Skip to content

Support multiple ways of communicating with user #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
eddyystop opened this issue Nov 22, 2016 · 9 comments
Closed

Support multiple ways of communicating with user #1

eddyystop opened this issue Nov 22, 2016 · 9 comments
Labels
In progress

Comments

@eddyystop
Copy link
Collaborator

eddyystop commented Nov 22, 2016
edited
Loading

@beeplin I've tried to extract what you propose into concrete changes. Could you please see if these are complete?

Changes to do before release

  • DONE rename options.userPropsForShortToken to options.identifyUserProps.
  • DONE 0 checkUniqueness(uniques, ownId, meta) OK
  • DONE resendVerifySignup(emailOrToken, notifierOptions)
    • DONE find user with any props in options.identifyUserProps
    • DEV notifer uses user.primaryCommunication to route notification.
  • DONE 0verifySignupWithLongTokenverifySignupWithLongToken(verifyToken) OK
  • DONE 0verifySignupWithShortToken(verifyShortToken, findUser) OK
  • DONE sendResetPwd(email, notifierOptions)
    • DONE find user with any props in options.identifyUserProps
    • DEV notifer uses user.primaryCommunication to route notification.
  • DONE 0 resetPwdWithLongToken(resetToken, password) OK
  • DONE 0 resetPwdWithShortToken(resetShortToken, findUser, password) OK
  • DONE passwordChange(user, oldPassword, password) [edit]
    • DONE user.email is used. find user with any props in options.identifyUserProps [edit]
  • emailChange(user, password, email)
    • DONE change name to identityChange
    • DONE notifier now gets identityChange instead of emailChange
    • DONE find user with any props in options.identifyUserProps
    • DONE email param is now { prop1, prop2 } for any props in options.identifyUserProps
    • DONE set the new field user.verifyChanges to { prop: value }
    • DONE add user.verifyChanges to hooks.addVerification & .removeVerification
    • DONE generate verifyToken, verifyTokenShort and verifyExpires.
    • DONE isVerified remains true so user can still sign in until notification is verified.
    • DONE call userNotifier to send the verify tokens like resendVerifySignup does now.
      • DONE verifyChanges contains the props that will be changed on verification
      • DONE newEmail is therefore no longer needed
      • DEV a simple notification if verifyChanges prop !== user.primaryCommunication
      • DEV notifications to old and new values if verifyChanges prop === user.primaryCommunication
    • DONE this call allows a change for any options.identifyUserProps value to be verified, not just the user.primaryCommunication one.
  • DONE verifySignup(query, tokens): called by verifySignupWithLongToken and verifySignupWithShortToken
    • DONE use `user.verifyChanges to change the appropriate field.
    • DONE erase user.verifyChanges along with verifyToken, verifyTokenShort and verifyExpires.
    • DONE test that verifyChanges updates
  • DONE hooks.addVerification & .removeVerification test verifyChanges
  • DONE wrapper sendResetPwd(identifyUser, notifierOptions), not (email, notifierOptions)
  • DONE wrapper passwordChange(oldPassword, password, identifyUser), not (oldPassword, password, user)
  • DONE wrapper identityChange(password, changesIdentifyUser, identifyUser), not emailChange(password, email, user)
  • DONE Its probably best to set user.verifyProp = {} on initial creation of user so that case is not different than identityChange.
  • DONE change sanitizeUserForEmail to sanitizeUserForNotifier. [edit]
  • DONE update README
  • DONE make $className specific enough to map to error messages on the UI.
  • DONE change about 100 tests to use promises instead of callbacks. then remove cb support from service.
  • DONE get code climate badge working
  • DONE helpers.js no longer has a dependency on configuration options.
  • DONE addVerification no longer has a dependency on configuration options. The config options are now required as a param for addVerification.
  • DONE investigate what is necessary to manage, say, user and organization authentications at the same time.
  • DONE we have to find a way to call authManagment service methods for different configuration instances.
  • ekryski what do we do with the wrapper authenticate?
  • ekryski update README for authentication with v1.0
@eddyystop
Copy link
Collaborator Author

eddyystop commented Nov 23, 2016
edited
Loading

Migration from feathers-service-verify-reset:

  • options.userPropsForShortToken renamed options.identifyUserProps.
    It contains all fields uniquely identifying the user.
    These will mainly be communications (email, cellphone, facebook) but also username.

  • The prop names in options.identifyUserProps need to have unique key columns in the DB.
    This repo uses DB failures to catch duplicate keys,
    because .verifyChange values makes catching potential duplicates difficult.

