
+ "env": "PARSE_SERVER_OBJECT_ID_SIZE",
+ "help": "Sets the number of characters in generated object id's, default 10",
+ "action": parsers.numberParser("objectIdSize"),
+ "default": 10
+ },
+ "passwordPolicy": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY",
+ "help": "Password policy for enforcing password related rules",
+ "action": parsers.objectParser
+ },
+ "playgroundPath": {
+ "env": "PARSE_SERVER_PLAYGROUND_PATH",
+ "help": "Mount path for the GraphQL Playground, defaults to /playground",
+ "default": "/playground"
+ },
+ "port": {
+ "env": "PORT",
+ "help": "The port to run the ParseServer, defaults to 1337.",
+ "action": parsers.numberParser("port"),
+ "default": 1337
+ },
+ "preserveFileName": {
+ "env": "PARSE_SERVER_PRESERVE_FILE_NAME",
+ "help": "Enable (or disable) the addition of a unique hash to the file names",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "preventLoginWithUnverifiedEmail": {
+ "env": "PARSE_SERVER_PREVENT_LOGIN_WITH_UNVERIFIED_EMAIL",
+ "help": "Prevent user from login if email is not verified and PARSE_SERVER_VERIFY_USER_EMAILS is true, defaults to false",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "protectedFields": {
+ "env": "PARSE_SERVER_PROTECTED_FIELDS",
+ "help": "Protected fields that should be treated with extra security when fetching details.",
+ "action": parsers.objectParser,
+ "default": {
+ "_User": {
+ "*": ["email"]
+ }
+ }
+ },
+ "publicServerURL": {
+ "env": "PARSE_PUBLIC_SERVER_URL",
+ "help": "Public URL to your parse server with http:// or https://."
+ },
+ "push": {
+ "env": "PARSE_SERVER_PUSH",
+ "help": "Configuration for push, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#push-notifications",
+ "action": parsers.objectParser
+ },
+ "readOnlyMasterKey": {
+ "env": "PARSE_SERVER_READ_ONLY_MASTER_KEY",
+ "help": "Read-only key, which has the same capabilities as MasterKey without writes"
+ },
+ "restAPIKey": {
+ "env": "PARSE_SERVER_REST_API_KEY",
+ "help": "Key for REST calls"
+ },
+ "revokeSessionOnPasswordReset": {
+ "env": "PARSE_SERVER_REVOKE_SESSION_ON_PASSWORD_RESET",
+ "help": "When a user changes their password, either through the reset password email or while logged in, all sessions are revoked if this is true. Set to false if you don't want to revoke sessions.",
+ "action": parsers.booleanParser,
+ "default": true
+ },
+ "scheduledPush": {
+ "env": "PARSE_SERVER_SCHEDULED_PUSH",
+ "help": "Configuration for push scheduling, defaults to false.",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "schemaCacheTTL": {
+ "env": "PARSE_SERVER_SCHEMA_CACHE_TTL",
+ "help": "The TTL for caching the schema for optimizing read/write operations. You should put a long TTL when your DB is in production. default to 5000; set 0 to disable.",
+ "action": parsers.numberParser("schemaCacheTTL"),
+ "default": 5000
+ },
+ "serverCloseComplete": {
+ "env": "PARSE_SERVER_SERVER_CLOSE_COMPLETE",
+ "help": "Callback when server has closed"
+ },
+ "serverStartComplete": {
+ "env": "PARSE_SERVER_SERVER_START_COMPLETE",
+ "help": "Callback when server has started"
+ },
+ "serverURL": {
+ "env": "PARSE_SERVER_URL",
+ "help": "URL to your parse server with http:// or https://.",
+ "required": true
+ },
+ "sessionLength": {
+ "env": "PARSE_SERVER_SESSION_LENGTH",
+ "help": "Session duration, in seconds, defaults to 1 year",
+ "action": parsers.numberParser("sessionLength"),
+ "default": 31536000
+ },
+ "silent": {
+ "env": "SILENT",
+ "help": "Disables console output",
+ "action": parsers.booleanParser
+ },
+ "startLiveQueryServer": {
+ "env": "PARSE_SERVER_START_LIVE_QUERY_SERVER",
+ "help": "Starts the liveQuery server",
+ "action": parsers.booleanParser
+ },
+ "userSensitiveFields": {
+ "env": "PARSE_SERVER_USER_SENSITIVE_FIELDS",
