Merge master into v5.0.0; Change an uncertain test to reflect changes

Author: kjetilk

.travis.yml

@@ -1,8 +1,9 @@
 sudo: false
 language: node_js
 node_js:
-  - "8.0"
-  - "10.0"
+  - "8"
+  - "10"
+  - "lts/*"
   - "node"
 
 addons:

Dockerfile

@@ -8,6 +8,6 @@ RUN openssl req \
     -nodes \
     -x509 \
     -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
-    -keyout cert.key \
-    -out cert.pem
+    -keyout privkey.pem \
+    -out fullchain.pem
 CMD npm run solid start

EXAMPLES.md

@@ -12,11 +12,11 @@ solid can be started on its own by using the solid binary. Below are some exampl
 
 * Starting solid as an HTTPS server with WebID+TLS authentication. This parameter requires that the user specifies the location of the key and the certificate used to start the HTTPS server with the help of the appropriate parameters.
 
- `$ solid --root /var/www --webid --cert ./cert.pem --key ./key.pem`
+ `$ solid --root /var/www --webid --cert ./fullchain.pem --key ./privkey.pem`
 
 * Start HTTPS with custom error pages. solid will look for a file in the specified directory of the form <error-code>.html. If it's not found it will default to node's error page.
 
- `$ solid --root /var/www/ --webid --cert ./cert.pem --key ./key.pem --error-pages ./errors/`
+ `$ solid --root /var/www/ --webid --cert ./fullchain.pem --key ./privkey.pem --error-pages ./errors/`
 
 * solid makes use of special files used for things such as access control, metadata management, subscription to changes, etc. These files are recognized by solid because of their suffix, which can be customized with the command line options that start with 'suffix'.
 
@@ -47,8 +47,3 @@ var existingApp; //Some existing Express app independent of solid.
 var app = solid(options);  
 exisingApp.use('/mount-point', app);  
 ```
-
-
-
-
-

README.md

@@ -72,15 +72,18 @@ Solid requires SSL certificates to be valid, so you cannot use self-signed certi
 You need an SSL certificate from a _certificate authority_, such as your domain provider or [Let's Encrypt!](https://letsencrypt.org/getting-started/).
 
 For testing purposes, you can use `bin/solid-test` with a _self-signed_ certificate, generated as follows:
+
 ```
-$ openssl genrsa 2048 > ../localhost.key
-$ openssl req -new -x509 -nodes -sha256 -days 3650 -key ../localhost.key -subj '/CN=*.localhost' > ../localhost.cert
+$ openssl req -outform PEM -keyform PEM -new -x509 -sha256 -newkey rsa:2048 -nodes -keyout ../privkey.pem -days 365 -out ../fullchain.pem
+
 ```
 
-Note that this example creates the `localhost.cert` and `localhost.key` files
+Note that this example creates the `fullchain.pem` and `privkey.pem` files
 in a directory one level higher from the current, so that you don't
 accidentally commit your certificates to `solid` while you're developing.
 
+If you would like to get rid of the browser warnings, import your fullchain.pem certificate into your 'Trusted Root Certificate' store.
+
 ### Run multi-user server (intermediate)
 
 You can run `solid` so that new users can sign up, in other words, get their WebIDs _username.yourdomain.com_.
@@ -168,6 +171,7 @@ $ solid start --help
     --webid                       Enable WebID authentication and access control (uses HTTPS)
     --mount [value]               Serve on a specific URL path (default: '/')
     --config-path [value]
+    --config-file [value]
     --db-path [value]
     --auth [value]                Pick an authentication strategy for WebID: `tls` or `oidc`
     --owner [value]               Set the owner of the storage (overwrites the root ACL file)
@@ -194,9 +198,20 @@ $ solid start --help
     --email-auth-pass [value]     Password of your email service
     --useApiApps                  Do you want to load your default apps on /api/apps?
     --api-apps [value]            Path to the folder to mount on /api/apps
+    --redirect-http-from [value]  HTTP port or ','-separated ports to redirect to the solid server port (e.g. "80,8080").
+    --server-name [value]         A name for your server (not required, but will be presented on your server's frontpage)
+    --server-description [value]  A description of your server (not required)
+    --server-logo [value]         A logo that represents you, your brand, or your server (not required)
     -v, --verbose                 Print the logs to console
+    -h, --help                    output usage information
  ```
 
+Instead of using flags, these same options can also be configured via environment variables taking the form of `SOLID_` followed by the `SNAKE_CASE` of the flag. For example `--api-apps` can be set via the `SOLID_API_APPS`environment variable, and `--serverUri` can be set with `SOLID_SERVER_URI`.
+
+CLI flags take precedence over Environment variables, which take precedence over entries in the config file.
+
+Configuring Solid via the config file can be a concise and convenient method and is the generally recommended approach. CLI flags can be useful when you would like to override a single configuration parameter, and using environment variables can be helpful in situations where you wish to deploy a single generic Docker image to multiple environments.
+
 ## Use Docker
 
