From f6af85c93c146a2499c1ab3c1124cb1993301354 Mon Sep 17 00:00:00 2001
From: senderfm <dev@sender.fm>
Date: Fri, 7 Jun 2019 20:33:16 +0200
Subject: [PATCH 01/89] Language Packs Spanish and French current status

---
 webapp/locales/de.json |  14 ++--
 webapp/locales/en.json |  10 +--
 webapp/locales/es.json | 185 ++++++++++++++++++++++++++++++++++++++---
 webapp/locales/fr.json | 158 +++++++++++++++++++++++++++++------
 4 files changed, 318 insertions(+), 49 deletions(-)

diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index a790e6461..8a5fe42c9 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -19,9 +19,9 @@
   "profile": {
     "name": "Mein Profil",
     "memberSince": "Mitglied seit",
-    "follow": "Folgen",
-    "followers": "Folgen",
-    "following": "Folgt",
+    "follow": "abonnieren",
+    "followers": "Abonnenten",
+    "following": "abonniert",
     "shouted": "Empfohlen",
     "commented": "Kommentiert",
     "userAnonym": "Anonymus",
@@ -91,9 +91,9 @@
     }
   },
   "admin": {
-    "name": "Systemverwaltung",
+    "name": "Admin",
     "dashboard": {
-      "name": "Startzentrale",
+      "name": "Dashboard",
       "users": "Benutzer",
       "posts": "Beiträge",
       "comments": "Kommentare",
@@ -102,7 +102,7 @@
       "projects": "Projekte",
       "invites": "Einladungen",
       "follows": "Folgen",
-      "shouts": "Shouts"
+      "shouts": "Empfehlungen"
     },
     "organizations": {
       "name": "Organisationen"
@@ -261,7 +261,7 @@
   },
   "followButton": {
     "follow": "Folgen",
-    "following": "Folge Ich"
+    "following": "Folge ich"
   },
   "shoutButton": {
     "shouted": "empfohlen"
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 289928f92..fe17f7b48 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -14,7 +14,7 @@
     "hello": "Hello"
   },
   "editor": {
-    "placeholder": "Leave your inspirational thoughts..."
+    "placeholder": "Write something inspiring..."
   },
   "profile": {
     "name": "My Profile",
@@ -22,14 +22,14 @@
     "follow": "Follow",
     "followers": "Followers",
     "following": "Following",
-    "shouted": "Shouted",
+    "shouted": "Recommended",
     "commented": "Commented",
     "userAnonym": "Anonymous",
     "socialMedia": "Where else can I find"
   },
   "notifications": {
     "menu": {
-      "mentioned": "has mentioned you in a post"
+      "mentioned": "mentioned you in a post"
     }
   },
   "search": {
@@ -43,7 +43,7 @@
       "name": "Your data",
       "labelName": "Your Name",
       "namePlaceholder": "Femanon Funny",
-      "labelCity": "Your City or Region",
+      "labelCity": "Su ciudad o región",
       "labelBio": "About You",
       "success": "Your data was successfully updated!"
     },
@@ -102,7 +102,7 @@
       "projects": "Projects",
       "invites": "Invites",
       "follows": "Follows",
-      "shouts": "Shouts"
+      "shouts": "Recommended"
     },
     "organizations": {
       "name": "Organizations"
diff --git a/webapp/locales/es.json b/webapp/locales/es.json
index 5beab2eef..bdff69850 100644
--- a/webapp/locales/es.json
+++ b/webapp/locales/es.json
@@ -1,4 +1,7 @@
 {
+  "filter-menu": {
+    "title": "Su burbuja de filtro"
+  },
   "login": {
     "copy": "Si ya tiene una cuenta de Human Connection, inicie sesión aquí.",
     "login": "Iniciar sesión",
@@ -6,39 +9,85 @@
     "email": "Tu correo electrónico",
     "password": "Tu contraseña",
     "moreInfo": "¿Qué es Human Connection?",
+    "moreInfoURL": "https://human-connection.org/es/",
+    "moreInfoHint": "a la página de presentación",
     "hello": "Hola"
   },
+  "editor": {
+    "placeholder": "Write something inspiring..."
+  },