+ "help": "Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields",
+ "action": parsers.arrayParser
+ },
+ "verbose": {
+ "env": "VERBOSE",
+ "help": "Set the logging to verbose",
+ "action": parsers.booleanParser
+ },
+ "verifyUserEmails": {
+ "env": "PARSE_SERVER_VERIFY_USER_EMAILS",
+ "help": "Enable (or disable) user email validation, defaults to false",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "webhookKey": {
+ "env": "PARSE_SERVER_WEBHOOK_KEY",
+ "help": "Key sent with outgoing webhook calls"
+ }
};
module.exports.CustomPagesOptions = {
- choosePassword: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_CHOOSE_PASSWORD',
- help: 'choose password page path',
- },
- invalidLink: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_INVALID_LINK',
- help: 'invalid link page path',
- },
- invalidVerificationLink: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_INVALID_VERIFICATION_LINK',
- help: 'invalid verification link page path',
- },
- linkSendFail: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_LINK_SEND_FAIL',
- help: 'verification link send fail page path',
- },
- linkSendSuccess: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_LINK_SEND_SUCCESS',
- help: 'verification link send success page path',
- },
- parseFrameURL: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_PARSE_FRAME_URL',
- help: 'for masking user-facing pages',
- },
- passwordResetSuccess: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_PASSWORD_RESET_SUCCESS',
- help: 'password reset success page path',
- },
- verifyEmailSuccess: {
- env: 'PARSE_SERVER_CUSTOM_PAGES_VERIFY_EMAIL_SUCCESS',
- help: 'verify email success page path',
- },
+ "choosePassword": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_CHOOSE_PASSWORD",
+ "help": "choose password page path"
+ },
+ "invalidLink": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_INVALID_LINK",
+ "help": "invalid link page path"
+ },
+ "invalidVerificationLink": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_INVALID_VERIFICATION_LINK",
+ "help": "invalid verification link page path"
+ },
+ "linkSendFail": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_LINK_SEND_FAIL",
+ "help": "verification link send fail page path"
+ },
+ "linkSendSuccess": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_LINK_SEND_SUCCESS",
+ "help": "verification link send success page path"
+ },
+ "parseFrameURL": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_PARSE_FRAME_URL",
+ "help": "for masking user-facing pages"
+ },
+ "passwordResetSuccess": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_PASSWORD_RESET_SUCCESS",
+ "help": "password reset success page path"
+ },
+ "verifyEmailSuccess": {
+ "env": "PARSE_SERVER_CUSTOM_PAGES_VERIFY_EMAIL_SUCCESS",
+ "help": "verify email success page path"
+ }
};
module.exports.LiveQueryOptions = {
- classNames: {
- env: 'PARSE_SERVER_LIVEQUERY_CLASSNAMES',
- help: "parse-server's LiveQuery classNames",
- action: parsers.arrayParser,
- },
- pubSubAdapter: {
- env: 'PARSE_SERVER_LIVEQUERY_PUB_SUB_ADAPTER',
- help: 'LiveQuery pubsub adapter',
- action: parsers.moduleOrObjectParser,
- },
- redisOptions: {
- env: 'PARSE_SERVER_LIVEQUERY_REDIS_OPTIONS',
- help: "parse-server's LiveQuery redisOptions",
- action: parsers.objectParser,
- },
- redisURL: {
- env: 'PARSE_SERVER_LIVEQUERY_REDIS_URL',
- help: "parse-server's LiveQuery redisURL",
- },
- wssAdapter: {
- env: 'PARSE_SERVER_LIVEQUERY_WSS_ADAPTER',
- help: 'Adapter module for the WebSocketServer',
- action: parsers.moduleOrObjectParser,
- },
+ "classNames": {
+ "env": "PARSE_SERVER_LIVEQUERY_CLASSNAMES",
+ "help": "parse-server's LiveQuery classNames",
+ "action": parsers.arrayParser
+ },
+ "pubSubAdapter": {
