This PR changes the flow to change an email address.
Once the user enter their password, they are told "Check your email".
An email has been sent to them containing a link to notify which contains an encrypted token.
The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address.
They are redirected to the /user-profile page.
Also in this commit is an update from flask.ext.login to flask_login.
The polyfill we use for details/summary only renders the arrow if the
browser doesn’t natively support the feature.
The latest versions of Firefox _do_ now support the feature (after 5
years), but for some reason they don’t draw the arrow. So this commit
forces the arrow to be polyfilled in all browsers, and hides the browser
default one, for those browsers that do render it.
The details of each notification were not being hidden on page load in
Firefox.
Firefox does not natively support the `<details>` element, so we
polyfill it.
Because of the way the polyfill is written[1]
1. There can’t be any `<div>` elements inside the `<summary>` (this
commit changes them to be `<span>`s instead, and adds CSS to make
sure they wrap as before)
2. The contents to be shown/hidden must be wrapped in a `<div>` (which
this commit adds)
***
1. 48fde82c72/public/javascripts/govuk/details.polyfill.js (L90)
These are out of date now and potentially misleading.
Adds a new error page for HTTP `410 GONE`. Looks like the 404 page, but
returns the appropriate error code to be a good web citizen.
You can’t properly use a normal key when your service is in trial mode.
It’s theoretically useful to create a live key in preparation for going
live. This utitily outweighs the confusion it causes for people creating
their first keys in trial mode.
We should just remove the confusing option.
I saw users in research going back into the whitelist to check that it
had saved because there’s no feedback.
This commit adds a flash message to confirm that the whitelist was saved
OK.
Why would a live servie need the whitelist? Because the team key will
also let you send to members of your whitelist (so this commit relabels
it to say so).
Basically:
- shows all the months from start of given financial year to now or end
of given financial year (whichever is earliest)
- shows a breakdown of free and paid text messages for each of these
months
Depends on:
- [x] https://github.com/alphagov/notifications-api/pull/699
If all our URLs are unique (because they contain service/job/template
IDs) then it makes it hard to aggrate how users are behaving across a
range of services/jobs/templates.
This commit replaces anything that looks like a UUID in a URL with `…`.
The activity page was AJAXified in
https://github.com/alphagov/notifications-admin/pull/952 but this
didn’t take pagination into account.
So if you visited page 2, the contents of the page would be replaced by
Javascript with the contents of page 1. So you’d never be able to see
anything beyond page 1, expect for a brief fraction of a second when the
page loaded.
This commit makes sure the AJAX request uses whatever page parameter is
in the URL of the original page.
Platform admins should be able to see what’s going on with a service’s
API integration, including:
- messages sent
- contents of whitelist
- names of keys
They should also be able to revoke keys in an emergency.
The only thing they _shouldn’t_ be able to do is create new keys
(because then they’d be able to send messages as the service).
The browser tries to be helpful by autofilling email addresses and
phone numbers. But it gets confused and tries to fill all the fields
with the same email address or phone number. This looks broken.
This commit disables autocomplete for these form fields.
It’s weird to be on a page that says ‘2 seconds ago’ and stays stuck
there.
We don’t want to AJAX the whole page because it would get in the way of
interacting with the list of notifications.
This commit adds the venerable jQuery Timeago[1] plugin to keep the
relative times accurate and fresh.
1. http://timeago.yarp.com/