   "profile": {
-    "name": "Mi perfil",
+    "name": "Mi Perfil",
     "memberSince": "Miembro desde",
     "follow": "Seguir",
     "followers": "Seguidores",
     "following": "Siguiendo",
-    "shouted": "Gritar",
-    "commented": "Comentado"
+    "shouted": "Recomendado",
+    "commented": "Comentado",
+    "userAnonym": "Anónimo",
+    "socialMedia": "¿Dónde más puedo encontrar"
+  },
+  "notifications": {
+    "menu": {
+      "mentioned": "te ha mencionado en un post"
+    }
+  },
+  "search": {
+    "placeholder": "Buscar",
+    "hint": "¿Qué estás buscando?",
+    "failed": "no encontró nada"
   },
   "settings": {
-    "name": "Configuración",
+    "name": "Ajustes",
     "data": {
-      "name": "Sus datos"
+      "name": "Sus datos",
+      "labelName": "Su nombre",
+      "namePlaceholder": "Femanon Funny",
+      "labelCity": "Your City or Region",
+      "labelBio": "Acerca de usted",
+      "success": "Sus datos han sido actualizados con éxito!"
     },
     "security": {
-      "name": "Seguridad"
+      "name": "Seguridad",
+      "change-password": {
+        "button": "Cambiar contraseña",
+        "success": "Contraseña cambiada con éxito!",
+        "label-old-password": "Su contraseña antigua",
+        "label-new-password": "Su nueva contraseña",
+        "label-new-password-confirm": "Confirm new password",
+        "message-old-password-required": "Ingrese su contraseña anterior",
+        "message-new-password-required": "Introduzca una nueva contraseña",
+        "message-new-password-confirm-required": "Confirme su nueva contraseña",
+        "message-new-password-missmatch": "Vuelva a escribir la misma contraseña",
+        "passwordSecurity": "Seguridad de la contraseña",
+        "passwordStrength0": "Contraseña muy insegura",
+        "passwordStrength1": "Contraseña insegura",
+        "passwordStrength2": "Contraseña mediocre",
+        "passwordStrength3": "Contraseña segura",
+        "passwordStrength4": "Contraseña muy sólida"
+      }
     },
     "invites": {
-      "name": "Invita"
+      "name": "invitaciones"
     },
     "download": {
       "name": "Descargar datos"
     },
     "delete": {
-      "name": "Borrar cuenta"
+      "name": "Eliminar cuenta"
     },
     "organizations": {
       "name": "Mis organizaciones"
     },
     "languages": {
-      "name": "Idiomas"
+      "name": "idiomas"
+    },
+    "social-media": {
+      "name": "Medios de comunicación social",
+      "placeholder": "Agregar una URL de Social-Media",
+      "submit": "Añadir enlace",
+      "successAdd": "Social-Media agregó. Perfil actualizado!",
+      "successDelete": "Social-Media borrado. Perfil actualizado!"
     }
   },
   "admin": {
@@ -53,7 +102,7 @@
       "projects": "Proyectos",
       "invites": "Invita",
       "follows": "Sigue",
-      "shouts": "Gritos"
+      "shouts": "Recomendado"
     },
     "organizations": {
       "name": "Organizaciones"
@@ -105,6 +154,11 @@
     }
   },
   "common": {
+    "your": {
+      "post": "Your Post ::: Your Posts",
+      "comment": "Your Comment ::: Your Comments",
+      "shout": "Your Shout ::: Your Shouts"
+    },
     "post": "Mensaje ::: Mensajes",
     "comment": "Comentario ::: Comentarios",
     "letsTalk": "Hablemos",
@@ -119,6 +173,113 @@
     "tag": "Etiqueta ::: Etiquetas",
     "name": "Nombre",
     "loadMore": "cargar más",
-    "loading": "cargando"
+    "loading": "cargando",
+    "reportContent": "Report"
+  },
+  "actions": {
+    "loading": "cargamento",
+    "loadMore": "cargar más",
+    "create": "Crear",
+    "save": "Guardar",
+    "edit": "Edite",
+    "delete": "Delete",
+    "cancel": "Cancelar"
+  },
+  "moderation": {
