* Add parseFrameURL for masking user-facing pages.
Allow users to specify a different address which is used to mask parse
requests for verifying email and resetting password. This is how Parse.com
used to allow customers to gain control over page content, styling etc.
On the destination page javascript is used to check the link in the request
and embed the parse server page using IFRAME.
* Fix code indentation
* Rename method for building link and pass config to it.
* Add customPages options to README.md.
* Add tests for parseFrameURL email link building, and parseFrameURL option.
* Add parseFrameURL for masking user-facing pages.
Allow users to specify a different address which is used to mask parse
requests for verifying email and resetting password. This is how Parse.com
used to allow customers to gain control over page content, styling etc.
On the destination page javascript is used to check the link in the request
and embed the parse server page using IFRAME.
* Fix code indentation
* Rename method for building link and pass config to it.
* Add customPages options to README.md.
* Don't Object.assign to defaultConfiguration global
see: aa28f52271
pretty incredible that they would release this as a patch release, but my fix is solid and defensive
chore(package): update winston-daily-rotate-file to version 1.4.2
https://greenkeeper.io/
* Adds error reproduction
* Fix transform in order to accept nested array results in $in/$nin
The error originated by the nesting of 2 array in $in [["..."]], using _.flatMap with those will guarantee at the lower level
that the query is properly resolved
* nits
* _.flatMap the $in/$nin values
* Moves all authentication providers to Adapter/Auth
* refactors specs
* Deprecates oauth option in favor of auth option
- Deprecates facebookAppIds option (in favor of auth.facebook.appIds)
- Adds warnings about the deprecated options
* nits
- add a config option to explicitly enumerate pii fields beyond email
- in query controller, strip pii of user table results before sending out the door.
1. Add no space in paren rule
2. fix spec/eslintrc.json so it allow for inheriting from root rc.
Because the spce rc specified reccomended, it "turned off" all of the
rule tweaks in the root. This fixes that.
* adds resetTokenValidityDuration setting
* adds a validator to validate password that can be used to enforce strong
passwords
* adds unit tests for passwordPolicy.validator
* adds unit tests to to fail reset password function if password is not in a valid format
* updates README.md for passwordPolicy
* prevents duplicate check for password validator in updateUserPassword
* adds optional setting to disallow username in password
* updates test cases to use fdescribe instead of describe
* updates test cases to use request-promise instead of request
* adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator
* expect username parameter in redirect to password_reset_success
* adds support for _perishable_token_expires_at in postgres
* Injected the username when password has changed.
When the resetPassword controller has successfully updated the user's password, it now redirects the user to the password changed page with the username as a query parameters.
* Update unit test for password_reset_success redirect
