diff --git a/_includes/common/performance.md b/_includes/common/performance.md index 18c35ce6f..a465a2ff0 100644 --- a/_includes/common/performance.md +++ b/_includes/common/performance.md @@ -35,8 +35,8 @@ Take a look at the following query to retrieve GameScore objects: {% if page.language == "js" %} ```javascript -var GameScore = Parse.Object.extend("GameScore"); -var query = new Parse.Query(GameScore); +const GameScore = Parse.Object.extend("GameScore"); +const query = new Parse.Query(GameScore); query.equalTo("score", 50); query.containedIn("playerName", ["Jonathan Walsh", "Dario Wunsch", "Shawn Simon"]); @@ -181,8 +181,8 @@ For example, let's say you're tracking high scores for a game in a GameScore cla {% if page.language == "js" %} ```javascript -var GameScore = Parse.Object.extend("GameScore"); -var query = new Parse.Query(GameScore); +const GameScore = Parse.Object.extend("GameScore"); +const query = new Parse.Query(GameScore); query.notEqualTo("playerName", "Michael Yabuti"); query.find().then(function(results) { // Retrieved scores successfully @@ -269,7 +269,7 @@ For example if the User class has a column called state which has values “Sign {% if page.language == "js" %} ```javascript -var query = new Parse.Query(Parse.User); +const query = new Parse.Query(Parse.User); query.notEqualTo("state", "Invited"); ``` {% endif %} diff --git a/_includes/common/security.md b/_includes/common/security.md index cd327b8a8..989dc32b6 100644 --- a/_includes/common/security.md +++ b/_includes/common/security.md @@ -547,7 +547,7 @@ The master key should be used carefully. setting `useMasterKey` to `true` only i ```js Parse.Cloud.define("like", async request => { - var post = new Parse.Object("Post"); + const post = new Parse.Object("Post"); post.id = request.params.postId; post.increment("likes"); await post.save(null, { useMasterKey: true }) diff --git a/_includes/parse-server/adapters.md b/_includes/parse-server/adapters.md new file mode 100644 index 000000000..c799b18d5 --- /dev/null +++ b/_includes/parse-server/adapters.md @@ -0,0 +1,7 @@ +# Adapters + +All official adapters are distributed as scoped pacakges on [npm (@parse)](https://www.npmjs.com/search?q=scope%3Aparse). + +Some adapters are also available on the [Parse Server Modules](https://github.com/parse-server-modules) organization. + +You can also find more adapters maintained by the community by searching on [npm](https://www.npmjs.com/search?q=parse-server%20adapter&page=1&ranking=optimal). diff --git a/_includes/parse-server/bleeding-edge.md b/_includes/parse-server/bleeding-edge.md new file mode 100644 index 000000000..4a19dfeed --- /dev/null +++ b/_includes/parse-server/bleeding-edge.md @@ -0,0 +1,9 @@ +# Want to ride the bleeding edge? + +It is recommend to use builds deployed to npm for many reasons, but if you want to use +the latest not-yet-released version of parse-server, you can do so by depending +directly on this branch: + +``` +npm install parse-community/parse-server.git#master +``` diff --git a/_includes/parse-server/configuration.md b/_includes/parse-server/configuration.md new file mode 100644 index 000000000..e803788af --- /dev/null +++ b/_includes/parse-server/configuration.md @@ -0,0 +1,209 @@ +# Configuration + +Parse Server can be configured using the following options. You may pass these as parameters when running a standalone `parse-server`, or by loading a configuration file in JSON format using `parse-server path/to/configuration.json`. If you're using Parse Server on Express, you may also pass these to the `ParseServer` object as options. + +For the full list of available options, run `parse-server --help` or take a look at [Parse Server Configurations](http://parseplatform.org/parse-server/api/master/ParseServerOptions.html). + +## Basic Options + +* `appId`: A unique identifier for your app. +* `databaseURI`: Connection string URI for your MongoDB. +* `cloud`: Path to your app’s Cloud Code. +* `masterKey`: A key that overrides all permissions. Keep this secret. +* `serverURL`: URL to your Parse Server (don't forget to specify http:// or https://). This URL will be used when making requests to Parse Server from Cloud Code. +* `port`: The default port is 1337, specify this parameter to use a different port. +* `push`: An object containing push configuration. See [Push](#push-notifications) +* `auth`: Configure support for [3rd party authentication](#oauth-and-3rd-party-authentication). + +For the full list of available options, run `parse-server --help` or refer to [Parse Server Options](https://parseplatform.org/parse-server/api/master/ParseServerOptions.html) for a complete list of configuration options. + +The Parse Server object was built to be passed directly into `app.use`, which will mount the Parse API at a specified path in your Express app: + +```js +const