BREAKING CHANGE: This upgrades the internally used Express framework from version 4 to 5, which may be a breaking change. If Parse Server is set up to be mounted on an Express application, we recommend to also use version 5 of the Express framework to avoid any compatibility issues. Note that even if there are no issues after upgrading, future releases of Parse Server may introduce issues if Parse Server internally relies on Express 5-specific features which are unsupported by the Express version on which it is mounted. See the Express [migration guide](https://expressjs.com/en/guide/migrating-5.html) and [release announcement](https://expressjs.com/2024/10/15/v5-release.html#breaking-changes) for more info.
BREAKING CHANGE: This removes the username from the email verification and password reset process to prevent storing personally identifiable information (PII) in server and infrastructure logs. Customized HTML pages or emails related to email verification and password reset may need to be adapted accordingly. See the new templates that come bundled with Parse Server and the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/8.0.0.md) for more details.
* Fix session token issue
* verify email problem
* Fix password reset problem
* Change test file name
* Split tests
* Refetch user
* Replaces lets to consts
* Refactor unit test
What you have is just finee, but wanted
to show you what I meant with my comment
Use jasmine's this to set stuff in beforeEach's
Not that all functions need to be `function ()` instead of
`() =>` so `this` is preserved.
see: https://jasmine.github.io/tutorials/your_first_suite#section-The_%3Ccode%3Ethis%3C/code%3E_keyword
Co-authored-by: Antonio Davi Macedo Coelho de Castro <adavimacedo@gmail.com>
* adapted public api route for use with ajax
* Elegant error handling
* Fixed error return
* Public API error flow redone, tests
* Fixed code to pre-build form
* Public API change password return params
* Reverted errors in resetPassword
* Fixed querystring call
* Success test on ajax password reset
* Added few more routes to tests for coverage
* More tests and redone error return slightly
* Updated error text
* Console logs removal, renamed test, added {} to if
* Wrong error sent
* Revert changes
* Revert "Revert changes"
This reverts commit 68ee2c44bf2411ca8b56b039a4d490a7e2f99ae9.
* real revert of {}
* nits and test fix
* fix tests
* throw proper error
* Fix for unhandled undefined config
When an invalid application id is passed either for reset/change password or email verification, config.get returns undefined. This causes internal server.
* Throwing a 403 exception instead of returning a 404 for an invalid app id
Also, added a missing semicolon
* Fix indent issues
* Fix invalid colon to semicolon
* Fix space and indent issues
* Tests for the fix for unhandled undefined config
* Adds flow types / Configuration interfaces
* Lets call it options
* Use a single interface to generate the configurations
* Translates options to definitions only if comments are set
* improves logic
* Moves objects around
* Fixes issue affecting logging of circular objects
* fixes undefined env
* Moves all defaults to defaults
* Adds back CLI defaults
* Restored defaults in commander.js
* Merge provided defaults and platform defaults
* Addresses visual nits
* Improves Config.js code
* Adds ability to pass the default value in trailing comments
* Load platform defaults from the definitions file
* proper default values on various options
* Adds ParseServer.start and server.start(options) as quick startup methods
* Moves creating liveQueryServer http into ParseServer.js
* removes dead code
* Adds tests to guarantee we can start a LQ Server from main module
* Fixes incorrect code regading liveQuery init port
* Start a http server for LQ if port is specified
* ensure we dont fail if config.port is not set
* Specify port
* ignore other path skipped in tests
* Adds test for custom middleware setting
* Refactors new Config into Config.get
- Hides AppCache from ParseServer.js, use Config.put which validates
* Extracts controller creation into Controllers/index.js
- This makes the ParseServer init way simpler
* Move serverURL inference into ParseServer
* review nits
* -Defines new public API route /apps/:appId/resend_verification_email that will generate a new email verification link and email for a user identified by username in POST body
-Add template and url support for invalidVerificationLink, linkSendSuccess, and linkSendFail pages. The invalidVerificationLink pages includes a button that allows the user to generate a new verification email if their current token has expired, using the new public API route
-All three pages have default html that will be functional out of the box, but they can be customized in the customPages object. The custom page for invalidVerificationLink needs to handle the extraction of the username and appId from the url and the POST to generate the new link (this requires javascript)
-Clicking a link for an email that has already been verified now routes to the emailVerifySuccess page instead of the invalidLink page
* Fix package.json repo url to be parse-server againwq
* Fix js lint issues
* Update unit tests
* Use arrow functions, change html page comments, use qs and a string template to construct location for invalidVerificationLink page, syntax fixes
* Remember to pass result when using arrow function
1. Add no space in paren rule
2. fix spec/eslintrc.json so it allow for inheriting from root rc.
Because the spce rc specified reccomended, it "turned off" all of the
rule tweaks in the root. This fixes that.
* Injected the username when password has changed.
When the resetPassword controller has successfully updated the user's password, it now redirects the user to the password changed page with the username as a query parameters.
* Update unit test for password_reset_success redirect
* HooksRouter is enabled by default
* Adds middleswares on PromiseRouter, fixes#2410
* Move testing line to helper
* Modernize middlewares.js
* Moves DB uniqueness initialization to DBController, modernize
* Moves testing related code to spec folder
* remove unused _removeHook function
* Adds tests, docs for Analytics and improvements
* nit
* moves back TestUtils
- Drops mailController, centralized in UserController
- Adds views folder for change_password
- Improves PromiseRouter to support text results
- Improves PromiseRouter to support empty responses for redirects
- Adds options to AdaptableController
- UsersController gracefully fails when no adapter is set
- Refactors GlobalConfig into same style for Routers
