Commit Graph

126 Commits

Author SHA1 Message Date
Toby Zerner
4b8eb5d6e4 Make reset password form look slightly nicer
(Still needs a proper makeover!)
2016-11-13 09:01:38 +10:30
Toby Zerner
b2c691a03d Improve password reset validation/error handling 2016-11-13 08:51:38 +10:30
Niels Tholenaar
05c9ce335e Fixes #825 2016-06-20 12:34:41 +02:00
Toby Zerner
998bb5708e Display header HTML in layout rather than app wrapper
This is so a custom layout can opt-out of displaying header HTML (e.g. embed extension)
2016-06-05 09:53:08 +09:30
Toby Zerner
feffe53a86 Add ability to upload a logo + favicon, and add custom header HTML
Closes #268. Not going to bother with a preview SVG or anything fancy for now – we can think about that as part of #746. Right now it's just good to finally get this functionality in!

Also need to think about apple-touch-icon, msTile stuff, and social sharing image. Not sure if this is all too much for core, but it's definitely too much for the current Appearance page layout. Again, something to think about as part of #746.

Code is a bit rough around the edges, but figured there's not much point in using the command bus properly since #870.
2016-06-04 18:05:46 +09:30
Toby Zerner
9bfb797fdc Refactor the web app bootstrapping code
- All custom JS variables are now preloaded into the `app.data` object, rather than directly on the `app` object. This means that admin settings are available in `app.data.settings` rather than `app.settings`, etc.
- Cleaner route handler generation
- Renamed ConfigureClientView to ConfigureWebApp, though the former still exists and is deprecated
- Partial fix for #881 (strips ?nojs=1 from URL if possible, so that refreshing will attempt to load JS version again)
2016-05-26 19:04:24 +09:30
dcsjapan
b068536dbd Fix translation key for deleted username 2016-04-07 20:50:35 +09:00
dcsjapan
6d5582e4ac Extract translations from core blade files.
- Extracts translations from `reset.blade.php`.
- Adjusts namespacing of translations in other files.
- Fixes one direct reference to a `core.ref` key.
2016-04-07 17:45:58 +09:00
Toby Zerner
1395ce6c30 Upgrade to flarum-gulp 0.2.0 / Babel 6 2016-03-18 09:31:01 +10:30
Toby Zerner
e37c7a9b06 Remove sudo mode and add password confirmation when changing email address
closes #674
2016-03-11 12:44:18 +10:30
Toby Zerner
a6cf10f854 Applied fixes from StyleCI 2016-02-25 22:09:39 -05:00
Franz Liedke
9ecb5f437a Use stored slug for generating server-rendered link to discussion
Fixes #646.
2016-02-04 11:47:03 +01:00
Toby Zerner
387109002e Rework sessions, remember cookies, and auth again
- Use Symfony's Session component to work with sessions, instead of a custom database model. Separate the concept of access tokens from sessions once again.
- Extract common session/remember cookie logic into SessionAuthenticator and Rememberer classes.
- Extract AuthenticateUserTrait into a new AuthenticationResponseFactory class.
- Fix forgot password process.
2015-12-05 15:11:25 +10:30
Toby Zerner
9896378b59 Overhaul sessions, tokens, and authentication
- Use cookies + CSRF token for API authentication in the default client. This mitigates potential XSS attacks by making the token unavailable to JavaScript. The Authorization header is still supported, but not used by default.
- Make sensitive/destructive actions (editing a user, permanently deleting anything, visiting the admin CP) require the user to re-enter their password if they haven't entered it in the last 30 minutes.
- Refactor and clean up the authentication middleware.
- Add an `onhide` hook to the Modal component. (+1 squashed commit)
2015-12-03 15:11:57 +10:30
Toby Zerner
a6eff9383b Show loading indicator for admin client too 2015-11-04 11:51:25 +10:30
Toby Zerner
7dcb99621d Display "Loading..." text while JS is loading 2015-11-02 16:47:36 +10:30
Toby Zerner
fc7db914db Translate basic HTML views
app('view') call to set translator is temporary. See #189
2015-10-21 11:36:49 +10:30
Toby Zerner
9aeaccf9a4 Improve client boot failure error message/appearance 2015-10-21 09:59:22 +10:30
Toby Zerner
1242fa79af Implement proper update process
If the version in the settings table mismatches the code version, then we return a 503 error for all requests coming through index.php and api.php, while admin.php serves up a form prompting for the database password which will run outstanding migrations.
2015-10-19 15:09:54 +10:30
Toby Zerner
43c44efe3d Make emails translatable
closes #267
2015-10-19 11:23:39 +10:30
Toby Zerner
f255d318ef Add multiple UrlGenerator classes for forum/api/admin
Spent quite a while looking into the best solution here and ended up going with three separate classes. Thanks to @Luceos for the PR that got this rolling (#518). My reasoning is:

- The task of routing and URL generation is independent for each section of the app. Take Flarum\Api\Users\IndexAction for example. I don't want to generate a URL to a Flarum route... I specifically want to generate a URL to an API route. So there should be a class with that specific responsibility.
- In fact, each URL generator is slightly different, because we need to add a certain prefix to the start (e.g. /api)
- This also allows us to get rid of the "flarum.api" prefix on each route's name.
- It's still DRY, because they all extend a base class.

At the same time, I could see no reason this needed to be "interfaced", so all of the classes are concrete.

Goes a long way to fixing #123 - still just a few places left remaining with hardcoded URLs.
2015-10-02 17:35:29 +09:30
Franz Liedke
393f2de146 Fix last commit 2015-09-23 18:30:28 +02:00
Franz Liedke
6f47f4a86f Fix infinite redirect on some nojs pages. 2015-09-23 17:55:16 +02:00
Toby Zerner
69a50565bb Don't catch JS error in debug mode 2015-09-23 10:52:26 +09:30
Daniel Klabbers
84e670082b fixed flarum/core#489 missing meta description from admin area 2015-09-16 21:43:53 +02:00
Toby Zerner
9bf485359a Prevent XML from being interpreted as PHP short tags 2015-09-14 18:12:36 +09:30
Toby Zerner
1f8f79d272 Don't require database password confirmation 2015-09-04 21:45:52 +09:30
Franz Liedke
85fc0a3129 Web installer: Fix name of table prefix field 2015-09-04 12:14:48 +02:00
Franz Liedke
0a992ee9f2 Reorder installer fields 2015-09-04 12:00:39 +02:00
Franz Liedke
42f1abacaf Ask for password confirmation in web installer, too
Closes #405.
2015-09-04 12:00:03 +02:00
Franz Liedke
c91f8de1f5 Be more consistent in case AJAX does not work 2015-08-31 22:37:04 +02:00
Franz Liedke
5783dbe77b Try to fix Safari bug during installation 2015-08-31 22:35:12 +02:00
Franz Liedke
4c34d0867d Add field for table prefix in web installer
Related to #269.
2015-08-31 09:10:27 +02:00
Toby Zerner
5e22458014 Installer: Prevent crash when views directory is not writable
Use plain PHP templates instead of Blade templates so there is nothing
that needs to be written.

closes #376
2015-08-31 14:25:16 +09:30
Huy Tran
cf68c95fb8 Make Google Web Font work on both HTTP and HTTPS 2015-08-27 20:17:42 -07:00
Toby Zerner
5c5be89928 Check some requirements before installation 2015-08-27 20:11:06 +09:30
Toby Zerner
376031fdf5 Update links and remove license file extension 2015-08-27 19:56:37 +09:30
Franz Liedke
75a77e437c Fix installer link to Flarum website 2015-08-27 11:37:49 +02:00
Toby Zerner
02130eee3e Use new discussion URL format 2015-08-25 19:52:24 +09:30
Toby Zerner
ec2aa371b1 Fix installer issues 2015-08-17 14:32:38 +09:30
Toby Zerner
1052aa55ea Implement web installer 2015-08-17 14:12:02 +09:30
Toby Zerner
8065c980d4 Don't redirect to HTML-only mode if in debug mode 2015-08-14 12:50:15 +09:30
Toby Zerner
ee2497f300 Prepend base URL to assets 2015-08-13 10:44:16 +09:30
Toby Zerner
fa5c7cb123 Build very rough HTML-only content
And redirect to the "no JS" mode if the JS app crashes on boot.