express = require('express'); +const ParseServer = require('parse-server').ParseServer; + +const app = express(); +const api = new ParseServer({ ... }); + +// Serve the Parse API at /parse URL prefix +app.use('/parse', api); + +var port = 1337; +app.listen(port, function() { + console.log('parse-server-example running on port ' + port + '.'); +}); +``` + +And with that, you will have a Parse Server running on port 1337, serving the Parse API at `/parse`. + +## Additional Options + +### Email verification and password reset + +Verifying user email addresses and enabling password reset via email requires an email adapter. As part of the parse-server package we provide an adapter for sending email through Mailgun. To use it, sign up for Mailgun, and add this to your initialization code: + +```js +const api = ParseServer({ + ...otherOptions, + verifyUserEmails: true, + emailVerifyTokenValidityDuration: 2 * 60 * 60, // in seconds (2 hours = 7200 seconds) + preventLoginWithUnverifiedEmail: false, // defaults to false + publicServerURL: 'https://example.com/parse', + appName: 'Parse App', + emailAdapter: { + module: '@parse/simple-mailgun-adapter', + options: { + fromAddress: 'parse@example.com', + domain: 'example.com', + apiKey: 'key-mykey', + } + }, +}); +``` + +You can also use email adapters contributed by the community such as: +- [parse-server-mailgun-adapter-template](https://www.npmjs.com/package/parse-server-mailgun-adapter-template) +- [parse-smtp-template (Multi Language and Multi Template)](https://www.npmjs.com/package/parse-smtp-template) +- [parse-server-postmark-adapter](https://www.npmjs.com/package/parse-server-postmark-adapter) +- [parse-server-sendgrid-adapter](https://www.npmjs.com/package/parse-server-sendgrid-adapter) +- [parse-server-mandrill-adapter](https://www.npmjs.com/package/parse-server-mandrill-adapter) +- [parse-server-simple-ses-adapter](https://www.npmjs.com/package/parse-server-simple-ses-adapter) +- [parse-server-sendinblue-adapter](https://www.npmjs.com/package/parse-server-sendinblue-adapter) +- [parse-server-mailjet-adapter](https://www.npmjs.com/package/parse-server-mailjet-adapter) +- [simple-parse-smtp-adapter](https://www.npmjs.com/package/simple-parse-smtp-adapter) +- [parse-server-generic-email-adapter](https://www.npmjs.com/package/parse-server-generic-email-adapter) + +The Parse Server Configuration Options relating to email verifcation are: + +* `verifyUserEmails`: Whether the Parse Server should send an email on user signup. +* `emailVerifyTokenValidityDuration`: How long the email verify tokens should be valid for. +* `emailVerifyTokenReuseIfValid`: Whether an existing token should be resent if the token is still valid. +* `preventLoginWithUnverifiedEmail`: Whether the Parse Server should prevent login until the user verifies their email. +* `publicServerURL`: The public URL of your app. This will appear in the link that is used to verify email addresses and reset passwords. +* `appName`: Your apps name. This will appear in the subject and body of the emails that are sent. +* `emailAdapter`: The email adapter. + + +Note: + +* If `verifyUserEmails` is `true` and if `emailVerifyTokenValidityDuration` is `undefined` then the email verify token never expires. Otherwise, the email verify token expires after `emailVerifyTokenValidityDuration`. + +### Account Lockout + +Account lockouts prevent login requests after a defined number of failed password attempts. The account lock prevents logging in for a period of time even if the correct password is entered. + +If the account lockout policy is set and there are more than `threshold` number of failed login attempts then the `login` api call returns error code `Parse.Error.OBJECT_NOT_FOUND` with error message `Your account is locked due to multiple failed login attempts. Please try again after minute(s)`. + +After `duration` minutes of no login attempts, the application will allow the user to try login again. + +*`accountLockout`: Object that contains account lockout rules. +*`accountLockout.duration`: Determines the number of minutes that a locked-out account remains locked out before automatically becoming unlocked. Set it to a value greater than 0 and less than 100000. +*`accountLockout.threshold`: Determines the number of failed sign-in attempts that will cause a user account to be locked. Set it to an integer value greater than 0 and less than 1000. + +```js +const api = ParseServer({ + ...otherOptions, + accountLockout: { + duration: 5, + threshold: 3 + } +}); +``` + +### Password Policy + +Password policy is a good way to enforce that users' passwords are secure. Two optional settings can be used to enforce strong passwords. Either one or both can be specified. + +If both are specified, both checks must pass to accept the password + +1. `passwordPolicy.validatorPattern`: