feat(oauth): multiple strategies per account; changeable email

[meeDamian]

Changes include:

• all 3 main networks are selected by default when user chooses to enable oauth¹,
• added ability to change email in settings,
• added ability to set password after register through oauth,
• admins can now confirm user's emails,
• Google scope updated to match with migration guide,
• implicit set of default options removed in some places,
• some unnecessary angular injections removed,
• some reserved JS words quoted,
• minor style fixes & cleanup.

Breaking:

• data fetched from oauth accounts is now stored in a different structure (strategies object on User model),
• credentials (such as email or phone) are now moved to credentials object array in User model (Helps with keeping track of states of individual methods and having multiple of them).

TODO:

• ability to manually link oauth accounts from settings,
• add email hooks in where relevant.

¹ - I'll be adding more networks and they'll be disabled by default

[DaftMonk]

Not sure that we should enable any oauth strategies by default, they each take a bit of work to set up (setting up google/twitter/facebook oauth secrets/ids, and adding the environment variables)

[meeDamian]

It's only selected by default for people who want oauth in app they are about to generate. Also not setting key/secrets won't brake anything, only " Connect with *" buttons won't work.

[DaftMonk]

Well actually, the way its written, they're selected by default for anyone who uses authentication in their app. Idk, I just think the defaults should all pretty much work out of the box.

So this is something that should go into the next minor version. I'm thinking it would be good to setup a branch specifically for features that are going into the next minor version, so we can continue releasing patches until the minor version is ready to be released.

I'm going to create a canary branch that will focus on 2.1.0 features. Any bugfixes or really small features for the current version can go into master, and be merged into canary to keep it up to date.

A couple things I'd like to go into the next version would be to add support for sequelize as an alternative to mongoose, and perhaps support for password recovery emails, based on remi's PR for modular-fs.

Nice work with this btw!

[remicastaing]

I'm working on a PR for mail address confirmation (through mail) and password recovery for the generator. The WIP can be seen here: in https://github.com/remicastaing/generator-angular-fullstack/tree/mail.

+1 for canary.

[meeDamian]

@DaftMonk Yes, I agree, anything I should do?

[DaftMonk]

Merged into canary.

[drastick]

Why was this reverted?

ce7f342

[remicastaing]

Why was this reverted?

You will find the answer here: #492