ClientView/ClientAction is all a bit of a mess and will need to be
radically cleaned up at some point...
2015-08-06 12:21:11 +09:30
Toby Zerner
c8084c3925 Remove footer and move language selection to header 2015-08-06 12:16:55 +09:30
Toby Zerner
e204794b91 Allow custom variables to be set on the client app 2015-07-31 20:08:27 +09:30
Toby Zerner
ce14273c43 Use System.get instead of System.import
All of the modules we import should already be loaded, and we don't
want to ever attempt to import them anyway because we do not include a
Promise polyfill.
2015-07-29 21:08:24 +09:30
Toby Zerner
e863bd53d3 Get admin area working again 2015-07-29 20:58:22 +09:30
Toby Zerner
3489791932 Allow customisation of the client layout 2015-07-27 14:45:35 +09:30
Toby Zerner
aec641d65b Use System.get instead of System.import
Means we get drop Promise polyfill
2015-07-27 14:16:39 +09:30
Toby Zerner
6b7cf1b6bf Rework extension bootstrapping
System JS modules don't execute when they're registered, so we need to
import them explicitly. While we're at it, we may as well make the
locale bootstrapper a module too.
2015-07-20 18:08:28 +09:30
Toby Zerner
51946a069f Throw error to console if app fails to boot 2015-07-17 17:43:51 +09:30
Toby Zerner
a9ded36b57 Major CSS revamp
- Get rid of Bootstrap (except we still rely on some JS)
- Use BEM class names
- Rework variables/theme config
- Fix various bugs, including some on mobile

The CSS is still not ideal – it needs to be cleaned up some more. But
that can be a focus for after beta.
2015-07-17 14:47:49 +09:30
Toby Zerner
ab6c03c0cc Massive JavaScript cleanup
- Use JSX for templates
- Docblock/comment everything
- Mostly passes ESLint (still some work to do)
- Lots of renaming, refactoring, etc.

CSS hasn't been updated yet.
2015-07-15 14:01:11 +09:30
Toby Zerner
38c2ff0306 Finish client action refactoring. closes flarum/core#126 2015-07-07 19:23:13 +09:30
Toby Zerner
99876e9e36 Initial refactor of client actions, data preloading, SEO
An initial stab at flarum/core#126. Still WIP. Preliminary
implementation of flarum/core#128 and flarum/core#13.
2015-07-07 15:29:21 +09:30
Franz Liedke
31effe943e Implement Android theme color support
As requested in the forums.
http://updates.html5rocks.com/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
2015-06-26 23:11:13 +02:00
Toby Zerner
f3b8c31e18 Make home button route correctly, not respond on middle click
Amends flarum/core#140, closes flarum/core#136
2015-06-25 08:14:51 +09:30
Franz Liedke
8a496970e9 Link to forum homepage in header bar.
Closes #140.
2015-06-24 22:21:44 +02:00
Toby Zerner
d14716fa4d Get login/forgot password working again 2015-06-19 11:19:49 +09:30
Toby Zerner
822a216cc9 Roughly implement routes and data preloading
Only preloading data for basic requests w/o query params, at least for
the moment - if we have to preload for something like
/?q=test&sort=newest, we end up having to duplicate a whole lot of
logic between JS/PHP.
2015-06-18 17:41:37 +09:30
Toby Zerner
2741923714 Improvements to change/forgot password 2015-05-27 16:25:44 +09:30
Toby Zerner
696bfe5a07 Improve email changing/confirmation stuff 2015-05-27 16:24:54 +09:30
Toby Zerner
feb4676aa0 Very rough implementation of forgot password 2015-05-26 11:14:06 +09:30
Toby Zerner
f0219de93f Fix admin 2015-05-05 09:16:53 +09:30
Toby Zerner
a2fd60ed0c Define assets in a more appropriate spot, make extensible 2015-05-02 08:10:06 +09:30
Toby Zerner
c3aecbceaa Extract config into database 2015-05-02 08:07:51 +09:30
Toby Zerner
ac269683ed Merge remote-tracking branch 'upstream/master' 2015-04-25 22:45:27 +09:30
Toby Zerner
b68a4711dc Replace Ember app with Mithril app 2015-04-25 22:28:39 +09:30
Rodrigo Argumedo
ccc03ddc93 Update wording of the confirmation email 2015-04-20 10:23:33 -06:00
Rodrigo Argumedo
8087edbc79 Added a note where if users..
did not sign up with Flarum.
2015-04-17 17:49:41 -06:00
Maksim Knyshov
1bd69f80c7 Remove unneeded .gitkeep's 2015-03-31 22:38:15 +03:00
Toby Zerner
40a6d77e74 Big front-end asset/filestructure refactor
- Extract shared Ember components into a “flarum-common” ember-cli
addon. This can be used by both the forum + admin Ember apps, keeping
things DRY
- Move LESS styles into their own top-level directory and do a similar
thing (extract common styles)
- Add LESS/JS compilation and versioning to PHP (AssetManager)
- Set up admin entry point