a RegExp object or a regex string representing the pattern to enforce +2. `passwordPolicy.validatorCallback`: a callback function to be invoked to validate the password + +The full range of options for Password Policy are: + +*`passwordPolicy` is an object that contains the following rules: +*`passwordPolicy.validationError`: optional error message to be sent instead of the default "Password does not meet the Password Policy requirements" message. +*`passwordPolicy.doNotAllowUsername`: optional setting to disallow username in passwords. +*`passwordPolicy.maxPasswordAge`: optional setting in days for password expiry. Login fails if user does not reset the password within this period after signup/last reset. +*`passwordPolicy.maxPasswordHistory`: optional setting to prevent reuse of previous n passwords. Maximum value that can be specified is 20. Not specifying it or specifying 0 will not enforce history. +*`passwordPolicy.resetTokenValidityDuration`: optional setting to set a validity duration for password reset links (in seconds). +*`passwordPolicy.resetTokenReuseIfValid`: optional setting to resend the current token if it's still valid. + +```js +const validatePassword = password => { + if (!password) { + return false; + } + if (password.includes('pass')) { + return false; + } + return true; +} +const api = ParseServer({ + ...otherOptions, + passwordPolicy: { + validatorPattern: /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.{8,})/, // enforce password with at least 8 char with at least 1 lower case, 1 upper case and 1 digit + validatorCallback: (password) => { return validatePassword(password) }, + validationError: 'Password must contain at least 1 digit.', + doNotAllowUsername: true, + maxPasswordAge: 90, + maxPasswordHistory: 5, + resetTokenValidityDuration: 24*60*60, + resetTokenReuseIfValid: true + } +}); +``` + +### Custom Pages + +It’s possible to change the default pages of the app and redirect the user to another path or domain. + +```js +const api = ParseServer({ + ...otherOptions, + customPages: { + passwordResetSuccess: "http://yourapp.com/passwordResetSuccess", + verifyEmailSuccess: "http://yourapp.com/verifyEmailSuccess", + parseFrameURL: "http://yourapp.com/parseFrameURL", + linkSendSuccess: "http://yourapp.com/linkSendSuccess", + linkSendFail: "http://yourapp.com/linkSendFail", + invalidLink: "http://yourapp.com/invalidLink", + invalidVerificationLink: "http://yourapp.com/invalidVerificationLink", + choosePassword: "http://yourapp.com/choosePassword" + } +}) +``` + +## Insecure Options + +When deploying to be production, make sure: + +* `allowClientClassCreation` is set to `false` +* `mountPlayground` is not set to `true` +* `masterKey` is set to a long and complex string +* `readOnlyMasterKey` if set, is set to a long and complex string +* That you have authentication required on your database, and, if you are using mongo, disable unauthenticated access to port 27017 +* You have restricted `count` and `addField` operations via [Class Level Permissions](#class-level-permissions) +* You enforce ACL and data validation using [cloud code]({{site.baseURL}}/cloudcode/guide/) + +## Using environment variables to configure Parse Server + +You may configure the Parse Server using environment variables: + +```bash +PORT +PARSE_SERVER_APPLICATION_ID +PARSE_SERVER_MASTER_KEY +PARSE_SERVER_DATABASE_URI +PARSE_SERVER_URL +PARSE_SERVER_CLOUD +``` + +The default port is 1337, to use a different port set the PORT environment variable: + +```bash +$ PORT=8080 parse-server --appId APPLICATION_ID --masterKey MASTER_KEY +``` + +For the full list of configurable environment variables, run `parse-server --help` or take a look at [Parse Server Configuration](https://github.com/parse-community/parse-server/blob/master/src/Options/Definitions.js). diff --git a/_includes/parse-server/development.md b/_includes/parse-server/development.md index 85e7bf6db..8f9f1f043 100644 --- a/_includes/parse-server/development.md +++ b/_includes/parse-server/development.md @@ -1,5 +1,7 @@ # Development Guide +We really want Parse to be yours, to see it grow and thrive in the open source community. Please see the [Contributing to Parse Server notes](https://github.com/parse-community/parse-server/blob/master/CONTRIBUTING.md). + ## Running Parse Server for development Normally, when you run a standalone Parse Server, the [latest release that has been pushed to npm](https://www.npmjs.com/package/parse-server) will be used. This is great if you are interested in just running Parse Server, but if you are developing a new feature or fixing a bug you will want to use the latest code on your development environment. @@ -59,6 +61,3 @@ The following is a breakdown of the various files you will find in the Parse Ser * [triggers.js](https://github.com/parse-community/parse-server/wiki/triggers.js) - cloud