API Security has been reworked to check if request is secure, verifies
the API token created on site setup given to every member, and then
confirms the system is accepting API requests by way of the API enabled
toggle in settings
API usage is now only meant for backend use, so this needs to be noted
in the docs
removed all remaining API requests from the front end and removed the
FipamoAdminAPI js file, changing it to ContentRequest as it now handles
posting data to the system directly, authenticating it self by checking
the embedded CSRF token that regulary rotates
also renamed MaintenanceManager to Maintenance request and moved it to
the same dir as ContentRequest as they are both libraries that connect
to the backend
The first part of improving the API is removing all admin functions from
the front end so those no admin methods will be available client side.
The urls in the FipamoAdmin js file have been changed to post directly to the
system and they are handled from there. To account for this change
controller routes for every standard method have been created for better
organization and readability.
The FipamoAdmin js file will be integrated with the rest of the front
end code and will not be seperate library
the current restore process only restored images and not the additional
file types that are allowed, so that has been added
also tweaked the reset request to include the correct token so the
request does not fail API authorization
regrouped api calls for better organization and to add a bit more
security. it now checks to make sure the incoming token matches the
current session to authorize requests
Removed email settings from settings.json and moved them to the .env
file to use Laravel's mailer functionality.
references to the old mailer has been removed from settings.json,
data sorting class and the settings template file
the front end script has also been updated to accomodate different
message types, starting with a test message so members can make sure the
settings defined in the .env are working
had some comments referencng a the idea for a refactor of routing, but
decided to stick with RouteController for now becuase of the
flexibility.
if improvements are to be made, they will be made in that class.
main navigation had buttons nested inside of href tags to house previous
font icons that were removed, so the nesting is no longer needed and it
could introduce accessibility propblems, so it needed to be cleande up
now they are hrefs styled as the previous buttons so there is no visual
change in the UI
routing needed more nuance than what was possible in the web routing
controller, so a new RouteContoller was created to identify requests and
then sending them to the correct controller to get the appropriatie page
this was necessary because routing the previous was erroring out because
when the system was looking for pages to display with dynamic page
creation it would get confused with prexisting routes and choose to
display whatever the Start Controller was capturing, ignoring routes
defined in the web controller.
but that's been cleaned up without having to re-write everything and
continues to use existing controllers
a basic preview engine has been added to ease the process of editing
pages. currently it previews all basic templates and custom created
pages
this is will replace the external fipamo theme kit tool, which will be
archived
rather than make a massive downloadable archive file for ever image on
the site (which still may happen), a method has been added to make
copies of imags from an external site and store them on the fresh
install based on the image list saved in the created back up file
it's clean but some additional error checking is needed so the process
does not crash out when a file can't be located and upon completion the
user can be notified of what images did not make it over in the process
ported over the backup functionality from the old build to the new while
making few tweaks
instead of packaging up all files in the site to create massive zip
files, now a list of files is created for the user and blog directories
that the system will use to download and put them in the appropriate
directories, resulting in a such slimmer backup file.
archiving images my be added at a later date, but will be kept seperate
from the current back up process
the last ui page that needed to be added was managing the main
navigation menu for rendered pages, so that's been turned on. menu
items can be added by pinning pages to the menu when editing them and
can be removed by unpinning them or deleting them from the navigation
edit ui
it touched quite a few systems so all of those classes needed to be
edited as well tweaking the front end script to work with the new
modular script format
turned on the abiity to save settings to config file via the settings
page
the current member session needs to updated by the data coming in but
that will be handled by a specific member service that hasn't been built
yet, so just commenting it out for now
also fixed a minor bug that was stopping the save on render toggle from
working correctly, so now it's saving and updating the status properly
now
with the setting page set up, now the the settings api can be added,
beginning with the ability to render all files from settings.
the base settings api class is set up, so now the rest of the methods
can be added
it's time to get the setting api running so site options can be editied
so the first step is to get the settings page up and running.
the sorting class is getting a bit heavy, but it will hold the method
for gathering settings page info for now.
added a controller class to handle what is being served when the browser
hits the root directory.
very basic to start as it is just a placeholder until it's filled out
to complete page rendering, the default theme needed to be converted to
use blade templating. rather than update the theme kit as a seperate
progress, it will be integrated into this codebase so themes can be
developed and tested in app.
the basics for the theme kit are in place, so now conversion of the
defualt theme can be completed.
once the that is done, it can then be used to complete the rendering
engine to export HTML files
editing page works but making new pages was still wonky, so that was
fixed and now page creation works fine
made some minor tweaks to prettier config for css formatting
ported over the new file uploader from the old build and made it a
service make for from some additonal file processing
i.e. image optimization or video converstion before it is saved to the system
start building out the new version of the page editing api while making
some changes to the original scripts for added flexibility and using the
full range of HTTP methods that weren't being used before.
currenlty, it's just an end to end test to make sure the plumbing works
as it should data is being passed and can be processed.
now that it all works, the guts of page editing can be completed
update sortablejs to the latest since it's been awhile and got rid of
the old version
so there was an error when trying to use services for API controllers
that was happening because the api middleware didn't pass the same info
as web middleware, resulting in session info not being passed to
controllers used in the api
after a bit of reading discovered necessary middleware could be added to
api routing so session data is available in in api routing
whew
Got the first part of the API working, which checks to see if there is a
valid session active to set up requests
also some small changes to get the favicon working, yeah, yeah, but it's
cool looking...
seperated dash controllers for api controllers in the controller
directory to make them easier to manage
also added middleware to check authorization when accessing dash pages
There are some spacing issues that need to be addressed but the page
editor template has been added and the CSS all lines up
scripting is still an issue as the backend that handles content still
isn't in place, but the front facing piece is in place so now those
components can be built
scripting is going to get an overhaul anyway, so this is a good place to
start that process
plugged in classes for a page repository to handle editing and
retrieving page content and an interface class for the controller to talk to to
keep the methodoloy seperate from the controller to keep it all clean
now whatever changes that need to be made won't bother the controller
because it will always be looking for the same functions. super sweet
moved the page listing template over and made all of the apropriate
changes so the CSS lines up as it should
there was also a minor issue that was keeping the sub menu for the start
pages from displaying so that was fixed
Added controller to handle the login process and session management
that stores information about the person that has logged in so that info
is available through out the app when logged in
Added the folder containg Fipamo markdown files to set up a basic route
for the start of the dashboard and quick test to make sure the file
paths can be read
also added CSS files that will style the new template system, which is
currenlty in twig but will be convereted to blade
Removed the Slim Framework from the codebase and installed the latest
Laravel version to be the new foundation for the project moving forward.
Code from the old version will now be ported to the new version.