+ "env": "PARSE_SERVER_LIVEQUERY_PUB_SUB_ADAPTER",
+ "help": "LiveQuery pubsub adapter",
+ "action": parsers.moduleOrObjectParser
+ },
+ "redisOptions": {
+ "env": "PARSE_SERVER_LIVEQUERY_REDIS_OPTIONS",
+ "help": "parse-server's LiveQuery redisOptions",
+ "action": parsers.objectParser
+ },
+ "redisURL": {
+ "env": "PARSE_SERVER_LIVEQUERY_REDIS_URL",
+ "help": "parse-server's LiveQuery redisURL"
+ },
+ "wssAdapter": {
+ "env": "PARSE_SERVER_LIVEQUERY_WSS_ADAPTER",
+ "help": "Adapter module for the WebSocketServer",
+ "action": parsers.moduleOrObjectParser
+ }
};
module.exports.LiveQueryServerOptions = {
- appId: {
- env: 'PARSE_LIVE_QUERY_SERVER_APP_ID',
- help:
- 'This string should match the appId in use by your Parse Server. If you deploy the LiveQuery server alongside Parse Server, the LiveQuery server will try to use the same appId.',
- },
- cacheTimeout: {
- env: 'PARSE_LIVE_QUERY_SERVER_CACHE_TIMEOUT',
- help:
- "Number in milliseconds. When clients provide the sessionToken to the LiveQuery server, the LiveQuery server will try to fetch its ParseUser's objectId from parse server and store it in the cache. The value defines the duration of the cache. Check the following Security section and our protocol specification for details, defaults to 5 * 1000 ms (5 seconds).",
- action: parsers.numberParser('cacheTimeout'),
- },
- keyPairs: {
- env: 'PARSE_LIVE_QUERY_SERVER_KEY_PAIRS',
- help:
- 'A JSON object that serves as a whitelist of keys. It is used for validating clients when they try to connect to the LiveQuery server. Check the following Security section and our protocol specification for details.',
- action: parsers.objectParser,
- },
- logLevel: {
- env: 'PARSE_LIVE_QUERY_SERVER_LOG_LEVEL',
- help:
- 'This string defines the log level of the LiveQuery server. We support VERBOSE, INFO, ERROR, NONE, defaults to INFO.',
- },
- masterKey: {
- env: 'PARSE_LIVE_QUERY_SERVER_MASTER_KEY',
- help:
- 'This string should match the masterKey in use by your Parse Server. If you deploy the LiveQuery server alongside Parse Server, the LiveQuery server will try to use the same masterKey.',
- },
- port: {
- env: 'PARSE_LIVE_QUERY_SERVER_PORT',
- help: 'The port to run the LiveQuery server, defaults to 1337.',
- action: parsers.numberParser('port'),
- default: 1337,
- },
- pubSubAdapter: {
- env: 'PARSE_LIVE_QUERY_SERVER_PUB_SUB_ADAPTER',
- help: 'LiveQuery pubsub adapter',
- action: parsers.moduleOrObjectParser,
- },
- redisOptions: {
- env: 'PARSE_LIVE_QUERY_SERVER_REDIS_OPTIONS',
- help: "parse-server's LiveQuery redisOptions",
- action: parsers.objectParser,
- },
- redisURL: {
- env: 'PARSE_LIVE_QUERY_SERVER_REDIS_URL',
- help: "parse-server's LiveQuery redisURL",
- },
- serverURL: {
- env: 'PARSE_LIVE_QUERY_SERVER_SERVER_URL',
- help:
- 'This string should match the serverURL in use by your Parse Server. If you deploy the LiveQuery server alongside Parse Server, the LiveQuery server will try to use the same serverURL.',
- },
- websocketTimeout: {
- env: 'PARSE_LIVE_QUERY_SERVER_WEBSOCKET_TIMEOUT',
- help:
- 'Number of milliseconds between ping/pong frames. The WebSocket server sends ping/pong frames to the clients to keep the WebSocket alive. This value defines the interval of the ping/pong frame from the server to clients, defaults to 10 * 1000 ms (10 s).',
- action: parsers.numberParser('websocketTimeout'),
- },
- wssAdapter: {
- env: 'PARSE_LIVE_QUERY_SERVER_WSS_ADAPTER',
- help: 'Adapter module for the WebSocketServer',
- action: parsers.moduleOrObjectParser,
- },
+ "appId": {
+ "env": "PARSE_LIVE_QUERY_SERVER_APP_ID",
+ "help": "This string should match the appId in use by your Parse Server. If you deploy the LiveQuery server alongside Parse Server, the LiveQuery server will try to use the same appId."