code methods for handling database trigger events * [users.js](https://github.com/parse-community/parse-server/wiki/users.js) - handle the /users and /login routes -## Contributing - -We really want Parse to be yours, to see it grow and thrive in the open source community. Please see the [Contributing to Parse Server notes](https://github.com/parse-community/parse-server/blob/master/CONTRIBUTING.md). diff --git a/_includes/parse-server/experimental.md b/_includes/parse-server/experimental.md new file mode 100644 index 000000000..f3f2a7437 --- /dev/null +++ b/_includes/parse-server/experimental.md @@ -0,0 +1,393 @@ +# Experimental + +The following features are still under active development and subject to an increased probability of bugs, breaking changes, non-backward compatible changes or removal in any future version. It's not recommended to use these features in production or other critical environments. + +However, we strongly appreciate if you try out these features in development environments and provide feedback, so that they can mature faster and become production fit. + +## Direct Access + +A Parse Server request in Cloud Code (such as a query) is usually sent to Parse Server via the HTTP interface, just as if the request came from outside Cloud Code and outside the current Node.js instance. This is true for all requests made with the Parse JavaScript SDK within the Node.js runtime in which Parse Server is running. + +Setting `directAccess: true` instead processes requests to Parse Server directly within the Parse instance without using the HTTP interface. This may improve performance, along with `enableSingleSchemaCache` set to `true`. + +Direct Access also has the side effect that requests within Cloud Code cannot be distributed via a load balancer when Parse Server is running in a multi-instance environment. + +Configuration: +```js +const api = new ParseServer({ + //...other configuration + directAccess: true +}); +``` + +## Idempotency + +This feature deduplicates identical requests that are received by Parse Server mutliple times, typically due to network issues or network adapter access restrictions on mobile operating systems. + +Identical requests are identified by their request header `X-Parse-Request-Id`. Therefore a client request has to include this header for deduplication to be applied. Requests that do not contain this header cannot be deduplicated and are processed normally by Parse Server. This means rolling out this feature to clients is seamless as Parse Server still processes requests without this header when this feature is enabled. + +This feature needs to be enabled on the client side to send the header and on the server to process the header. Refer to the specific Parse SDK docs to see whether the feature is supported yet. + +Deduplication is only done for object creation and update (`POST` and `PUT` requests). Deduplication is not done for object finding and deletion (`GET` and `DELETE` requests), as these operations are already idempotent by definition. + +Configutation: +```js +const api = new ParseServer({ + //...other configuration + idempotencyOptions: { + paths: [".*"], // enforce for all requests + ttl: 120 // keep request IDs for 120s + } +}); +``` +Parameters: + +* `idempotencyOptions` (`Object`): Setting this enables idempotency enforcement for the specified paths. +* `idempotencyOptions.paths`(`Array`): An array of path patterns that have to match the request path for request deduplication to be enabled. +* The mount path must not be included, for example to match the request path `/parse/functions/myFunction` specify the path pattern `functions/myFunction`. A trailing slash of the request path is ignored, for example the path pattern `functions/myFunction` matches both `/parse/functions/myFunction` and `/parse/functions/myFunction/`. + + Examples: + + * `.*`: all paths, includes the examples below + * `functions/.*`: all functions + * `jobs/.*`: all jobs + * `classes/.*`: all classes + * `functions/.*`: all functions + * `users`: user creation / update + * `installations`: installation creation / update + +* `idempotencyOptions.ttl`: The duration in seconds after which a request record is discarded from the database. Duplicate requests due to network issues can be expected to arrive within milliseconds up to several seconds. This value must be greater than `0`. + +### Notes + +- This feature is currently only available for MongoDB and not for Postgres. + +## Localization + +### Pages + +Custom pages as well as feature pages (e.g. password reset, email verification) can be localized with the `pages` option in the Parse Server configuration: + +```js +const api = new ParseServer({ + ...otherOptions, + + pages: { + enableRouter: true, // Enables the experimental feature; required for localization + enableLocalization: true, + } +} +``` + +Localization is achieved by matching a request-supplied `locale` parameter with localized page content. The locale can be supplied in either the request query, body or header with the following keys: +- query: `locale` +- body: `locale` +- header: `x-parse-page-param-locale` + +For example, a password reset link with the locale parameter in the query could look like this: +``` +http://example.com/parse/apps/[appId]/request_password_reset?token=[token]&username=[username]&locale=de-AT +``` + +- Localization is only available for pages in the pages directory as set with `pages.pagesPath`. +- Localization for feature pages (e.g. password reset, email verification) is disabled if `pages.customUrls` are set, even if the custom URLs point to the pages within the pages path. +- Only `.html` files are considered for localization when localizing custom pages. + +Pages can be localized in two ways: + +#### Localization with Directory Structure + +Pages are localized by using the corresponding file in the directory structure where the files are placed in subdirectories named after the locale or language. The file in the base directory is the default file. + +**Example Directory Structure:** +```js +root/ +├── public/ // pages base path +│ ├── example.html // default file +│ └── de/ // de language folder +│ │ └── example.html // de localized file +│ └── de-AT/ // de-AT locale folder +│ │ └── example.html // de-AT localized file +``` + +Files are matched with the locale in the following order: +1. Locale match, e.g. locale `de-AT` matches file in folder `de-AT`. +2. Language match, e.g. locale `de-CH` matches file in folder `de`. +3. Default; file in base folder is returned. + +**Configuration Example:** +```js +const api = new ParseServer({ + ...otherOptions, + + pages: { + enableRouter: true, // Enables the experimental feature; required for localization + enableLocalization: true, + customUrls: { + passwordReset: 'https://example.com/page.html' + } + } +} +``` + +Pros: +- All files are complete in their content and can be easily opened and previewed by viewing the file in a browser. + +Cons: +- In most cases, a localized page differs only slighly from the default page, which could cause a lot of duplicate code that is difficult to maintain. + +#### Localization with JSON Resource + +Pages are localized by adding placeholders in the HTML files and providing a JSON resource that contains the translations to fill into the placeholders. + +**Example Directory Structure:** +```js +root/ +├── public/ // pages base path +│ ├── example.html // the page containg placeholders +├── private/ // folder outside of public scope +│ └── translations.json // JSON resource file +``` + +The JSON resource file loosely follows the [i18next](https://github.com/i18next/i18next) syntax, which is a syntax that is often supported by translation platforms, making it easy to manage translations, exporting them for use in Parse Server, and even to automate this workflow. + +**Example JSON Content:** +```json +{ + "en": { // resource for language `en` (English) + "translation": { + "greeting": "Hello!" + } + }, + "de": { // resource for language `de` (German) + "translation": { + "greeting": "Hallo!" + } + } + "de-AT": { // resource for locale `de-AT` (Austrian German) + "translation": { + "greeting": "Servus!" + } + } +} +``` + +**Configuration Example:** +```js +const api = new ParseServer({ + ...otherOptions, + + pages: { + enableRouter: true, // Enables the experimental feature; required for localization + enableLocalization: true, + localizationJsonPath: './private/localization.json', + localizationFallbackLocale: 'en' + } +} +``` + +Pros: +- There is only one HTML file to maintain containing the placeholders which are filled with the translations according to the locale. + +Cons: +- Files cannot be easily previewed by viewing the file in a browser because the content contains only placeholders and even HTML or CSS changes may be dynamically applied, e.g. when a localization requires a Right-To-Left layout direction. +- Style and other fundamental layout changes may be more difficult to apply. + +#### Dynamic placeholders + +In addition to feature related default parameters such as `appId` and the translations provided via JSON resource, it is possible to define custom dynamic placeholders as part of the router configuration. This works independently of localization and, also if `enableLocalization` is disabled. + +**Configuration Example:** +```js +const api = new ParseServer({ + ...otherOptions, + + pages: { + enableRouter: true, // Enables the experimental feature; required for localization + placeholders: { + exampleKey: 'exampleValue' + } + } +} +``` +The placeholders can also be provided as a function or as an async function, with the `locale` and