BREAKING CHANGE: This removes the username from the email verification and password reset process to prevent storing personally identifiable information (PII) in server and infrastructure logs. Customized HTML pages or emails related to email verification and password reset may need to be adapted accordingly. See the new templates that come bundled with Parse Server and the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/8.0.0.md) for more details.
BREAKING CHANGE: Fields in the internal scope of Parse Server (prefixed with underscore `_`) are only returned using the new `maintenanceKey`; previously the `masterKey` allowed reading of internal fields; see [access scopes](https://github.com/parse-community/parse-server#access-scopes) for a comparison of the keys' access permissions (#8212)
* adapted public api route for use with ajax
* Elegant error handling
* Fixed error return
* Public API error flow redone, tests
* Fixed code to pre-build form
* Public API change password return params
* Reverted errors in resetPassword
* Fixed querystring call
* Success test on ajax password reset
* Added few more routes to tests for coverage
* More tests and redone error return slightly
* Updated error text
* Console logs removal, renamed test, added {} to if
* Wrong error sent
* Revert changes
* Revert "Revert changes"
This reverts commit 68ee2c44bf2411ca8b56b039a4d490a7e2f99ae9.
* real revert of {}
* nits and test fix
* fix tests
* throw proper error
* removes from emailverificationtoken spec
* updates winston
* Updates ValidationAndPasswordsReset
* Use local request in schemas
* Removes request in rest.spec
* Removes request from PushRouter0
* removes request from public API
* removes request from index.spec
* Removes request form parse.push spec
* removes request from ParseInstallation spec
* Removes from ParseHooks
* removes request from ParseGlobalConfig.spec
* Removes request from ParseAPI.spec.js
* removes request from LogsRouter
* removes in features
* Filters undefined headers instead of crashing
* Removes request from ParseUser spec
* Removes usage of request in ParseFile.spec.js
* Removes request from AuthAdapters.js
* removes request-promise from ParseGeoPoint.spec
* Removes request-promise from ParseQuery spec
* remove request-promise from UserPII
* removes request-promise from EnableExpressErrorHandler
* Updates RevocableSessionUpgrade spec
* Update RestQuery
* Removes read preferenceOptionM
* ensure we forward auth from URL
* use request in CloudCode.spec.js
* Removes request-promise from JobSchedule.spec
* Removes rp from VerifyUserPassword.spec.js
* Removes rp from PasswordPolicy spec
* Removes rp from ParsePolygon spec
* Removes rp from fullTextSearch spec
* Removes rp from PArseQuery.Aggregate
* Ensure we properly forward errors
* Removes request and request-promise
* adds resetTokenValidityDuration setting
* adds a validator to validate password that can be used to enforce strong
passwords
* adds unit tests for passwordPolicy.validator
* adds unit tests to to fail reset password function if password is not in a valid format
* updates README.md for passwordPolicy
* prevents duplicate check for password validator in updateUserPassword
* adds optional setting to disallow username in password
* updates test cases to use fdescribe instead of describe
* updates test cases to use request-promise instead of request
* adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator
* expect username parameter in redirect to password_reset_success
* adds support for _perishable_token_expires_at in postgres