+ },
+ "cacheTimeout": {
+ "env": "PARSE_LIVE_QUERY_SERVER_CACHE_TIMEOUT",
+ "help": "Number in milliseconds. When clients provide the sessionToken to the LiveQuery server, the LiveQuery server will try to fetch its ParseUser's objectId from parse server and store it in the cache. The value defines the duration of the cache. Check the following Security section and our protocol specification for details, defaults to 5 * 1000 ms (5 seconds).",
+ "action": parsers.numberParser("cacheTimeout")
+ },
+ "keyPairs": {
+ "env": "PARSE_LIVE_QUERY_SERVER_KEY_PAIRS",
+ "help": "A JSON object that serves as a whitelist of keys. It is used for validating clients when they try to connect to the LiveQuery server. Check the following Security section and our protocol specification for details.",
+ "action": parsers.objectParser
+ },
+ "logLevel": {
+ "env": "PARSE_LIVE_QUERY_SERVER_LOG_LEVEL",
+ "help": "This string defines the log level of the LiveQuery server. We support VERBOSE, INFO, ERROR, NONE, defaults to INFO."
+ },
+ "masterKey": {
+ "env": "PARSE_LIVE_QUERY_SERVER_MASTER_KEY",
+ "help": "This string should match the masterKey in use by your Parse Server. If you deploy the LiveQuery server alongside Parse Server, the LiveQuery server will try to use the same masterKey."
+ },
+ "port": {
+ "env": "PARSE_LIVE_QUERY_SERVER_PORT",
+ "help": "The port to run the LiveQuery server, defaults to 1337.",
+ "action": parsers.numberParser("port"),
+ "default": 1337
+ },
+ "pubSubAdapter": {
+ "env": "PARSE_LIVE_QUERY_SERVER_PUB_SUB_ADAPTER",
+ "help": "LiveQuery pubsub adapter",
+ "action": parsers.moduleOrObjectParser
+ },
+ "redisOptions": {
+ "env": "PARSE_LIVE_QUERY_SERVER_REDIS_OPTIONS",
+ "help": "parse-server's LiveQuery redisOptions",
+ "action": parsers.objectParser
+ },
+ "redisURL": {
+ "env": "PARSE_LIVE_QUERY_SERVER_REDIS_URL",
+ "help": "parse-server's LiveQuery redisURL"
+ },
+ "serverURL": {
+ "env": "PARSE_LIVE_QUERY_SERVER_SERVER_URL",
+ "help": "This string should match the serverURL in use by your Parse Server. If you deploy the LiveQuery server alongside Parse Server, the LiveQuery server will try to use the same serverURL."
+ },
+ "websocketTimeout": {
+ "env": "PARSE_LIVE_QUERY_SERVER_WEBSOCKET_TIMEOUT",
+ "help": "Number of milliseconds between ping/pong frames. The WebSocket server sends ping/pong frames to the clients to keep the WebSocket alive. This value defines the interval of the ping/pong frame from the server to clients, defaults to 10 * 1000 ms (10 s).",
+ "action": parsers.numberParser("websocketTimeout")
+ },
+ "wssAdapter": {
+ "env": "PARSE_LIVE_QUERY_SERVER_WSS_ADAPTER",
+ "help": "Adapter module for the WebSocketServer",
+ "action": parsers.moduleOrObjectParser
+ }
};
module.exports.IdempotencyOptions = {
- paths: {
- env: 'PARSE_SERVER_EXPERIMENTAL_IDEMPOTENCY_PATHS',
- help:
- 'An array of paths for which the feature should be enabled. The mount path must not be included, for example instead of `/parse/functions/myFunction` specifiy `functions/myFunction`. The entries are interpreted as regular expression, for example `functions/.*` matches all functions, `jobs/.*` matches all jobs, `classes/.*` matches all classes, `.*` matches all paths.',
- action: parsers.arrayParser,
- default: [],
- },
- ttl: {
- env: 'PARSE_SERVER_EXPERIMENTAL_IDEMPOTENCY_TTL',
- help:
- 'The duration in seconds after which a request record is discarded from the database, defaults to 300s.',
- action: parsers.numberParser('ttl'),
- default: 300,
- },
+ "paths": {
+ "env": "PARSE_SERVER_EXPERIMENTAL_IDEMPOTENCY_PATHS",