other feature related parameters passed through, to allow for dynamic placeholder values: + +```js +const api = new ParseServer({ + ...otherOptions, + + pages: { + enableRouter: true, // Enables the experimental feature; required for localization + placeholders: async (params) => { + const value = await doSomething(params.locale); + return { + exampleKey: value + }; + } + } +} +``` + +#### Reserved Keys + +The following parameter and placeholder keys are reserved because they are used in relation to features such as password reset or email verification. They should not be used as translation keys in the JSON resource or as manually defined placeholder keys in the configuration: `appId`, `appName`, `email`, `error`, `locale`, `publicServerUrl`, `token`, `username`. + +### Parameters + +**pages** + +_Optional `Object`. Default: `undefined`._ + +The options for pages such as password reset and email verification. + +Environment variable: `PARSE_SERVER_PAGES` + +**pages.enableRouter** + +_Optional `Boolean`. Default: `false`._ + +Is `true` if the pages router should be enabled; this is required for any of the pages options to take effect. + +Environment variable: `PARSE_SERVER_PAGES_ENABLE_ROUTER` + +**pages.enableLocalization** + +_Optional `Boolean`. Default: `false`._ + +Is `true` if pages should be localized; this has no effect on custom page redirects. + +Environment variable: `PARSE_SERVER_PAGES_ENABLE_LOCALIZATION` + +**pages.localizationJsonPath** + +_Optional `String`. Default: `undefined`._ + +The path to the JSON file for localization; the translations will be used to fill template placeholders according to the locale. + +Example: `./private/translations.json` + +Environment variable: `PARSE_SERVER_PAGES_LOCALIZATION_JSON_PATH` + +**pages.localizationFallbackLocale** + +_Optional `String`. Default: `en`._ + +The fallback locale for localization if no matching translation is provided for the given locale. This is only relevant when providing translation resources via JSON file. + +Example: `en`, `en-GB`, `default` + +Environment variable: `PARSE_SERVER_PAGES_LOCALIZATION_FALLBACK_LOCALE` + +**pages.placeholders** + +_Optional `Object`, `Function`, or `AsyncFunction`. Default: `undefined`._ + +The placeholder keys and values which will be filled in pages; this can be a simple object or a callback function. + +Example: `{ exampleKey: 'exampleValue' }` + +Environment variable: `PARSE_SERVER_PAGES_PLACEHOLDERS` + +**pages.forceRedirect** + +_Optional `Boolean`. Default: `false`._ + +Is `true` if responses should always be redirects and never content, false if the response type should depend on the request type (`GET` request -> content response; `POST` request -> redirect response). + +Environment variable: `PARSE_SERVER_PAGES_FORCE_REDIRECT` + +**pages.pagesPath** + +_Optional `String`. Default: `./public`._ + +The path to the pages directory; this also defines where the static endpoint `/apps` points to. + +Example: `./files/pages`, `../../pages` + +Environment variable: `PARSE_SERVER_PAGES_PAGES_PATH` + +**pages.pagesEndpoint** + +_Optional `String`. Default: `apps`._ + +The API endpoint for the pages. + +Environment variable: `PARSE_SERVER_PAGES_PAGES_ENDPOINT` + +**pages.customUrls** + +_Optional `Object`. Default: `{}`._ + +The URLs to the custom pages. + +Example: `{ passwordReset: 'https://example.com/page.html' }` + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URLS` + +**pages.customUrls.passwordReset** + +_Optional `String`. Default: `password_reset.html`._ + +The URL to the custom page for password reset. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_PASSWORD_RESET` + +**pages.customUrls.passwordResetSuccess** + +_Optional `String`. Default: `password_reset_success.html`._ + +The URL to the custom page for password reset -> success. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_PASSWORD_RESET_SUCCESS` + +**pages.customUrls.passwordResetLinkInvalid** + +_Optional `String`. Default: `password_reset_link_invalid.html`._ + +The URL to the custom page for password reset -> link invalid. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_PASSWORD_RESET_LINK_INVALID` + +**pages.customUrls.emailVerificationSuccess** + +_Optional `String`. Default: `email_verification_success.html`._ + +The URL to the custom page for email verification -> success. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_EMAIL_VERIFICATION_SUCCESS` + +**pages.customUrls.emailVerificationSendFail** + +_Optional `String`. Default: `email_verification_send_fail.html`._ + +The URL to the custom page for email verification -> link send fail. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_EMAIL_VERIFICATION_SEND_FAIL` + +**pages.customUrls.emailVerificationSendSuccess** + +_Optional `String`. Default: `email_verification_send_success.html`._ + +The URL to the custom page for email verification -> resend link -> success. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_EMAIL_VERIFICATION_SEND_SUCCESS` + +**pages.customUrls.emailVerificationLinkInvalid** + +_Optional `String`. Default: `email_verification_link_invalid.html`._ + +The URL to the custom page for email verification -> link invalid. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_EMAIL_VERIFICATION_LINK_INVALID` + +**pages.customUrls.emailVerificationLinkExpired** + +_Optional `String`. Default: `email_verification_link_expired.html`._ + +The URL to the custom page for email verification -> link expired. + +Environment variable: `PARSE_SERVER_PAGES_CUSTOM_URL_EMAIL_VERIFICATION_LINK_EXPIRED` + +### Notes + +- In combination with the [Parse Server API Mail Adapter](https://www.npmjs.com/package/parse-server-api-mail-adapter) Parse Server provides a fully localized flow (emails -> pages) for the user. The email adapter sends a localized email and adds a locale parameter to the password reset or email verification link, which is then used to respond with localized pages. diff --git a/_includes/parse-server/graphql.md b/_includes/parse-server/graphql.md new file mode 100644 index 000000000..8649f0352 --- /dev/null +++ b/_includes/parse-server/graphql.md @@ -0,0 +1,52 @@ +# GraphQL + +[GraphQL](https://graphql.org/), developed by Facebook, is an open-source data query and manipulation language for APIs. In addition to the traditional REST API, Parse Server automatically generates a GraphQL API based on your current application schema. Parse Server also allows you to define your custom GraphQL queries and mutations, whose resolvers can be bound to your cloud code functions. + +## Running + +### Using the CLI + +The easiest way to run the Parse GraphQL API is through the CLI: + +```bash +$ npm install -g parse-server mongodb-runner +$ mongodb-runner start +$ parse-server --appId APPLICATION_ID --masterKey MASTER_KEY --databaseURI mongodb://localhost/test --publicServerURL http://localhost:1337/parse --mountGraphQL --mountPlayground +``` + +After starting the server, you can visit http://localhost:1337/playground in your browser to start playing with your GraphQL API. + +Note: + +- Do **NOT** use --mountPlayground option in production. [Parse Dashboard](https://github.com/parse-community/parse-dashboard) has a built-in GraphQL Playground and it is the recommended option for production apps. + +### Using Docker + +You can also run the Parse GraphQL API inside a Docker container: + +```bash +$ git clone https://github.com/parse-community/parse-server +$ cd parse-server +$ docker build --tag parse-server . +$ docker run --name my-mongo -d mongo +``` + +#### Running the Parse Server Image + +```bash +$ docker run --name my-parse-server --link my-mongo:mongo -v config-vol:/parse-server/config -p 1337:1337 -d parse-server --appId APPLICATION_ID --masterKey MASTER_KEY --databaseURI mongodb://mongo/test --publicServerURL http://localhost:1337/parse --mountGraphQL --mountPlayground +``` + +Note: + +* If you want to use [Cloud Code]({{ site.baseUrl }}/cloudcode/guide/) feature, please add `-v cloud-code-vol:/parse-server/cloud --cloud /parse-server/cloud/main.js` to command above. Make sure the `main.js` file is available in the `cloud-code-vol` directory before run this command. Otherwise, an error will occur. + +After starting the server, you can visit http://localhost:1337/playground in your browser to start playing with your GraphQL API. + +## Learning more + +The [Parse GraphQL Guide]({{ site.baseUrl }}/graphql/guide/) is a very good source for learning how to use the Parse GraphQL API. + +You also have a very powerful tool inside your GraphQL Playground. Please look at the right side of your GraphQL Playground. You will see the `DOCS` and `SCHEMA` menus. They are automatically generated by analyzing your application schema. Please refer to them and learn more about everything that you can do with your Parse GraphQL API. + +Additionally, the [GraphQL Learn Section](https://graphql.org/learn/) is a very good source to learn more about the power of the GraphQL language. \ No newline at end of file diff --git a/_includes/parse-server/logging.md b/_includes/parse-server/logging.md new file mode 100644 index 000000000..511bf17ec --- /dev/null +++ b/_includes/parse-server/logging.md @@ -0,0 +1,39 @@ +# Logging + +Parse Server will, by default, log: +* to the console +* daily rotating files as new line delimited JSON + +Logs are also viewable in the Parse Dashboard. + +**Want to log each request and response?** + +Set the `VERBOSE` environment variable when starting `parse-server`. + +``` +VERBOSE='1' parse-server --appId APPLICATION_ID --masterKey MASTER_KEY +``` + +**Want logs to be in placed in a different folder?