(Theoretical) upgrade instructions:
- Delete everything in [app_root]/public
- Set up tooling in forum/admin Ember apps (npm install/update, bower
install/update) and then build them (ember build)
- php artisan vendor:publish
- Upgrade flarum/flarum repo (slight change in a config file)
- If you need to trigger a LESS/JS recompile, delete the .css/.js files
in [app_root]/public/flarum. I set up LiveReload to do this for me when
I change files in less/ or ember/

Todo:
- Start writing admin app!
- Remove bootstrap/font-awesome from repo and instead depend on their
composer packages? Maybe? (Bower is not an option here)
2015-03-29 22:13:26 +10:30
Toby Zerner
42e6bb1d7f Add a loading indicator before the Ember app boots 2015-03-23 12:06:55 +10:30
Toby Zerner
1d6616a419 Responsive design baby!
Mobile responsive design with a very native feel, all in pure CSS (no
templating differences between versions — even though some things are
in very different positions.)

I’ve been working on this whole thing in my head for a while now,
planning out how certain components will be laid out on the mobile
version, and how to reason about them in the templates so that a
substantially different layout can still be achieved by only using CSS.
Today I finally wrote the CSS and it’s come together pretty damn
perfectly.

Still to come:
- Swiping left or right on discussions to reveal controls
- Tablet version
2015-03-03 20:30:52 +10:30
Toby Zerner
2c46888db5 Upgrade to L5 + huge refactor + more. closes #2
New stuff:
- Signup + email confirmation.
- Updated authentication strategy with remember cookies. closes #5
- New search system with some example gambits! This is cool - check out
the source. Fulltext drivers will be implemented as decorators
overriding the EloquentPostRepository’s findByContent method.
- Lay down the foundation for bootstrapping the Ember app.
- Update Web layer’s asset manager to properly publish CSS/JS files.
- Console commands to run installation migrations and seeds.

Refactoring:
- New structure: move models, repositories, commands, and events into
their own namespaces, rather than grouping by entity.
- All events are classes.
- Use L5 middleware and command bus implementations.
- Clearer use of repositories and the Active Record pattern.
Repositories are used only for retrieval of ActiveRecord objects, and
then save/delete operations are called directly on those ActiveRecords.
This way, we don’t over-abstract at the cost of Eloquent magic, but
testing is still easy.
- Refactor of Web layer so that it uses the Actions routing
architecture.
- “Actor” concept instead of depending on Laravel’s Auth.
- General cleanup!
2015-02-24 20:33:18 +10:30