Skip to content
This repository has been archived by the owner on Dec 13, 2018. It is now read-only.

Commit

Permalink
Merge remote-tracking branch 'origin' into refactor-client-config
Browse files Browse the repository at this point in the history
Conflicts:
	docs/changelog.rst
  • Loading branch information
Robert committed Oct 28, 2015
2 parents 50bb4a4 + dbc04b4 commit 6c05010
Show file tree
Hide file tree
Showing 16 changed files with 64 additions and 39 deletions.
12 changes: 6 additions & 6 deletions docs/authentication.rst
Expand Up @@ -10,11 +10,11 @@ Browser Sessions
If you are building a web application that serves traditional HTML pages, or a
Single Page Application (Angular/React), this library will handle the cookie
sessions for you. Behind the scenes we are issuing an OAuth Access Token and
Refresh Token to the browser.
Refresh Token to authenticate the browser.

If you want to ensure that as user is logged into your application, you should
If you want to ensure that the user is logged into your application, you should
use the ``loginRequired`` middleware. It will force the user to login if
requird, or continue into your middleware::
required, or continue into your middleware::

app.get('/secret', stormpath.loginRequired, function(req, res) {
/*
Expand Down Expand Up @@ -43,7 +43,7 @@ To change these settings, you should invoke a node client directly::
.. note::
Express-Stormpath's session management will not interfere with any existing
session middleware you might have. The sessions that Stormpath uses are
exclusively used for Stormpath purposes, so it's safe you create your own
exclusively used for Stormpath's purposes, so it's safe you create your own
separate sessions.

This works by utilizing the Express `router`_.
Expand Down Expand Up @@ -74,7 +74,7 @@ is how you would protect the secret endpoint with basic authentication::
});
});

In order for your API clients to authenticate with this endpoing, they need
In order for your API clients to authenticate with this endpoint, they need
to supply an HTTP Authorization header, like this::

Authentication: Bearer <Base64UrlSafe(apiKeyId:apiKeySecret)>
Expand All @@ -87,7 +87,7 @@ You can use Curl to achieve the same request::
API Authentication: Access Tokens
---------------------------------

In the previous example we showd you how to use HTP Basic Auth. An alternative
In the previous example we showed you how to use HTTP Basic Auth. An alternative
scheme is the access token scheme, where we exhange our api keys for an access
token. The benefit of this approach is that the access tokens are short lived
and we can refresh or revoke them, without having to use our api credentials
Expand Down
22 changes: 17 additions & 5 deletions docs/changelog.rst
Expand Up @@ -13,10 +13,22 @@ Version 2.1.0

- Internal refactor of config parser


Version 2.0.15
--------------

**Not yet released.**

- Fixing postLogin / postRegistration handlers not being fired when using Google
/ LinkedIn logins. Thanks to `@cdaniel <https://github.com/cdaniel>`_ for the
pull request!
- Adding `@cdaniel <https://github.com/cdaniel>`_ to the contributors list.


Version 2.0.14
--------------

** Released on October 18, 2015.**
**Released on October 18, 2015.**

- Testing new documentation deployment stuff.
- No code changes.
Expand Down Expand Up @@ -136,7 +148,7 @@ Version 2.0.3
**Released on September 8, 2015.**

- Fixing bug in the ``groupsRequired`` authorization middleware -- it was using
a deprecated option, which was causing the library to throw an error if a user
a depreciated option, which was causing the library to throw an error if a user
was NOT a member of the required Groups.


Expand Down Expand Up @@ -238,7 +250,7 @@ Version 1.0.5

- Adding note for Windows users regarding setting environment variables.
- Added option ``sessionActiveDuration``, which can be used to extend a
session if a request is made within the active duration timeframe. This
session if a request is made within the active duration time frame. This
is passed to the ``client-sessions`` library and the default is 5 minutes.


Expand Down Expand Up @@ -432,7 +444,7 @@ Version 0.5.9
file in the current directory, and as a backup, we'll check for
``~/.stormpath/apiKey.properties`` (*platform independent*).
- Making ``secretKey`` configuration optional. If no ``secretKey`` is specified
when the Stormpath middleware is initialized, we'll create on automatically.
when the Stormpath middleware is initialized, we'll create one automatically.
This makes it easy to do test apps without hard coding a secret key value.
This is a very bad idea for production apps, though.
- Making ``application`` an optional field -- if no application href is
Expand Down Expand Up @@ -694,7 +706,7 @@ Version 0.2.9
displayed in a human-readable way.
- Improving ``enableAutoLogin`` behavior: it now successfully redirects to the
URL specified by the ``next`` querystring (*if it exists*).
- Fixing issue with session max duration. Adding in workaround to get around
- Fixing issue with session max duration. Adding in a workaround to get around
the mozilla bug.