  • user item should have a primaryCommunication prop for the notifier.

  • hooks.restrictToVerified renamed hooks.isVerified

  • options.userNotifier renamed options.notifier

  • notifier must return a promise

  • notifier(p1, p2, p3) now, not (p1, p2, p3, newEmail). Contents of changes in verifyChange.

  • notifier type emailChange is now identityChange

  • resendVerifySignup no longer allows a string param to be the email

  • verifyReset param actions removed: unique, resend, verify, forgot, reset, password, email

  • options.service added. default '/users' ** Does this satisfy needs e.g. signin by organization?**

  • service accessed by require(repo-name) now, not require(repo-name).service.

  • hooks still accessed by require('repo-name').hooks.

  • hooks.addVerification now requires the same options as used with .configure(authManagement({ options })). This allows addVerification to be used with multiple instances of authManagement configurations.

  • hooks.addVerification's options.len removed. use options.longTokenLen

  • wrapper sendResetPwd(identifyUser, notifierOptions) now, not (email, notifierOptions)

  • wrapper passwordChange(oldPassword, password, identifyUser) now, not (oldPassword, password, user)

  • wrapper identityChange(password, changesIdentifyUser, identifyUser) now, not emailChange(password, email, user)

  • neither the service nor the wrappers support callbacks.
    Callbacks for services are being removed from feathers in early 2017 with the Buzzard release.

  • service changed from

    verifyReset.create({
      action: 'passwordChange',
      value: { oldPassword: plainPassword, password: plainNewPassword },
    }, { user: paramsUser }, cb)

to

    verifyReset.create({
      action: 'passwordChange',
      value: { user: { email }, oldPassword: plainPassword, password: plainNewPassword },
    }, {}, cb)
  • service changed from
    verifyReset.create({
      action: 'emailChange',
      value: { password: plainPassword, email: newEmail },
    }, { user: paramsUser }, cb)

to

    verifyReset.create({
      action: 'identityChange',
      value: { user: { email }, password: plainPassword, changes: { email, cellphone } },
    }, {}, cb)
  • user needs to add these hooks for the verifyReset service:
    for feathers-authenticate < v1.0
    const isAction = (...args) => hook => args.includes(hook.data.action);
    before: {
        create: [
          hooks.iff(isAction('passwordChange', 'emailChange'), auth.verifyToken()),
          hooks.iff(isAction('passwordChange', 'emailChange'), auth.populateUser()),
        ],
    },

or for feathers-authenticate v1.0

    const isAction = (...args) => hook => args.includes(hook.data.action);
    before: {
      create: [
        hooks.iff(isAction('passwordChange', 'emailChange'), auth.hooks.authenticate('jwt')),
        hooks.iff(isAction('passwordChange', 'emailChange'), auth.populateUser()),
      ],
    },

This was referenced Nov 23, 2016
Closed
Merged
@eddyystop
Copy link
Collaborator Author

Docs for Auk branch of Feathers GitBook have been pushed, waiting for review.
Waiting for ekryski to use this repo with some of his apps.

@beeplin
Copy link

beeplin commented Dec 1, 2016

nice~!

@eddyystop
Copy link
Collaborator Author

@beeplin, you may want to check feathers-hooks-populate to see if it could be useful to you. Comments are invited.

FYI, it does not automatically populate items in hook.params, just hook.data and hook.result. I did not see a clear need for hook.params, plus a fake hook could always be created to handle this.

@beeplin
Copy link

beeplin commented Dec 5, 2016

sure, thanks :)

@beeplin
Copy link

beeplin commented Dec 5, 2016

I checked the doc and will try it in my projects. Thanks for the wonderful design.

Again, I still didn't quite catch how the new permission string works. Is any new doc for feathers-permissions available now?

And, I still don't see why we need both query and select at the same time. I think they are one thing. Did I miss something?

BTW what is the current status of this repo (management)? Since now it is a part of Auk, does that mean it will not be officially released until Auk is ready for production? And when will this happen? Eager to use it :)))

@eddyystop
Copy link
Collaborator Author

eddyystop commented Dec 5, 2016 via email

@beeplin
Copy link

beeplin commented Dec 5, 2016

got it. excited!

@eddyystop
Copy link
Collaborator Author

@beeplin, serialize hook added. It removes unwanted data from populated items, and adds computed values.

@beeplin beeplin mentioned this issue Dec 20, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
In progress
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@eddyystop @beeplin