From 116378642f0a12b37b5f3fbd35297c77d5e6eef7 Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 09:46:59 -0500 Subject: [PATCH 01/11] Update instruction comments in application.js --- public/js/application.js | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/public/js/application.js b/public/js/application.js index 61d42a8e4a..54232de136 100644 --- a/public/js/application.js +++ b/public/js/application.js @@ -1,13 +1,13 @@ -// This is a manifest file that'll be compiled into application.js, which will include all the files -// listed below. -// -// Any JavaScript/Coffee file within this directory can be referenced here using a relative path. -// -// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the -// compiled file. -// -// Read Connect Assets README (https://github.com/adunkman/connect-assets) for details -// about supported directives. +/** + * This is a manifest file that will be compiled into application.js, which will + * include all the files listed below. + * + * Any JavaScript file within this directory can be referenced here using a + * relative path. + * + * It's not advisable to add code directly here, but if you do, it will appear + * at the bottom of the compiled file. + */ //= require lib/jquery-2.1.0.min //= require lib/bootstrap.min From fab3c1455dec858b9c85a2804bfae8cd1e510f10 Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 09:53:48 -0500 Subject: [PATCH 02/11] Pass size of 60px to gravatar function from navbar. Since it won't be larger than that, no point loading a larger 200px image and then shrinking it. 60px already takes into consideration retina displays. The actual size of avatar is 30px. --- views/partials/navigation.jade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/views/partials/navigation.jade b/views/partials/navigation.jade index 3b29aa5f44..6bd3b6885c 100644 --- a/views/partials/navigation.jade +++ b/views/partials/navigation.jade @@ -27,7 +27,7 @@ if user.profile.picture img.profile-image(src='#{user.profile.picture}') else - img.profile-image(src='#{user.gravatar()}') + img.profile-image(src='#{user.gravatar(60)}') | #{user.profile.name || user.email || user.id}  i.caret ul.dropdown-menu From a3ea1cb9e34c29251813baaf9b73f2ba1d28a322 Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 09:54:03 -0500 Subject: [PATCH 03/11] Refactor gravatar function --- models/User.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/models/User.js b/models/User.js index 543a393a6e..e8203720ae 100644 --- a/models/User.js +++ b/models/User.js @@ -56,8 +56,7 @@ userSchema.methods.comparePassword = function(candidatePassword, cb) { userSchema.methods.gravatar = function(size, defaults) { if (!size) size = 200; if (!defaults) defaults = 'retro'; - var md5 = crypto.createHash('md5'); - md5.update(this.email); + var md5 = crypto.createHash('md5').update(this.email); return 'https://gravatar.com/avatar/' + md5.digest('hex').toString() + '?s=' + size + '&d=' + defaults; }; From f3bcafb42f58f589d85eca690b79e29236630bf1 Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 09:57:05 -0500 Subject: [PATCH 04/11] Remove mongoose reference --- controllers/user.js | 1 - 1 file changed, 1 deletion(-) diff --git a/controllers/user.js b/controllers/user.js index 525712e4b9..83b431c686 100644 --- a/controllers/user.js +++ b/controllers/user.js @@ -1,4 +1,3 @@ -var mongoose = require('mongoose'); var passport = require('passport'); var _ = require('underscore'); var User = require('../models/User'); From f0c649145afce818868b00ac10ecca2847ef98ba Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 10:09:25 -0500 Subject: [PATCH 05/11] Update Contributing section --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4487db444b..f413103eef 100644 --- a/README.md +++ b/README.md @@ -846,7 +846,7 @@ TODO Contributing ------------ -If something is unclear, confusing, or needs to be