mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-03-11 02:12:21 -05:00
071f9769c6
Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own. |
||
|---|---|---|
| .. | ||
| client | ||
| server | ||
| shared | ||
| test | ||
| ghost.js | ||
| README.md | ||
Core
Core contains the bread and butter of ghost. It is currently divided up into:
- client - the assets, helpers, models, view and templates for rendering the admin panel backbone app
- server - the controllers & helpers for driving the server side app along with the model, api, and data
- shared - just contains lang for now, although it's not shared yet, more stuff should go here soon like handlebars helpers
- test - contains unit tests and a set of html prototypes of the admin UI. Really, this folder should reflect all of core
- ghost.js - currently both the glue that binds everything together and what gives us the API for registering themes and plugins. The initTheme function is a bit of a hack which lets us serve different views & static content up for the admin & blog
This structure is by no means final and recommendations are more than welcome.