Expand Down
8 changes: 4 additions & 4 deletions docs/configuration.rst
Expand Up @@ -14,7 +14,7 @@ as **1 minute**!

Environment Variables
---------------------
Most Node.js applications exepct your confidential information to be
Most Node.js applications expect your confidential information to be
exposed by the environment (not hard-coded in the application). You
should export your Stormpath information by running this in the shell:

Expand Down Expand Up @@ -155,12 +155,12 @@ Single Page Applications
------------------------

This framework is designed to work with front-end frameworks like
Angular and React. This framework provides a JSON API for all the
Angular and React. This framework provides a JSON API for all of the
features, you will use this JSON API from your front end application.
Each feature section in this guide has specific information the
Each feature section in this guide has specific information for the
JSON API, please see those sections for feature documenation.

In some cases you may need to specity the ``spaRoot`` option. This
In some cases you may need to specify the ``spaRoot`` option. This
is the absolute file path to the entry point for your SPA. That option
would be defined like this::

Expand Down
8 changes: 8 additions & 0 deletions docs/contributors.rst
Expand Up @@ -96,5 +96,13 @@ David has contributed a patch to the project.
- Github: https://github.com/dgisser


Chris Daniel
************

Chris has contributed a patch to the project.

- Github: https://github.com/cdaniel


.. _Stormpath: https://stormpath.com/
.. _an email: info@stormpath.com
2 changes: 1 addition & 1 deletion docs/introduction.rst
Expand Up @@ -21,7 +21,7 @@ account to continue.


You may have noticed that we have another library, the `Stormpath Node SDK`_.
That library is a low-level convience library for the `Stormpath API`_. This
That library is a low-level convenience library for the `Stormpath API`_. This
Express library will cover most features that you need for your web application,
but if you want to dig deepr into the `Stormpath API`, you may need the
`Stormpath Node SDK`_.
Expand Down
4 changes: 2 additions & 2 deletions docs/login.rst
Expand Up @@ -6,7 +6,7 @@ Login

This library can serve a login page for your application, this will happen
if you opt into the ``{ website: true }`` configuration. By default the login page
will be availble at this URL:
will be available at this URL:

http://localhost:3000/login

Expand All @@ -17,7 +17,7 @@ and create the proper session cookies.
Next URI
--------

The form will render with two fields for username and passsowrd, and this form
The form will render with two fields for username and password, and this form
will be posted to ``/login``. If login is successful, we will redirect the user
to ``/``. If you wish to change this, use the ``nextUri`` config option::

Expand Down
2 changes: 1 addition & 1 deletion docs/password_reset.rst
Expand Up @@ -41,7 +41,7 @@ complete a password reset workflow by doing the following steps:
Auto Login
----------

Our library implements the most secure workflow by default: the uesr must
Our library implements the most secure workflow by default: the user must
request a password reset link, then login again after changing their password.
We recommend these settings for security purposes, but if you wish to automatically
log the user in after they reset their password you can enable that functionality
Expand Down
7 changes: 3 additions & 4 deletions docs/registration.rst
Expand Up @@ -5,8 +5,7 @@ Registration
============

The registration feature of this library allows you to use Stormpath to create
new accounts in a Stormpath directory. You can create traditional password-
based accounts, or gather account data from other providers such as Facebook and
new accounts in a Stormpath directory. You can create traditional password-based accounts, or gather account data from other providers such as Facebook and
Google.

If you've opted into the ``{ website: true }`` option in your configuration, you
Expand Down Expand Up @@ -42,7 +41,7 @@ we will cover them in detail below:
Customizing The Fields
----------------------

The registration form will render these fields by default, and the will be
The registration form will render these fields by default, and they will be
required by the user:

* giveName
Expand All @@ -52,7 +51,7 @@ required by the user:

While email and password will always be required (you'll get an API error if
you omit them), you may not need to require first and last name. These
can be configured, and we'll cover that in the next section
can be configured, and we'll cover that in the next section.

You can modify the fields that we render by default. For example, if you want
to provide the last name field but not make it required, change the required
Expand Down
4 changes: 2 additions & 2 deletions docs/setup.rst
Expand Up @@ -11,7 +11,7 @@ with Express-Stormpath.
Create a Stormpath Account
--------------------------

Now that you've decided to use Stormpath, the first thing you'll want to use is
Now that you've decided to use Stormpath, the first thing you'll want to do is
create a new Stormpath account: https://api.stormpath.com/register


Expand All @@ -20,7 +20,7 @@ Create an API Key Pair

Once you've created a new account, create a new API key pair by logging into
your dashboard and clicking the "Create an API Key" button. This will generate
a new API key for you, and prompt you to download your keypair.
a new API key for you, and prompt you to download your key pair.