+    "name": "Moderación",
+    "reports": {
+      "empty": "Felicitaciones, nada que moderar.",
+      "name": "Informes",
+      "submitter": "comunicado por",
+      "disabledBy": "desactivado por"
+    }
+  },
+  "disable": {
+    "submit": "Desactivar",
+    "cancel": "Cancelar",
+    "success": "Discapacitado con éxito",
+    "user": {
+      "title": "Desactivar usuario",
+      "type": "Usuario",
+      "message": "¿Realmente quieres deshabilitar el usuario \"<b>{name}</b>\"?"
+    },
+    "contribution": {
+      "title": "Deshabilitar contribución",
+      "type": "Contribución",
+      "message": "¿Realmente quieres deshabilitar la contribución \"<b>{name}</b>\"?"
+    },
+    "comment": {
+      "title": "Desactivar comentario",
+      "type": "Comentario",
+      "message": "¿Realmente quieres deshabilitar el comentario de \"<b>{name}</b>\"?"
+    }
+  },
+  "delete": {
+    "submit": "Borrar",
+    "cancel": "Cancelar",
+    "contribution": {
+      "title": "Borrar contribución",
+      "type": "Contribución",
+      "message": "¿Realmente desea eliminar la Contribución \"<b>{name}</b>\" ?",
+      "success": "Contribución eliminada con éxito!"
+    },
+    "comment": {
+      "title": "Eliminar comentario",
+      "type": "Comentario",
+      "message": "¿Realmente quieres borrar el comentario de \"<b>{name}</b>\" ?",
+      "success": "Comentario eliminado con éxito!"
+    }
+  },
+  "report": {
+    "submit": "Informe",
+    "cancel": "Cancelar",
+    "success": "Gracias por informarnos!",
+    "user": {
+      "title": "Usuario de informe",
+      "type": "Usuario",
+      "message": "¿Realmente quieres reportar al usuario \"<b>{name}</b>\"?"
+    },
+    "contribution": {
+      "title": "Informe Contribución",
+      "type": "Contribución",
+      "message": "¿Realmente quieres informar al usuario de la contribución  \"<b>{name}</b>\"?"
+    },
+    "comment": {
+      "title": "Informe Comentario",
+      "type": "Comentario",
+      "message": "¿Realmente quieres reportar el comentario de \"<b>{name}</b>\"?"
+    }
+  },
+  "followButton": {
+    "follow": "Folgen",
+    "following": "Folge Ich"
+  },
+  "shoutButton": {
+    "shouted": "empfohlen"
+  },
+  "release": {
+    "submit": "Liberación",
+    "cancel": "Cancelar",
+    "success": "Liberar con éxito!",
+    "user": {
+      "title": "Usuario de la versión  ",
+      "type": "Usuario",
+      "message": "¿Realmente quieres liberar al usuario \"<b>{name}</b>\"?"
+    },
+    "contribution": {
+      "title": "Contribución de la versión ",
+      "type": "Contribución",
+      "message": "¿Realmente quieres liberar la contribución \"<b>{name}</b>\"?"
+    },
+    "comment": {
+      "title": "Comentario de la versión",
+      "type": "Comentario",
+      "message": "¿Realmente quieres liberar el comentario de \"<b>{name}</b>\"?"
+    }
+  },
+  "user": {
+    "avatar": {
+      "submitted": "Carga con éxito"
+    }
   }
-}
\ No newline at end of file
+}
diff --git a/webapp/locales/fr.json b/webapp/locales/fr.json
index bb0caaaa3..26d479538 100644
--- a/webapp/locales/fr.json
+++ b/webapp/locales/fr.json
@@ -1,4 +1,7 @@
 {
+  "filter-menu": {
+    "title": "Votre bulle de filtre"
+  },
   "login": {
     "copy": "Si vous avez déjà un compte human-connection, connectez-vous ici.",
     "login": "Connexion",
@@ -6,25 +9,66 @@
     "email": "Votre courriel",
     "password": "Votre mot de passe",
     "moreInfo": "Qu'est-ce que Human Connection?",
+    "moreInfoURL": "https://human-connection.org/fr/",
+    "moreInfoHint": "à la page de présentation",
     "hello": "Bonjour"
   },
+  "editor": {
+    "placeholder": "Écrivez quelque chose d'inspirant..."