refactored, please let me know. Pull requests are always welcome, but due to the opinionated nature of this project, I cannot accept every pull request. Please open an issue before submitting a pull request. +If something is unclear, confusing, or needs to be refactored, please let me know. Pull requests are always welcome, but due to the opinionated nature of this project, I cannot accept every pull request. Please open an issue before submitting a pull request. This project uses [Airbnb JavaScript Style Guide](https://github.com/airbnb/javascript) with a few exceptions. License ------- From a456508e60eb6f717376b9f40381465fb7d6922f Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 10:21:18 -0500 Subject: [PATCH 06/11] Update jsdoc strings --- controllers/api.js | 1 + controllers/contact.js | 6 +++--- controllers/user.js | 36 ++++++++++++++++++------------------ 3 files changed, 22 insertions(+), 21 deletions(-) diff --git a/controllers/api.js b/controllers/api.js index 53493b8672..0bd1c493ae 100644 --- a/controllers/api.js +++ b/controllers/api.js @@ -398,6 +398,7 @@ exports.getTwilio = function(req, res, next) { /** * POST /api/twilio * Twilio API example. + * @param telephone */ exports.postTwilio = function(req, res, next) { diff --git a/controllers/contact.js b/controllers/contact.js index a8848299a5..8ec66877ae 100644 --- a/controllers/contact.js +++ b/controllers/contact.js @@ -15,9 +15,9 @@ exports.getContact = function(req, res) { /** * POST /contact * Send a contact form via SendGrid. - * @param {string} email - * @param {string} name - * @param {string} message + * @param email + * @param name + * @param message */ exports.postContact = function(req, res) { diff --git a/controllers/user.js b/controllers/user.js index 83b431c686..c8680601ff 100644 --- a/controllers/user.js +++ b/controllers/user.js @@ -17,8 +17,8 @@ exports.getLogin = function(req, res) { /** * POST /login * Sign in using email and password. - * @param {string} email - * @param {string} password + * @param email + * @param password */ exports.postLogin = function(req, res, next) { @@ -47,6 +47,16 @@ exports.postLogin = function(req, res, next) { })(req, res, next); }; +/** + * GET /logout + * Log out. + */ + +exports.logout = function(req, res) { + req.logout(); + res.redirect('/'); +}; + /** * GET /signup * Signup page. @@ -62,8 +72,8 @@ exports.getSignup = function(req, res) { /** * POST /signup * Create a new local account. - * @param {string} email - * @param {string} password + * @param email + * @param password */ exports.postSignup = function(req, res, next) { @@ -133,7 +143,7 @@ exports.postUpdateProfile = function(req, res, next) { /** * POST /account/password * Update current password. - * @param {string} password + * @param password */ exports.postUpdatePassword = function(req, res, next) { @@ -163,7 +173,7 @@ exports.postUpdatePassword = function(req, res, next) { /** * POST /account/delete * Delete user account. - * @param {string} id + * @param id - User ObjectId */ exports.postDeleteAccount = function(req, res, next) { @@ -177,8 +187,8 @@ exports.postDeleteAccount = function(req, res, next) { /** * GET /account/unlink/:provider * Unlink OAuth2 provider from the current user. - * @param {string} provider - * @param {string} id + * @param provider + * @param id - User ObjectId */ exports.getOauthUnlink = function(req, res, next) { @@ -196,13 +206,3 @@ exports.getOauthUnlink = function(req, res, next) { }); }); }; - -/** - * GET /logout - * Log out. - */ - -exports.logout = function(req, res) { - req.logout(); - res.redirect('/'); -}; From f16e71dc88b69c58f32ebfb5d448ac3e18728d02 Mon Sep 17 00:00:00 2001 From: Eric Ryan Harrison Date: Fri, 7 Feb 2014 17:54:13 -0500 Subject: [PATCH 07/11] Fixed minor bug in the flash example in README.md Minor bug in the req.flash Data Usage Controller example. String passed instead of an object wrapped string. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ab090980a1..66c8b1e913 100644 --- a/README.md +++ b/README.md @@ -503,7 +503,7 @@ to "info" and "success" flash messages, and you could even create a new one your **Data Usage Controller (Example)** ``` -req.flash('warning', 'You have exceeded 90% of your data usage'); +req.flash('warning', {'You have exceeded 90% of your data usage'}); ``` **User Account Page (Example)** From 12bc85b736d7b58c583ac78ab2b85f30e11595ca Mon Sep 17 00:00:00 2001 From: Eric Ryan Harrison Date: Fri, 7 Feb 2014 17:56:21 -0500 Subject: [PATCH 08/11] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 66c8b1e913..929ec7163f 100644 --- a/README.md +++ b/README.md @@ -503,7 +503,7 @@ to "info" and "success" flash messages, and you could even create a new one your **Data Usage Controller (Example)** ``` -req.flash('warning', {'You have exceeded 90% of your data usage'}); +req.flash('warning', {msg: 'You have exceeded 90% of your data usage'}); ``` **User Account Page (Example)** From cec811ebadf46b1ade8ed971cad74f129e6c582b Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 18:34:40 -0500 Subject: [PATCH 09/11] Added OS icons to Prerequisites --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 929ec7163f..ed49096013 100644 --- a/README.md +++ b/README.md @@ -73,11 +73,11 @@ Prerequisites - [MongoDB](http://www.mongodb.org/downloads) - [Node.js](http://nodejs.org) - Command Line Tools - - **Mac OS X**: [Xcode](https://itunes.apple.com/us/app/xcode/id497799835?mt=12) (or **OS X 10.9 Mavericks**: `xcode-select --install`) - - **Windows**: [Visual Studio](http://www.visualstudio.com/downloads/download-visual-studio-vs#d-express-windows-8) - - **Ubuntu**: `sudo apt-get install build-essential` - - **Fedora**: `sudo yum groupinstall "Development Tools"` - - **OpenSUSE**: `sudo zypper install --type pattern devel_basis` + -  **Mac OS X**: [Xcode](https://itunes.apple.com/us/app/xcode/id497799835?mt=12) (or **OS X 10.9 Mavericks**: `xcode-select --install`) + -  **Windows**: [Visual Studio](http://www.visualstudio.com/downloads/download-visual-studio-vs#d-express-windows-8) + -  **Ubuntu**: `sudo apt-get install build-essential` + -  **Fedora**: `sudo yum groupinstall "Development Tools"` + -  **OpenSUSE**: `sudo zypper install --type pattern devel_basis` :exclamation: **Note**: If you are new to Node.js or Express framework, I highly recommend watching [Node.js and Express 101](http://www.youtube.com/watch?v=BN0JlMZCtNU) screencast by Alex Ford that teaches Node and Express from scratch. Alternatively, here is another great tutorial for complete beginners - [Getting Started With Node.js, Express, MongoDB](http://cwbuecheler.com/web/tutorials/2013/node-express-mongo/). From 1143ac4320616c4d512b31b5d18e3eb7708bd8fd Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 23:41:15 -0500 Subject: [PATCH 10/11] Add CSRF input to Account Delete form. --- views/account/profile.jade | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/views/account/profile.jade b/views/account/profile.jade index b00cd9dcf9..7c292916be 100644 --- a/views/account/profile.jade +++ b/views/account/profile.jade @@ -56,7 +56,7 @@ block content .col-sm-4 input.form-control(type='password', name='confirmPassword', id='confirmPassword') .form-group - input.form-control(type='hidden', name='_csrf', value=token) + input.form-control(type='hidden', name='_csrf', value=token) .form-group .col-sm-offset-3.col-sm-4 button.btn.btn.btn-primary(type='submit') @@ -68,6 +68,7 @@ block content p You can delete your account, but keep in mind this action is irreversible. form(action='/account/delete', method='POST') + input(type='hidden', name='_csrf', value=token) button.btn.btn-danger(type='submit') i.fa.fa-trash-o | Delete my account From 517e2f13d2b071e4f9e35e477902602b8ced677f Mon Sep 17 00:00:00 