+ "help": "An array of paths for which the feature should be enabled. The mount path must not be included, for example instead of `/parse/functions/myFunction` specifiy `functions/myFunction`. The entries are interpreted as regular expression, for example `functions/.*` matches all functions, `jobs/.*` matches all jobs, `classes/.*` matches all classes, `.*` matches all paths.",
+ "action": parsers.arrayParser,
+ "default": []
+ },
+ "ttl": {
+ "env": "PARSE_SERVER_EXPERIMENTAL_IDEMPOTENCY_TTL",
+ "help": "The duration in seconds after which a request record is discarded from the database, defaults to 300s.",
+ "action": parsers.numberParser("ttl"),
+ "default": 300
+ }
};
module.exports.AccountLockoutOptions = {
- duration: {
- env: 'PARSE_SERVER_ACCOUNT_LOCKOUT_DURATION',
- help:
- 'number of minutes that a locked-out account remains locked out before automatically becoming unlocked.',
- action: parsers.numberParser('duration'),
- },
- threshold: {
- env: 'PARSE_SERVER_ACCOUNT_LOCKOUT_THRESHOLD',
- help: 'number of failed sign-in attempts that will cause a user account to be locked',
- action: parsers.numberParser('threshold'),
- },
+ "duration": {
+ "env": "PARSE_SERVER_ACCOUNT_LOCKOUT_DURATION",
+ "help": "number of minutes that a locked-out account remains locked out before automatically becoming unlocked.",
+ "action": parsers.numberParser("duration")
+ },
+ "threshold": {
+ "env": "PARSE_SERVER_ACCOUNT_LOCKOUT_THRESHOLD",
+ "help": "number of failed sign-in attempts that will cause a user account to be locked",
+ "action": parsers.numberParser("threshold")
+ }
};
module.exports.PasswordPolicyOptions = {
- doNotAllowUsername: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_DO_NOT_ALLOW_USERNAME',
- help: 'disallow username in passwords',
- action: parsers.booleanParser,
- },
- maxPasswordAge: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_MAX_PASSWORD_AGE',
- help: 'days for password expiry',
- action: parsers.numberParser('maxPasswordAge'),
- },
- maxPasswordHistory: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_MAX_PASSWORD_HISTORY',
- help: 'setting to prevent reuse of previous n passwords',
- action: parsers.numberParser('maxPasswordHistory'),
- },
- resetTokenReuseIfValid: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_RESET_TOKEN_REUSE_IF_VALID',
- help: "resend token if it's still valid",
- action: parsers.booleanParser,
- },
- resetTokenValidityDuration: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_RESET_TOKEN_VALIDITY_DURATION',
- help: 'time for token to expire',
- action: parsers.numberParser('resetTokenValidityDuration'),
- },
- validatorCallback: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_VALIDATOR_CALLBACK',
- help: 'a callback function to be invoked to validate the password',
- },
- validatorPattern: {
- env: 'PARSE_SERVER_PASSWORD_POLICY_VALIDATOR_PATTERN',
- help: 'a RegExp object or a regex string representing the pattern to enforce',
- },
+ "doNotAllowUsername": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_DO_NOT_ALLOW_USERNAME",
+ "help": "disallow username in passwords",
+ "action": parsers.booleanParser
+ },
+ "maxPasswordAge": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_MAX_PASSWORD_AGE",
+ "help": "days for password expiry",
+ "action": parsers.numberParser("maxPasswordAge")
+ },
+ "maxPasswordHistory": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_MAX_PASSWORD_HISTORY",
+ "help": "setting to prevent reuse of previous n passwords",
+ "action": parsers.numberParser("maxPasswordHistory")
+ },
+ "resetTokenReuseIfValid": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_RESET_TOKEN_REUSE_IF_VALID",