+  },
   "profile": {
     "name": "Mon profil",
     "memberSince": "Membre depuis",
     "follow": "Suivre",
     "followers": "Suiveurs",
-    "following": "Suivant"
+    "following": "Suivant",
+    "shouted": "Recommandé",
+    "commented": "Comentado",
+    "userAnonym": "Anónimo",
+    "socialMedia": "Où d'autre puis-je trouver"
+  },
+  "notifications": {
+    "menu": {
+      "mentioned": "a parlé de vous dans un article"
+    }
+  },
+  "search": {
+    "placeholder": "Rechercher",
+    "hint": "Qu'est-ce que vous cherchez ?",
+    "failed": "Rien trouvé"
   },
   "settings": {
-    "name": "Paramètres",
+    "name": "Configurations",
     "data": {
-      "name": "Vos données"
+      "name": "Vos données",
+      "labelName": "Votre nom",
+      "namePlaceholder": "Fémanon Funny",
+      "labelCity": "Votre ville ou région",
+      "labelBio": "À propos de vous",
+      "success": "Vos données ont été mises à jour avec succès !"
     },
     "security": {
-      "name": "Sécurité"
+      "name": "Sécurité",
+      "change-password": {
+        "button": "Modifier le mot de passe",
+        "success": "Mot de passe modifié avec succès !",
+        "label-old-password": "Votre ancien mot de passe",
+        "label-new-password": "Votre nouveau mot de passe",
+        "label-new-password-confirm": "Confirmez votre nouveau mot de passe",
+        "message-old-password-required": "Entrez votre ancien mot de passe",
+        "message-new-password-required": "Entrez un nouveau mot de passe",
+        "message-new-password-confirm-required": "Confirmez votre nouveau mot de passe",
+        "message-new-password-missmatch": "Tapez à nouveau le même mot de passe",
+        "passwordSecurity": "Sécurité par mot de passe",
+        "passwordStrength0": "Mot de passe très peu sûr",
+        "passwordStrength1": "Mot de passe non sécurisé",
+        "passwordStrength2": "Mot de passe médiocre",
+        "passwordStrength3": "Mot de passe fort",
+        "passwordStrength4": "Mot de passe très fort"
+      }
     },
     "invites": {
-      "name": "Invite"
+      "name": "invitations"
     },
     "download": {
       "name": "Télécharger les données"
@@ -36,7 +80,14 @@
       "name": "Mes organisations"
     },
     "languages": {
-      "name": "Langues"
+      "name": "langues"
+    },
+    "social-media": {
+      "name": "Médias sociaux",
+      "placeholder": "Ajouter une URL pour les médias sociaux",
+      "submit": "Ajouter un lien",
+      "successAdd": "Les médias sociaux ont été ajoutés. Profil mis à jour !",
+      "successDelete": "Médias sociaux supprimé. Profil mis à jour !"
     }
   },
   "admin": {
@@ -51,7 +102,7 @@
       "projects": "Projets",
       "invites": "Invite",
       "follows": "Suit",
-      "shouts": "Cris"
+      "shouts": "Recommandé"
     },
     "organizations": {
       "name": "Organisations"
@@ -95,13 +146,18 @@
     }
   },
   "common": {
+    "your": {
+      "post": "Votre message  ::: Votre messages",
+      "comment": "Votre Commentaire ::: Votre Commentaires ",
+      "shout": "Votre Recommandation ::: Votre Recommandations"
+    },
     "post": "Message ::: Messages",
     "comment": "Commentaire ::: Commentaires",
     "letsTalk": "Parlons-en",
     "versus": "Versus",
     "moreInfo": "Plus d'infos",
     "takeAction": "Passer à l'action",
-    "shout": "Shout ::: Shouts",
+    "shout": "Recommandation ::: Recommandations",
     "user": "Utilisateur ::: Utilisateurs",
     "category": "Catégorie ::: Catégories",
     "organization": "Organisation ::: Organisations",
@@ -112,33 +168,64 @@
     "loading": "chargement",
     "reportContent": "Signaler"
   },
+  "actions": {
