Change from basic auth to form based login #562
Conversation
|
By analyzing the blame information on this pull request, we identified @dvanwinkle, @flovilmart and @deada92 to be potential reviewers. |
|
@JeremyPlease It doesn't look like you added any tests. It'd be really nice to see some, and also make sure that you didn't break any existing tests. |
|
Do we really need passport/passport-local? I'm kinda opinionated with dependency usage :) and you can just tell me it would take a very long time to implement without it :) |
|
I can review it if the tests that will be added pass.. |
|
Suggest we remove the editor config and lint rules/setup until a decision has been made on these. |
There was a problem hiding this comment.
Thanks @JeremyPlease for that one! Most wanted feature it seems. Can you address the few comments here and there and we'll be able to move forward with that!
| <Icon width={80} height={80} name='infinity' fill='#093A59' /> | ||
| <form method='post' ref='form' action={this.props.endpoint} className={styles.form}> | ||
| { | ||
| //<CSRFInput /> |
There was a problem hiding this comment.
Can we have CSRF taken care of?
| // App entry point | ||
|
|
||
| var path = window.PARSE_DASHBOARD_PATH || '/'; | ||
| ReactDOM.render(<Login path={path}/>, document.getElementById('login_mount')); |
There was a problem hiding this comment.
We want the trailing \n ;)
|
(sorry it looks like my email reply didn't get posted here) Thank you everyone for all the feedback! I'll try to respond in detail and provide a meaningful update within the next 24 hours or so. |
|
No problemo! |
|
Thank you everyone for all the feedback! I'll try to respond in detail and |
|
@JeremyPlease seems that your email came in :) |
|
@JeremyPlease updated the pull request - view changes |
|
Alrighty. Finally some time to make some updates! @dvanwinkle Current tests pass and I added a couple more. The overall repo definitely needs more tests though. @steven-supersolid I'll move eslint/editorconfig to a new PR. @flovilmart: Please let me know if anyone has any other feedback, concerns, or requests. Thanks again! |
|
I'll conduct some local testing, as that is a security feature :) |
|
At least from a code perspective, 👍. Haven't ran locally though. |
|
Anyone interested in testing locally, here are the steps:
|
|
bump Anyone have any questions or concerns? @flovilmart anything you'd like to see changed? |
|
Would love to see this merged if you're all ok with it. |
|
Sorry it's taking forever... |
|
any eta for the merge @flovilmart ? |
|
All changes look good, I'm a bit scared of merging but that should be fine :) |
|
Looks like there are a couple of existing tests for authentication and these still pass, plus a few tests added. So as long as we trust those tests then I think it should be OK too. |
|
One small optional change - since the review was created we're encouraging contributors to update the changelog with their changes to reduce overhead. |
|
I'll take care of adding it to the changelog for the next release ;) |
|
I hope, this logic works well with parse server example . Can we extend this logic to apply authorization on parse classes? |
|
Getting this error:
|
Summary
/loginusers./loginThis resolves #493