+ "help": "resend token if it's still valid",
+ "action": parsers.booleanParser
+ },
+ "resetTokenValidityDuration": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_RESET_TOKEN_VALIDITY_DURATION",
+ "help": "time for token to expire",
+ "action": parsers.numberParser("resetTokenValidityDuration")
+ },
+ "validatorCallback": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_VALIDATOR_CALLBACK",
+ "help": "a callback function to be invoked to validate the password"
+ },
+ "validatorPattern": {
+ "env": "PARSE_SERVER_PASSWORD_POLICY_VALIDATOR_PATTERN",
+ "help": "a RegExp object or a regex string representing the pattern to enforce"
+ }
};
module.exports.FileUploadOptions = {
- enableForAnonymousUser: {
- env: 'PARSE_SERVER_FILE_UPLOAD_ENABLE_FOR_ANONYMOUS_USER',
- help: 'Is true if file upload should be allowed for anonymous users.',
- action: parsers.booleanParser,
- default: false,
- },
- enableForAuthenticatedUser: {
- env: 'PARSE_SERVER_FILE_UPLOAD_ENABLE_FOR_AUTHENTICATED_USER',
- help: 'Is true if file upload should be allowed for authenticated users.',
- action: parsers.booleanParser,
- default: true,
- },
- enableForPublic: {
- env: 'PARSE_SERVER_FILE_UPLOAD_ENABLE_FOR_PUBLIC',
- help: 'Is true if file upload should be allowed for anyone, regardless of user authentication.',
- action: parsers.booleanParser,
- default: false,
- },
+ "enableForAnonymousUser": {
+ "env": "PARSE_SERVER_FILE_UPLOAD_ENABLE_FOR_ANONYMOUS_USER",
+ "help": "Is true if file upload should be allowed for anonymous users.",
+ "action": parsers.booleanParser,
+ "default": false
+ },
+ "enableForAuthenticatedUser": {
+ "env": "PARSE_SERVER_FILE_UPLOAD_ENABLE_FOR_AUTHENTICATED_USER",
+ "help": "Is true if file upload should be allowed for authenticated users.",
+ "action": parsers.booleanParser,
+ "default": true
+ },
+ "enableForPublic": {
+ "env": "PARSE_SERVER_FILE_UPLOAD_ENABLE_FOR_PUBLIC",
+ "help": "Is true if file upload should be allowed for anyone, regardless of user authentication.",
+ "action": parsers.booleanParser,
+ "default": false
+ }
};
diff --git a/src/Options/docs.js b/src/Options/docs.js
index a70fa8bff2..a44a2df1bf 100644
--- a/src/Options/docs.js
+++ b/src/Options/docs.js
@@ -27,6 +27,7 @@
* @property {Number} emailVerifyTokenValidityDuration Email verification token validity duration, in seconds
* @property {Boolean} enableAnonymousUsers Enable (or disable) anonymous users, defaults to true
* @property {Boolean} enableExpressErrorHandler Enables the default express error handler for all errors
+ * @property {Boolean} enablePageLocalization Is true if pages should be localized; customPages must not be set.
* @property {Boolean} enableSingleSchemaCache Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.
* @property {String} encryptionKey Key for encrypting your files
* @property {Boolean} expireInactiveSessions Sets wether we should expire the inactive sessions, defaults to true
@@ -145,3 +146,4 @@
* @property {Boolean} enableForAuthenticatedUser Is true if file upload should be allowed for authenticated users.
* @property {Boolean} enableForPublic Is true if file upload should be allowed for anyone, regardless of user authentication.
*/
+
diff --git a/src/Options/index.js b/src/Options/index.js
index 84a9283bbc..3fe43d721b 100644
--- a/src/Options/index.js
+++ b/src/Options/index.js
@@ -141,6 +141,9 @@ export interface ParseServerOptions {
/* custom pages for password validation and reset
:DEFAULT: {} */
customPages: ?CustomPagesOptions;
+ /* Is true if pages should be localized; customPages must not be set.