+    "loading": "chargement",
+    "loadMore": "charger plus",
+    "create": "Créer",
+    "save": "sauvegarde",
+    "edit": "Modifier",
+    "delete": "Supprimer",
+    "cancel": "Annuler"
+  },
   "moderation": {
+    "name": "Modération",
     "reports": {
       "empty": "Félicitations, rien à modérer.",
-      "name": "Signalisations",
-      "reporter": "signalé par"
+      "name": "Rapports",
+      "submitter": "signalé par",
+      "disabledBy": "ddésactivé par"
     }
   },
   "disable": {
+    "submit": "Désactiver",
+    "cancel": "Annuler",
+    "success": "Désactivé avec succès",
     "user": {
       "title": "Désactiver l'utilisateur",
       "type": "Utilisateur",
-      "message": "Souhaitez-vous vraiment désactiver l'utilisateur \" <b> {name} </b> \"?"
+      "message": "Voulez-vous vraiment désactiver l'utilisateur  \"<b>{name}</b>\"?"
     },
     "contribution": {
-      "title": "Désactiver l'apport",
-      "type": "apport",
-      "message": "Souhaitez-vous vraiment signaler l'entrée\" <b> {name} </b> \"?"
+      "title": "Cotisation d'invalidité",
+      "type": "Contribution",
+      "message": "Voulez-vous vraiment désactiver la contribution \"<b> {name} </b> \"?"
     },
     "comment": {
-      "title": "Désactiver le commentaire",
+      "title": "Désactiver commentaire",
       "type": "Commentaire",
-      "message": "Souhaitez-vous vraiment désactiver le commentaire de \"<b>{name}</b>\" ?"
+      "message": "Voulez-vous vraiment désactiver le commentaire de \"<b>{name}</b>\" ?"
+    }
+  },
+  "delete": {
+    "submit": "Supprimer",
+    "cancel": "Annuler",
+    "contribution": {
+      "title": "Supprimer la contribution",
+      "type": "Contribution",
+      "message": "Voulez-vous vraiment supprimer la contribution  \"<b>{name}</b>\" löschen möchtest?",
+      "success": "Contribution supprimée avec succès !"
+    },
+    "comment": {
+      "title": "Supprimer un commentaire",
+      "type": "Commentaire",
+      "message": "Voulez-vous vraiment supprimer le commentaire de \"<b>{name}</b>\" löschen möchtest?",
+      "success": "Commentaire supprimé avec succès !"
     }
   },
   "report": {
-    "submit": "Envoyer le rapport",
+    "submit": "Rapport",
     "cancel": "Annuler",
+    "success": "Merci de nous avoir fait part de vos commentaires!",
     "user": {
       "title": "Signaler l'utilisateur",
       "type": "Utilisateur",
@@ -155,15 +242,36 @@
       "message": "Souhaitez-vous vraiment signaler l'utilisateur \" <b> {name} </b> \"?"
     }
   },
-  "actions": {
-    "cancel": "Annuler"
+  "followButton": {
+    "follow": "découler",
+    "following": "Je suis les"
   },
-  "contribution": {
-    "edit": "Rédiger l'apport",
-    "delete": "Supprimer l'entrée"
+  "shoutButton": {
+    "shouted": "recommandé"
   },
-  "comment": {
-    "edit": "Rédiger un commentaire",
-    "delete": "Supprimer le commentaire"
+  "release": {
+    "submit": "Relâchez",
+    "cancel": "Annuler",
+    "success": "Relâchez avec succès!",
+    "user": {
+      "title": "Validation par l'utilisateur",
+      "type": "Utilisateur",
+      "message": "Voulez-vous vraiment libérer l'utilisateur \"<b>{name}</b>\"?"
+    },
+    "contribution": {
+      "title": "Versement de la contribution",
+      "type": "Contribution",
+      "message": "Voulez-vous vraiment débloquer la contribution \"<b>{name}</b>\"?"
+    },
+    "comment": {
+      "title": "Publication des commentaires",
+      "type": "Commentaire",
+      "message": "Voulez-vous vraiment publier le commentaire de \"<b>{name}</b>\"?"
+    }
+  },
+  "user": {
+    "avatar": {
+      "submitted": "Téléchargement réussi"
+    }
   }
 }