** + +Pass the `PARSE_SERVER_LOGS_FOLDER` environment variable when starting `parse-server`. + +``` +PARSE_SERVER_LOGS_FOLDER='' parse-server --appId APPLICATION_ID --masterKey MASTER_KEY +``` + +**Want to log specific levels?** + +Pass the `logLevel` parameter when starting `parse-server`. + +``` +parse-server --appId APPLICATION_ID --masterKey MASTER_KEY --logLevel LOG_LEVEL +``` + +**Want new line delimited JSON error logs (for consumption by CloudWatch, Google Cloud Logging, etc)?** + +Pass the `JSON_LOGS` environment variable when starting `parse-server`. + +``` +JSON_LOGS='1' parse-server --appId APPLICATION_ID --masterKey MASTER_KEY +``` diff --git a/_includes/parse-server/upgrading-to-v3.md b/_includes/parse-server/upgrading-to-v3.md new file mode 100644 index 000000000..ea8172a29 --- /dev/null +++ b/_includes/parse-server/upgrading-to-v3.md @@ -0,0 +1,5 @@ +# Upgrading Parse Server to version 3.0.0 + +Starting 3.0.0, Parse Server uses the JS SDK version 2.0. In short, Parse SDK v2.0 removes the backbone style callbacks as well as the `Parse.Promise` object in favor of native promises. All the Cloud Code interfaces also have been updated to reflect those changes, and all backbone style response objects are removed and replaced by Promise style resolution. + +We have written up a [migration guide](https://github.com/parse-community/parse-server/blob/master/3.0.0.md), hoping this will help you transition to the next major release. diff --git a/_includes/parse-server/usage.md b/_includes/parse-server/usage.md index ecb0e5bea..da40b75be 100644 --- a/_includes/parse-server/usage.md +++ b/_includes/parse-server/usage.md @@ -5,49 +5,11 @@ Parse Server is meant to be mounted on an [Express](http://expressjs.com/) app. The constructor returns an API object that conforms to an [Express Middleware](http://expressjs.com/en/api.html#app.use). This object provides the REST endpoints for a Parse app. Create an instance like so: ```js -var api = new ParseServer({ +const api = new ParseServer({ databaseURI: 'mongodb://your.mongo.uri', cloud: './cloud/main.js', appId: 'myAppId', - fileKey: 'myFileKey', masterKey: 'mySecretMasterKey', - push: { ... }, // See the Push wiki page - filesAdapter: ..., + serverURL: 'http://localhost:1337/parse' }); -``` - -The parameters are as follows: - -* `databaseURI`: Connection string URI for your MongoDB. -* `cloud`: Path to your app’s Cloud Code. -* `appId`: A unique identifier for your app. -* `fileKey`: A key that specifies a prefix used for file storage. For migrated apps, this is necessary to provide access to files already hosted on Parse. -* `masterKey`: A key that overrides all permissions. Keep this secret. -* `clientKey`: The client key for your app. (optional) -* `restAPIKey`: The REST API key for your app. (optional) -* `javascriptKey`: The JavaScript key for your app. (optional) -* `dotNetKey`: The .NET key for your app. (optional) -* `push`: An object containing push configuration. See [Push](#push-notifications) -* `filesAdapter`: An object that implements the [FilesAdapter](https://github.com/parse-community/parse-server/blob/master/src/Adapters/Files/FilesAdapter.js) interface. For example, [the S3 files adapter](#configuring-file-adapters) -* `auth`: Configure support for [3rd party authentication](#oauth-and-3rd-party-authentication). -* `maxUploadSize`: Maximum file upload size. Make sure your server does not restrict max request body size (e.g. nginx.conf `client_max_body_size 100m;`) - -The Parse Server object was built to be passed directly into `app.use`, which will mount the Parse API at a specified path in your Express app: - -```js -var express = require('express'); -var ParseServer = require('parse-server').ParseServer; - -var app = express(); -var api = new ParseServer({ ... }); - -// Serve the Parse API at /parse URL prefix -app.use('/parse', api); - -var port = 1337; -app.listen(port, function() { - console.log('parse-server-example running on port ' + port + '.'); -}); -``` - -And with that, you will have a Parse Server running on port 1337, serving the Parse API at `/parse`. +``` \ No newline at end of file diff --git a/parse-server.md b/parse-server.md index c5a123895..7e55980bc 100644 --- a/parse-server.md +++ b/parse-server.md @@ -16,11 +16,18 @@ sections: - "parse-server/push-notifications.md" - "parse-server/push-notifications-clients.md" - "parse-server/class-level-permissions.md" +- "parse-server/adapters.md" - "parse-server/file-adapters.md" - "parse-server/cache-adapters.md" - "parse-server/live-query.md" - "parse-server/third-party-auth.md" +- "parse-server/graphql.md" +- "parse-server/logging.md" +- "common/security.md" - "parse-server/MongoRocks.md" - "parse-server/MongoReadPreference.md" +- "parse-server/upgrading-to-v3.md" +- "parse-server/experimental.md" +- "parse-server/bleeding-edge.md" - "parse-server/development.md" ---