-
-
Notifications
You must be signed in to change notification settings - Fork 365
0.2.2 Feature request list
Alex Weissman edited this page Dec 20, 2017
·
1 revision
- Implement persistent sessions!
- Plugin system with menu templates (added 0.2.1, thanks @lilfade)
- Create templating system to generate forms and tables (added 0.2.1, via bootsole
- Overall abstractification of backend layers to make modifications less tedious
-
Try implementing a Prolog-driven approach to access control rules?Would be too slow and prone to unintended consequences
- Admin can allow users to log in via email address instead of username (added butterflyknife)
- Add OAuth support, for users to create accounts and log in via Facebook/Google.
- Prompt user to change password on first login #236
- Eliminate temporary passwords, use reset link instead
- Deploy CSRF tokens on all forms
- Add "bulletproof sessions" as per http://blog.teamtreehouse.com/how-to-create-bulletproof-sessions.
- Admin control over session timeout
- Add rate limiting on register/login attempts, and password hash compare against known weak passwords #224
- Allow user list page to filter by column contents. Paginate if user list becomes very long.
- Upgrade to Bootstrap 3.2, fix CSS for nav bars to work with 3.2.
- Gravatar support (should be pretty easy, see https://en.gravatar.com/site/implement/images/php/)
- Add group description field.
- Switch over to the onvert all
.click()items for dialogs into.submit()and add appropriateformelements. - Possibly switch over to the jQuery Forms plugin
- Endless scroll and server-side pagination. Filter by group membership, other advanced criteria.
- "Remember me" feature
- Graph for new users/day, signins per day, etc
- Timezone support
- Deploy the bootstrapvalidator plugin (https://github.com/nghuuphuoc/bootstrapvalidator) for client-side validation (as opposed to our own, clunkier validator).
- Standardize all site messages using MessageStream
- Add more languages
- Add ability for admins to add/remove user account fields, without having to modify code.
- Add ability for admins to do a "password reset" on user accounts.
- Add ability for admins to enable/disable captcha.
- Add ability for admins to bulk add/remove users from groups.
- Add ability to easily copy auth rules from one group to another.
- Expand authorization feature to control other types of resources besides actions (e.g. links, templates, images, etc).
- Log in as another user #197.
- Consolidate server-side validation using Fortress (https://github.com/alexweissman/fortress)
- Continue improving error-handling and rendering system. Two types of errors: "immediate" and "after reload". Do we still like the idea of having an "error stream" api (
user_alerts)? - Auto-redirect to last visited page on login
- Break user table into
usersanduser_events? - Detect edit conflicts - concurrent update/delete management
-
Use an ORM so as to support other DB types (sqlLite, etc)Decided against - too slow and cumbersome. But it is easy to extend the Model for other databases. -
Persistent DB connection?Bad idea b/c connections can be externally closed
- PM System - ( https://github.com/lilfade/UF-PMSystem - Needs to be fixed )
- Server-side JS?
- Profile management per user
- Online Users (shows logged in users navigating the site in the last X minutes)
- SMTP mail system
- Invite System #151