From dba719ea1c8f0ef93fbca9a3c8dd570953febdd2 Mon Sep 17 00:00:00 2001
From: senderfm <dev@sender.fm>
Date: Wed, 12 Jun 2019 12:54:33 +0200
Subject: [PATCH 02/89] english translation changes undone.

---
 webapp/locales/en.json | 2 +-
 webapp/locales/es.json | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index fe17f7b48..54b9e598e 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -14,7 +14,7 @@
     "hello": "Hello"
   },
   "editor": {
-    "placeholder": "Write something inspiring..."
+    "placeholder": "Leave your inspirational thoughts..."
   },
   "profile": {
     "name": "My Profile",
diff --git a/webapp/locales/es.json b/webapp/locales/es.json
index bdff69850..af9c21c3f 100644
--- a/webapp/locales/es.json
+++ b/webapp/locales/es.json
@@ -38,7 +38,7 @@
     "failed": "no encontró nada"
   },
   "settings": {
-    "name": "Ajustes",
+    "name": "Configuración",
     "data": {
       "name": "Sus datos",
       "labelName": "Su nombre",

From d024d7df91dbac80237fa74e62bba1a8469ed463 Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Fri, 14 Jun 2019 14:03:21 +0200
Subject: [PATCH 03/89] fixed importing of urls - remove url prefix