 Build with:
@@ -360,6 +375,12 @@ In order to test a single component, you can run
 npm run test-(acl|formats|params|patch)
 ```
 
+## Blacklisted usernames
+
+By default Solid will not allow [certain usernames as they might cause
+confusion or allow vulnerabilies for social engineering](https://github.com/marteinn/The-Big-Username-Blacklist).
+This list is configurable via `config/usernames-blacklist.json`. Solid does not
+blacklist profanities by default.
 
 ## Contributing
 

bin/lib/init.js

@@ -31,29 +31,9 @@ module.exports = function (program) {
       // Prompt to the user
       inquirer.prompt(questions)
         .then((answers) => {
-          // setting email
-          if (answers.useEmail) {
-            answers.email = {
-              host: answers['email-host'],
-              port: answers['email-port'],
-              secure: true,
-              auth: {
-                user: answers['email-auth-user'],
-                pass: answers['email-auth-pass']
-              }
-            }
-            delete answers['email-host']
-            delete answers['email-port']
-            delete answers['email-auth-user']
-            delete answers['email-auth-pass']
-          }
-
-          // clean answers
-          Object.keys(answers).forEach((answer) => {
-            if (answer.startsWith('use')) {
-              delete answers[answer]
-            }
-          })
+          manipulateEmailSection(answers)
+          manipulateServerSection(answers)
+          cleanupAnswers(answers)
 
           // write config file
           const config = JSON.stringify(camelize(answers), null, '  ')
@@ -71,3 +51,44 @@ module.exports = function (program) {
         })
     })
 }
+
+function cleanupAnswers (answers) {
+  // clean answers
+  Object.keys(answers).forEach((answer) => {
+    if (answer.startsWith('use')) {
+      delete answers[answer]
+    }
+  })
+}
+
+function manipulateEmailSection (answers) {
+  // setting email
+  if (answers.useEmail) {
+    answers.email = {
+      host: answers['email-host'],
+      port: answers['email-port'],
+      secure: true,
+      auth: {
+        user: answers['email-auth-user'],
+        pass: answers['email-auth-pass']
+      }
+    }
+    delete answers['email-host']
+    delete answers['email-port']
+    delete answers['email-auth-user']
+    delete answers['email-auth-pass']
+  }
+}
+
+function manipulateServerSection (answers) {
+  answers.server = {
+    name: answers['server-name'],
+    description: answers['server-description'],
+    logo: answers['server-logo']
+  }
+  Object.keys(answers).forEach((answer) => {
+    if (answer.startsWith('server-')) {
+      delete answers[answer]
+    }
+  })
+}

bin/lib/options.js

@@ -1,6 +1,7 @@
 const fs = require('fs')
 const path = require('path')
 const validUrl = require('valid-url')
+const { URL } = require('url')
 
 module.exports = [
   // {
@@ -317,6 +318,37 @@ module.exports = [
       }
       return true
     }
+  },
+  {
+    name: 'server-name',
+    help: 'A name for your server (not required, but will be presented on your server\'s frontpage)',
+    prompt: true,
+    default: answers => new URL(answers.serverUri).hostname
+  },
+  {
+    name: 'server-description',
+    help: 'A description of your server (not required)',
+    prompt: true
+  },
+  {
+    name: 'server-logo',
+    help: 'A logo that represents you, your brand, or your server (not required)',
+    prompt: true
+  },
+  {
+    name: 'enforceToc',
+    help: 'Do you want to enforce Terms & Conditions for your service?',
+    flag: true,
+    prompt: true,
+    default: true,
+    when: answers => answers.multiuser
+  },
+  {
+    name: 'tocUri',
+    help: 'URI to your Terms & Conditions',
+    prompt: true,
+    validate: validUri,
+    when: answers => answers.enforceToc
   }
 ]
 

bin/lib/start.js

@@ -13,11 +13,23 @@ module.exports = function (program, server) {
   options
     .filter((option) => !option.hide)
     .forEach((option) => {
+      const configName = option.name.replace(/-([a-z])/g, (_, letter) => letter.toUpperCase())
+      const snakeCaseName = configName.replace(/([A-Z])/g, '_$1')
+      const envName = `SOLID_${snakeCaseName.toUpperCase()}`
+
       let name = '--' + option.name
       if (!option.flag) {
         name += ' [value]'
       }
-      start.option(name, option.help)
+
+      if (process.env[envName]) {
+        const raw = process.env[envName]
+        const envValue = /^(true|false)$/.test(raw) ? raw === 'true' : raw
+
+        start.option(name, option.help, envValue)
+      } else {
+        start.option(name, option.help)
+      }
     })
 
   start.option('-v, --verbose', 'Print the logs to console')

common/css/bootstrap.min.css

@@ -0,0 +1,50 @@
+.panel-login-tls,
+.panel-already-registered{
+    text-align: center;
+}
+
+/**
+ * Password Strength
+ */
+
+/* Remove the bottom border on the input to make the progress bar like a part of it */
+.control-progress{
+    border-bottom-left-radius: 0;
+    border-bottom-right-radius: 0;
+    border-bottom: 0;
+}
+
+/* Remove the top border on the progress bar to make the bar part of the input */
+.form-group .progress{
+    border-top-left-radius: 0;
+    border-top-right-radius: 0;
+    height: 7px;
+    margin-bottom: 0;
+}
+
+.form-group .progress-bar{
+    width: 0;
+}
+
+/**
+ * Password strength levels sizes for the progress bar
+ */
+.progress .level-0{
+    width: 5%
+}
+
+.progress .level-1{
+    width: 25%;
+}
+
+.progress .level-2{
+    width: 50%;
+}
+
+.progress .level-3{
+    width: 75%;
+}
+
+.progress .level-4{
+    width: 100%;
+}