+ :DEFAULT: false */
+ enablePageLocalization: ?boolean;
/* parse-server's LiveQuery configuration object */
liveQuery: ?LiveQueryOptions;
/* Session duration, in seconds, defaults to 1 year
diff --git a/src/Routers/PublicAPIRouter.js b/src/Routers/PublicAPIRouter.js
index 5009ee7d22..fbe58caf87 100644
--- a/src/Routers/PublicAPIRouter.js
+++ b/src/Routers/PublicAPIRouter.js
@@ -2,108 +2,93 @@ import PromiseRouter from '../PromiseRouter';
import Config from '../Config';
import express from 'express';
import path from 'path';
-import fs from 'fs';
+import { promises as fs } from 'fs';
import qs from 'querystring';
import { Parse } from 'parse/node';
-
-const public_html = path.resolve(__dirname, '../../public_html');
-const views = path.resolve(__dirname, '../../views');
+import Utils from '../Utils';
+
+const publicPath = path.resolve(__dirname, '../../public');
+const defaultPagePath = (file) => { return path.join(publicPath, file) };
+const defaultPageUrl = (file, serverUrl) => { return new URL('/apps/' + file, serverUrl).toString(); };
+const pages = Object.freeze({
+ invalidLink: { customPageKey: 'invalidLink', defaultFile: 'invalid_link.html' },
+ linkSendFail: { customPageKey: 'linkSendFail', defaultFile: 'link_send_fail.html' },
+ choosePassword: { customPageKey: 'choosePassword', defaultFile: 'choose_password.html' },
+ linkSendSuccess: { customPageKey: 'linkSendSuccess', defaultFile: 'link_send_success.html' },
+ verifyEmailSuccess: { customPageKey: 'verifyEmailSuccess', defaultFile: 'verify_email_success.html' },
+ passwordResetSuccess: { customPageKey: 'passwordResetSuccess', defaultFile: 'password_reset_success.html' },
+ invalidVerificationLink: { customPageKey: 'invalidVerificationLink', defaultFile: 'invalid_verification_link.html' },
+});
+const pageParams = Object.freeze({
+ appName: "appName",
+ appId: "appId",
+ token: "token",
+ username: "username",
+ error: "error",
+});
export class PublicAPIRouter extends PromiseRouter {
verifyEmail(req) {
+ const config = req.config;
const { username, token: rawToken } = req.query;
const token = rawToken && typeof rawToken !== 'string' ? rawToken.toString() : rawToken;
- const appId = req.params.appId;
- const config = Config.get(appId);
-
if (!config) {
this.invalidRequest();
}
- if (!config.publicServerURL) {
- return this.missingPublicServerURL();
- }
-
if (!token || !username) {
- return this.invalidLink(req);
+ return this.goToPage(req, pages.invalidLink);
}
const userController = config.userController;
return userController.verifyEmail(username, token).then(
() => {
- const params = qs.stringify({ username });
- return Promise.resolve({
- status: 302,
- location: `${config.verifyEmailSuccessURL}?${params}`,
- });
+ const params = {
+ [pageParams.username]: username
+ };
+ return this.goToPage(req, pages.verifyEmailSuccess, params);
},
() => {
- return this.invalidVerificationLink(req);
+ if (req.query.username && req.params.appId) {
+ const params = {
+ [pageParams.username]: req.query.username,
+ [pageParams.appId]: req.params.appId,
+ };
+ return this.goToPage(req, pages.invalidVerificationLink, params);
+ } else {
+ return this.goToPage(req, pages.invalidLink);
+ }
}
);
}
resendVerificationEmail(req) {
+ const config = req.config;
const username = req.body.username;
- const appId = req.params.appId;
- const config = Config.get(appId);
if (!config) {
this.invalidRequest();
}
- if (!config.publicServerURL) {
- return this.missingPublicServerURL();
- }
-
if (!username) {
- return this.invalidLink(req);
+ return this.goToPage(req, pages.invalidLink);
}
const userController = config.userController;
return userController.resendVerificationEmail(username).then(
() => {
- return Promise.resolve({
- status: 302,
- location: `${config.linkSendSuccessURL}`,
- });
+ return this.goToPage(req, pages.linkSendSuccess);
},
() => {
- return Promise.resolve({
- status: 302,
- location: `${config.linkSendFailURL}`,
- });
+ return this.goToPage(req, pages.linkSendFail);
}
);
}
- changePassword(req) {
- return new Promise((resolve, reject) => {
- const config = Config.get(req.query.id);
-
- if (!config) {
- this.invalidRequest();
- }
-
- if (!config.publicServerURL) {
- return resolve({
- status: 404,
- text: 'Not found.',
- });
- }
- // Should we keep the file in memory or leave like that?