.. note::
Please keep the API key pair file you just downloaded safe! These two keys
Expand Down
2 changes: 1 addition & 1 deletion docs/social_login.rst
Expand Up @@ -27,7 +27,7 @@ Create a Facebook App
The first thing you need to do is log into the `Facebook Developer Site`_ and
create a new Facebook App.

You can do this by visiting the `Facebook Developer Site`_ and click the "Apps"
You can do this by visiting the `Facebook Developer Site`_ and clicking the "Apps"
menu at the top of the screen, then select the "Create a New App" button. You
should see something like the following:

Expand Down
6 changes: 3 additions & 3 deletions docs/templates.rst
Expand Up @@ -14,7 +14,7 @@ The views that this library serves by default (if the features are enabled) are:
* Login Page
* Registration Page
* Forgot Password Page
* Chagne Password Page
* Change Password Page
* Email Verifiation Page

If you want to customize these pages, there are two strategies. You can copy
Expand Down Expand Up @@ -42,7 +42,7 @@ in the source code: https://github.com/stormpath/stormpath-express/tree/master/l

.. note::

Our library includes Jade and our default templates are written in Jad. If you
Our library includes Jade and our default templates are written in Jade. If you
are using custom templates that are not written in Jade, you must enable a
view renderer in your Express application. Please see
`Using template engines with Express`_.
Expand All @@ -65,7 +65,7 @@ rendered by this library:
+-----------------+-------------------------------------------------------------------+


If you are letting our library renderer your view (default or custom) you may
If you are letting our library render your view (default or custom) you may
want to pass some extra locals to the renderer. You can do that with the
``templateContext`` option::

Expand Down
10 changes: 8 additions & 2 deletions docs/upgrading.rst
Expand Up @@ -12,16 +12,22 @@ Version 2.0.14 -> Version 2.1.0

**No changes needed!**

Version 2.0.14 -> Version 2.0.15
--------------------------------

**No changes needed!**


Version 2.0.13 -> Version 2.0.14
--------------------------------

Testing out new doc deployments.
**No changes needed!**


Version 2.0.12 -> Version 2.0.13
--------------------------------

Testing out new doc deployments.
**No changes needed!**


Version 2.0.9 -> Version 2.0.10
Expand Down
6 changes: 3 additions & 3 deletions docs/user_data.rst
Expand Up @@ -36,7 +36,7 @@ easily accomplish this with the following code::
});

As you can see above, you can directly modify ``user`` attributes, then
persist any changes by running ``req.user.save()``.
save any changes by running ``req.user.save()``.


Custom Data
Expand Down Expand Up @@ -79,7 +79,7 @@ Automatic Expansion
-------------------

In Stormpath, all objects are connected in a graph. You
have to expand a resource to get it's child resources, and this
have to expand a resource to get its child resources, and this
is an asynchronous operation. We can pre-fetch the expanded
user data for you. Simply use the `expand` config option::

Expand All @@ -96,7 +96,7 @@ they are statically available inside your handler::
res.json(req.user.customData);
});

Without enaling this expansion, the response would only contain
Without enabling this expansion, the response would only contain
an object which has an href to the resource, that would look
like this::

Expand Down
4 changes: 2 additions & 2 deletions lib/controllers/google-login.js
Expand Up @@ -26,8 +26,8 @@ module.exports = function(req, res) {
var application = req.app.get('stormpathApplication');
var config = req.app.get('stormpathConfig');
var logger = req.app.get('stormpathLogger');
var loginHandler = req.app.get('stormpathPostLoginHandler');
var registrationHandler = req.app.get('stormpathPostRegistrationHandler');
var loginHandler = config.postLoginHandler;
var registrationHandler = config.postRegistrationHandler;

if (!req.query.code) {
logger.info('A user attempted to log in via Google OAuth without specifying an OAuth token.');
Expand Down
4 changes: 2 additions & 2 deletions lib/controllers/linkedin-login.js
Expand Up @@ -26,8 +26,8 @@ module.exports = function(req, res) {
var application = req.app.get('stormpathApplication');
var config = req.app.get('stormpathConfig');
var logger = req.app.get('stormpathLogger');
var loginHandler = req.app.get('stormpathPostLoginHandler');
var registrationHandler = req.app.get('stormpathPostRegistrationHandler');
var loginHandler = config.postLoginHandler;
var registrationHandler = config.postRegistrationHandler;

if (!req.query.code) {
logger.info('A user attempted to log in via LinkedIn OAuth without specifying an OAuth token.');
Expand Down
2 changes: 1 addition & 1 deletion package.json
Expand Up @@ -46,6 +46,6 @@
"istanbul": "^0.4.0",
"mocha": "^2.1.0",
"mocha-lcov-reporter": "0.0.2",
"supertest": "^0.15.0"
"supertest": "^1.1.0"
}
}

0 comments on commit 6c05010

Please sign in to comment.