2001 From: Sahat Yalkabov Date: Fri, 7 Feb 2014 23:45:24 -0500 Subject: [PATCH 11/11] Removed form-control and form-group classes from CSRF inputs. Placed them at the top right after form block for consistency --- views/account/login.jade | 3 +-- views/account/profile.jade | 6 ++---- views/account/signup.jade | 3 +-- views/contact.jade | 3 +-- 4 files changed, 5 insertions(+), 10 deletions(-) diff --git a/views/account/login.jade b/views/account/login.jade index c8d2076b04..803e0b1738 100644 --- a/views/account/login.jade +++ b/views/account/login.jade @@ -3,6 +3,7 @@ extends ../layout block content .col-sm-8.col-sm-offset-2 form(method='POST') + input(type='hidden', name='_csrf', value=token) legend Sign In .form-group .btn-group.btn-group-justified @@ -24,8 +25,6 @@ block content .form-group label.control-label(for='password') Password input.form-control(type='password', name='password', id='password', placeholder='Password') - .form-group - input.form-control(type='hidden', name='_csrf', value=token) .form-group button.btn.btn-primary(type='submit') i.fa.fa-unlock-alt diff --git a/views/account/profile.jade b/views/account/profile.jade index 7c292916be..b52afc1dcb 100644 --- a/views/account/profile.jade +++ b/views/account/profile.jade @@ -5,6 +5,7 @@ block content h3 Profile Information form.form-horizontal(action='/account/profile', method='POST') + input(type='hidden', name='_csrf', value=token) .form-group label.col-sm-2.control-label(for='email') Email .col-sm-4 @@ -34,8 +35,6 @@ block content label.col-sm-2.control-label(for='gravatar') Gravatar .col-sm-4 img(src="#{user.gravatar()}", class='profile', width='100', height='100') - .form-group - input.form-control(type='hidden', name='_csrf', value=token) .form-group .col-sm-offset-2.col-sm-4 button.btn.btn.btn-primary(type='submit') @@ -47,6 +46,7 @@ block content h3 Change Password form.form-horizontal(action='/account/password', method='POST') + input(type='hidden', name='_csrf', value=token) .form-group label.col-sm-3.control-label(for='password') New Password .col-sm-4 @@ -55,8 +55,6 @@ block content label.col-sm-3.control-label(for='confirmPassword') Confirm Password .col-sm-4 input.form-control(type='password', name='confirmPassword', id='confirmPassword') - .form-group - input.form-control(type='hidden', name='_csrf', value=token) .form-group .col-sm-offset-3.col-sm-4 button.btn.btn.btn-primary(type='submit') diff --git a/views/account/signup.jade b/views/account/signup.jade index c151918e37..a2a8be6681 100644 --- a/views/account/signup.jade +++ b/views/account/signup.jade @@ -2,6 +2,7 @@ extends ../layout block content form.form-horizontal(id='signup-form', method='POST') + input(type='hidden', name='_csrf', value=token) legend Signup .form-group label.col-sm-3.control-label(for='email') Email @@ -15,8 +16,6 @@ block content label.col-sm-3.control-label(for='confirmPassword') Confirm Password .col-sm-7 input.form-control(type='password', name='confirmPassword', id='confirmPassword', placeholder='Confirm Password') - .form-group - input.form-control(type='hidden', name='_csrf', value=token) .form-group .col-sm-offset-3.col-sm-7 button.btn.btn-success(type='submit') diff --git a/views/contact.jade b/views/contact.jade index 44449c11b0..f6b4e7105e 100644 --- a/views/contact.jade +++ b/views/contact.jade @@ -5,6 +5,7 @@ block content h3 Contact Form form.form-horizontal(role='form', method='POST') + input(type='hidden', name='_csrf', value=token) .form-group label(class='col-sm-2 control-label', for='name') Name .col-sm-8 @@ -17,8 +18,6 @@ block content label(class='col-sm-2 control-label', for='message') Body .col-sm-8 textarea.form-control(type='text', name='message', id='message', rows='7') - .form-group - input.form-control(type='hidden', name='_csrf', value=token) .form-group .col-sm-offset-2.col-sm-8 button.btn.btn-default(type='submit')