- fs.readFile(path.resolve(views, 'choose_password'), 'utf-8', (err, data) => {
- if (err) {
- return reject(err);
- }
- data = data.replace('PARSE_SERVER_URL', `'${config.publicServerURL}'`);
- resolve({
- text: data,
- });
- });
- });
+ choosePassword(req) {
+ return this.goToPage(req, pages.choosePassword);
}
requestResetPassword(req) {
@@ -113,32 +98,25 @@ export class PublicAPIRouter extends PromiseRouter {
this.invalidRequest();
}
- if (!config.publicServerURL) {
- return this.missingPublicServerURL();
- }
-
const { username, token: rawToken } = req.query;
const token = rawToken && typeof rawToken !== 'string' ? rawToken.toString() : rawToken;
if (!username || !token) {
- return this.invalidLink(req);
+ return this.goToPage(req, pages.invalidLink);
}
return config.userController.checkResetTokenValidity(username, token).then(
() => {
- const params = qs.stringify({
- token,
- id: config.applicationId,
- username,
- app: config.appName,
- });
- return Promise.resolve({
- status: 302,
- location: `${config.choosePasswordURL}?${params}`,
- });
+ const params = {
+ [pageParams.token]: token,
+ [pageParams.username]: username,
+ [pageParams.appId]: config.applicationId,
+ [pageParams.appName]: config.appName,
+ };
+ return this.goToPage(req, pages.choosePassword, params);
},
() => {
- return this.invalidLink(req);
+ return this.goToPage(req, pages.invalidLink)
}
);
}
@@ -150,15 +128,11 @@ export class PublicAPIRouter extends PromiseRouter {
this.invalidRequest();
}
- if (!config.publicServerURL) {
- return this.missingPublicServerURL();
- }
-
const { username, new_password, token: rawToken } = req.body;
const token = rawToken && typeof rawToken !== 'string' ? rawToken.toString() : rawToken;
if ((!username || !token || !new_password) && req.xhr === false) {
- return this.invalidLink(req);
+ return this.goToPage(req, pages.invalidLink);
}
if (!username) {
@@ -189,14 +163,6 @@ export class PublicAPIRouter extends PromiseRouter {
}
)
.then(result => {
- const params = qs.stringify({
- username: username,
- token: token,
- id: config.applicationId,
- error: result.err,
- app: config.appName,
- });
-
if (req.xhr) {
if (result.success) {
return Promise.resolve({
@@ -210,45 +176,129 @@ export class PublicAPIRouter extends PromiseRouter {
}
const encodedUsername = encodeURIComponent(username);
- const location = result.success
- ? `${config.passwordResetSuccessURL}?username=${encodedUsername}`
- : `${config.choosePasswordURL}?${params}`;
-
- return Promise.resolve({
- status: 302,
- location,
- });
+ const query = result.success
+ ? {
+ [pageParams.username]: encodedUsername
+ }
+ : {
+ [pageParams.username]: username,
+ [pageParams.token]: token,
+ [pageParams.appId]: config.applicationId,
+ [pageParams.error]: result.err,
+ [pageParams.appName]: config.appName,
+ };
+ const page = result.success
+ ? pages.passwordResetSuccess
+ : pages.choosePassword;
+
+ return this.goToPage(req, page, query, false);
});
}
- invalidLink(req) {
- return Promise.resolve({
- status: 302,
- location: req.config.invalidLinkURL,
- });
- }
-
- invalidVerificationLink(req) {
+ /**
+ * Returns page content if the page is a local file or returns a
+ * redirect to a custom page.
+ * @param {Object} req The express request.
+ * @param {Object} page The page to go to.
+ * @param {Object} params The query parameters to attach to the URL in case of
+ * HTTP redirect responses for POST requests, or the placeholders to fill into
+ * the response content in case of HTTP content responses for GET requests.
+ * @param {Boolean} responseType Is true if a redirect response should be forced,
+ * false if a content response should be forced, undefined if the response type
+ * should depend on the request type by default:
+ * - GET request -> content response
+ * - POST request -> redirect response (PRG pattern)
+ * @returns {Promise