---
 .../maintenance-worker/migration/neo4j/badges.cql         | 2 +-
 .../maintenance-worker/migration/neo4j/contributions.cql  | 6 +++---
 .../maintenance-worker/migration/neo4j/users.cql          | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql b/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql
index 62cd4a2cc..2d1548d4f 100644
--- a/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql
+++ b/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql
@@ -45,7 +45,7 @@ MERGE(b:Badge {id: badge._id["$oid"]})
 ON CREATE SET
 b.key       = badge.key,
 b.type      = badge.type,
-b.icon      = badge.image.path,
+b.icon      = substring(badge.image.path, 38),
 b.status    = badge.status,
 b.createdAt = badge.createdAt.`$date`,
 b.updatedAt = badge.updatedAt.`$date`
diff --git a/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql b/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql
index 98d8f24e9..70f09e035 100644
--- a/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql
+++ b/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql
@@ -28,7 +28,7 @@
 [?]     unique: true, // Unique value is not enforced in Nitro?
 [-]     index: true
       },
-[ ]   type: {
+[ ]   type: { // db.getCollection('contributions').distinct('type') -> 'DELETED', 'cando', 'post'
 [ ]     type: String,
 [ ]     required: true,
 [-]     index: true
@@ -50,7 +50,7 @@
 [?]     required: true // Not required in Nitro
       },
 [ ]   hasMore: { type: Boolean },
-[?]   teaserImg: { type: String }, // Path is incorrect in Nitro
+[X]   teaserImg: { type: String },
 [ ]   language: {
 [ ]     type: String,
 [ ]     required: true,
@@ -131,7 +131,7 @@ MERGE (p:Post {id: post._id["$oid"]})
 ON CREATE SET
 p.title          = post.title,
 p.slug           = post.slug,
-p.image          = post.teaserImg,
+p.image          = substring(post.teaserImg, 38),
 p.content        = post.content,
 p.contentExcerpt = post.contentExcerpt,
 p.visibility     = toLower(post.visibility),
diff --git a/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql b/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql
index aec5499fc..96251a9ce 100644
--- a/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql
+++ b/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql
@@ -49,8 +49,8 @@
         }
       },
 [ ]   timezone: { type: String },
-[?]   avatar: { type: String }, // Path is incorrect in Nitro
-[?]   coverImg: { type: String }, // Path is incorrect in Nitro, was not modeled in latest Nitro - do we want this?
+[X]   avatar: { type: String },
+[X]   coverImg: { type: String },
 [ ]   doiToken: { type: String },
 [ ]   confirmedAt: { type: Date },
 [?]   badgeIds: [], // Verify this is working properly
@@ -102,8 +102,8 @@ u.name       = user.name,
 u.slug       = user.slug,
 u.email      = user.email,
 u.password   = user.password,
-u.avatar     = user.avatar,
-u.coverImg   = user.coverImg,
+u.avatar     = substring(user.avatar, 38),
+u.coverImg   = substring(user.coverImg, 38),
 u.wasInvited = user.wasInvited,
 u.wasSeeded  = user.wasSeeded,
 u.role       = toLower(user.role),

