From ec61bd45dcee119cfb73e2b73ecbf64d93ca3c54 Mon Sep 17 00:00:00 2001
From: Lenart Rudel <lenart.rudel@gmail.com>
Date: Mon, 21 Nov 2016 22:17:00 +0100
Subject: [PATCH] Add parseFrameURL for masking user-facing pages.

Allow users to specify a different address which is used to mask parse
requests for verifying email and resetting password. This is how Parse.com
used to allow customers to gain control over page content, styling etc.

On the destination page javascript is used to check the link in the request
and embed the parse server page using IFRAME.
---
 src/Config.js                     |  4 ++++
 src/Controllers/UserController.js | 15 +++++++++++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/Config.js b/src/Config.js
index d2fa2726e93..7406baeef11 100644
--- a/src/Config.js
+++ b/src/Config.js
@@ -236,6 +236,10 @@ export class Config {
     return this.customPages.passwordResetSuccess || `${this.publicServerURL}/apps/password_reset_success.html`;
   }
 
+  get parseFrameURL() {
+    return this.customPages.parseFrameURL;
+  }
+
   get verifyEmailURL() {
     return `${this.publicServerURL}/apps/${this.applicationId}/verify_email`;
   }
diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js
index d54f036b458..595e63e67ef 100644
--- a/src/Controllers/UserController.js
+++ b/src/Controllers/UserController.js
@@ -120,7 +120,7 @@ export class UserController extends AdaptableController {
     // We may need to fetch the user in case of update email
     this.getUserIfNeeded(user).then((user) => {
       const username = encodeURIComponent(user.username);
-      let link = `${this.config.verifyEmailURL}?token=${token}&username=${username}`;
+      let link = buildVerificationLink(this.config.verifyEmailURL, username, token);
       let options = {
         appName: this.config.appName,
         link: link,
@@ -155,8 +155,8 @@ export class UserController extends AdaptableController {
     .then(user => {
       const token = encodeURIComponent(user._perishable_token);
       const username = encodeURIComponent(user.username);
-      let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}`
 
+      let link = buildVerificationLink(this.config.requestResetPasswordURL, username, token);
       let options = {
         appName: this.config.appName,
         link: link,
@@ -217,4 +217,15 @@ function updateUserPassword(userId, password, config) {
   });
  }
 
+function buildVerificationLink(destination, username, token) {
+  let usernameAndToken = `token=${token}&username=${username}`
+
+   if (this.config.parseFrameURL) {
+     let destinationWithoutHost = destination.replace(this.config.publicServerURL, '');
+     return `${this.config.parseFrameURL}?link=${encodeURIComponent(destinationWithoutHost)}&${usernameAndToken}`;
+   } else {
+     return `${this.config.requestResetPasswordURL}?${usernameAndToken}`;
+   }
+ }
+
 export default UserController;