-
-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add parseFrameURL for masking user-facing pages #3267
Conversation
Allow users to specify a different address which is used to mask parse requests for verifying email and resetting password. This is how Parse.com used to allow customers to gain control over page content, styling etc. On the destination page javascript is used to check the link in the request and embed the parse server page using IFRAME.
Allow users to specify a different address which is used to mask parse requests for verifying email and resetting password. This is how Parse.com used to allow customers to gain control over page content, styling etc. On the destination page javascript is used to check the link in the request and embed the parse server page using IFRAME.
User controller tests
Looks like there is a failing spec:
I tried running the specs locally and for some reason, when the entire suite is run, this test fails, but if you just run ValidationAndPasswordsReset spec, it passes. So it could be some cross-test issue. Update: Yeah it's definitely something I do in UserController.spec.js that causes ValidationAndPasswordsReset.spec.js to fail. Fun :) Update 2: Ah, dooh. It's the Object.assign to defaultConfiguration (which is actually a global, one quickly forgets). I'll send a PR to your branch, @lenart. |
Don't Object.assign to defaultConfiguration global
@lenart updated the pull request - view changes |
Cool, thanks for merging the patch for those cross-test issues, @lenart. All checks passing now 👍 |
@flovilmart Based on your comment in #3091 we added tests, to verify that the email link is built as it was before, without the parseFrameURL option. They don't specifically test the buildEmailLink function, but verifies that the links in the resulting emails are correct. It felt weird to test buildEmailLink directly, especially since it's a private function hidden in the UserController's closure. |
Thank you all. We wouldn't have a merge if it wasn't for @jure's tests ;) |
thanks for adding this.is there any documentation or example for the .html? |
Thanks for bringing this up - a sample file should be placed somewhere for reference. I think this should work (this is the same as sample provided by parse.com). You'll obviously need to change the base variable. Other variables might also need small adjustments. <!DOCTYPE html>
<html>
<head>
<title>Password Reset</title>
</head>
<body>
<h1>Reset Your Password<span id='app'></span></h1>
<noscript>We apologize, but resetting your password requires javascript</noscript>
<div class='error' id='error'></div>
<form id='form' action='#' method='POST'>
<label>New Password for <span id='username_label'></span></label>
<input name="new_password" type="password" />
<input name='utf-8' type='hidden' value='✓' />
<input name="username" id="username" type="hidden" />
<input name="token" id="token" type="hidden" />
<button>Change Password</button>
</form>
<script language='javascript' type='text/javascript'>
<!--
window.onload = function() {
var urlParams = {};
(function () {
var pair, // Really a match. Index 0 is the full match; 1 & 2 are the key & val.
tokenize = /([^&=]+)=?([^&]*)/g,
// decodeURIComponents escapes everything but will leave +s that should be ' '
re_space = function (s) { return decodeURIComponent(s.replace(/\+/g, " ")); },
// Substring to cut off the leading '?'
querystring = window.location.search.substring(1);
while (pair = tokenize.exec(querystring))
urlParams[re_space(pair[1])] = re_space(pair[2]);
})();
var base = 'https://www.parse.com';
var id = urlParams['id'];
document.getElementById('form').setAttribute('action', base + '/apps/' + id + '/request_password_reset');
document.getElementById('username').value = urlParams['username'];
document.getElementById('username_label').appendChild(document.createTextNode(urlParams['username']));
document.getElementById('token').value = urlParams['token'];
if (urlParams['error']) {
document.getElementById('error').appendChild(document.createTextNode(urlParams['error']));
}
if (urlParams['app']) {
document.getElementById('app').appendChild(document.createTextNode(' for ' + urlParams['app']));
}
}
//-->
</script>
</body> |
@lenart is that the file that is supposed to be associated with "parseFrameURL" (once the base changed) because it looks what you posted looks a lot like the "choosePassword" template. |
@fishandphil yeah sorry for the confusion. I think the documentation needs to be improved and also this part of the code probably needs some more love. I never tested verifying emails as I didn't need it and thus only followed the existing patterns and config variables. The setup I currently use is the following (not caring about email verification).
I haven't tested this with |
Allow users to specify a different address which is used to mask parse requests for verifying email and resetting password. This is how Parse.com used to allow customers to gain control over page content, styling etc.
On the destination page javascript is used to check the link in the request and embed the parse server page using IFRAME.
This is a clone of a closed PR (#3091) because I reorganized git branches. Thanks to @jure for adding tests.