From 89d630b1eb82914996e140e6c481b292611f800a Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Fri, 14 Jun 2019 14:03:37 +0200
Subject: [PATCH 04/89] removed fixImageUrlsMiddleware

---
 .../src/middleware/fixImageUrlsMiddleware.js  | 48 -------------------
 .../middleware/fixImageUrlsMiddleware.spec.js | 36 --------------
 2 files changed, 84 deletions(-)
 delete mode 100644 backend/src/middleware/fixImageUrlsMiddleware.js
 delete mode 100644 backend/src/middleware/fixImageUrlsMiddleware.spec.js

diff --git a/backend/src/middleware/fixImageUrlsMiddleware.js b/backend/src/middleware/fixImageUrlsMiddleware.js
deleted file mode 100644
index c930915bf..000000000
--- a/backend/src/middleware/fixImageUrlsMiddleware.js
+++ /dev/null
@@ -1,48 +0,0 @@
-const legacyUrls = [
-  'https://api-alpha.human-connection.org',
-  'https://staging-api.human-connection.org',
-  'http://localhost:3000',
-]
-
-export const fixUrl = url => {
-  legacyUrls.forEach(legacyUrl => {
-    url = url.replace(legacyUrl, '/api')
-  })
-  return url
-}
-
-const checkUrl = thing => {
-  return (
-    thing &&
-    typeof thing === 'string' &&
-    legacyUrls.find(legacyUrl => {
-      return thing.indexOf(legacyUrl) === 0
-    })
-  )
-}
-
-export const fixImageURLs = (result, recursive) => {
-  if (checkUrl(result)) {
-    result = fixUrl(result)
-  } else if (result && Array.isArray(result)) {
-    result.forEach((res, index) => {
-      result[index] = fixImageURLs(result[index], true)
-    })
-  } else if (result && typeof result === 'object') {
-    Object.keys(result).forEach(key => {
-      result[key] = fixImageURLs(result[key], true)
-    })
-  }
-  return result
-}
-
-export default {
-  Mutation: async (resolve, root, args, context, info) => {
-    const result = await resolve(root, args, context, info)
-    return fixImageURLs(result)
-  },
-  Query: async (resolve, root, args, context, info) => {
-    let result = await resolve(root, args, context, info)
-    return fixImageURLs(result)
-  },
-}
diff --git a/backend/src/middleware/fixImageUrlsMiddleware.spec.js b/backend/src/middleware/fixImageUrlsMiddleware.spec.js
deleted file mode 100644
index b2d808dd9..000000000
--- a/backend/src/middleware/fixImageUrlsMiddleware.spec.js
+++ /dev/null
@@ -1,36 +0,0 @@
-import { fixImageURLs } from './fixImageUrlsMiddleware'
-
-describe('fixImageURLs', () => {
-  describe('image url of legacy alpha', () => {
-    it('removes domain', () => {
-      const url =
-        'https://api-alpha.human-connection.org/uploads/4bfaf9172c4ba03d7645108bbbd16f0a696a37d01eacd025fb131e5da61b15d9.png'
-      expect(fixImageURLs(url)).toEqual(
-        '/api/uploads/4bfaf9172c4ba03d7645108bbbd16f0a696a37d01eacd025fb131e5da61b15d9.png',
-      )
-    })
-  })
-
-  describe('image url of legacy staging', () => {
-    it('removes domain', () => {
-      const url =
-        'https://staging-api.human-connection.org/uploads/1b3c39a24f27e2fb62b69074b2f71363b63b263f0c4574047d279967124c026e.jpeg'
-      expect(fixImageURLs(url)).toEqual(
-        '/api/uploads/1b3c39a24f27e2fb62b69074b2f71363b63b263f0c4574047d279967124c026e.jpeg',
-      )
-    })
-  })
-
-  describe('object', () => {
-    it('returns untouched', () => {
-      const object = { some: 'thing' }
-      expect(fixImageURLs(object)).toEqual(object)
-    })
-  })
-
-  describe('some string', () => {
-    it('returns untouched', () => {})
-    const string = "Yeah I'm a String"
-    expect(fixImageURLs(string)).toEqual(string)
-  })
-})

From 794bb08f141eeed293c9a59821dc506d87eba841 Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Fri, 14 Jun 2019 14:04:15 +0200
Subject: [PATCH 05/89] removed reference for fixImageUrls middleware

---
 backend/src/middleware/index.js | 2 --
 1 file changed, 2 deletions(-)

diff --git a/backend/src/middleware/index.js b/backend/src/middleware/index.js
index 75314abc0..aae2dcef3 100644
--- a/backend/src/middleware/index.js
+++ b/backend/src/middleware/index.js
@@ -3,7 +3,6 @@ import activityPub from './activityPubMiddleware'
 import password from './passwordMiddleware'
 import softDelete from './softDeleteMiddleware'
 import sluggify from './sluggifyMiddleware'
-import fixImageUrls from './fixImageUrlsMiddleware'
 import excerpt from './excerptMiddleware'
 import dateTime from './dateTimeMiddleware'
 import xss from './xssMiddleware'
@@ -25,7 +24,6 @@ export default schema => {
     excerpt: excerpt,
     notifications: notifications,
     xss: xss,
-    fixImageUrls: fixImageUrls,
     softDelete: softDelete,
     user: user,
     includedFields: includedFields,

From d558a4de370a36acbefba5e8c565a958f1780768 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sat, 15 Jun 2019 11:09:09 +0200
Subject: [PATCH 06/89] Add mailserver for development

---
 docker-compose.override.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docker-compose.override.yml b/docker-compose.override.yml
index a71418229..d7ee86bd6 100644
--- a/docker-compose.override.yml
+++ b/docker-compose.override.yml
@@ -1,6 +1,10 @@
 version: "3.4"
 
 services:
+  mailserver:
+    image: djfarrelly/maildev
+    ports:
+      - 1080:80
   webapp:
     build:
       context: webapp

From 64c5245f5a4f70bf9b63fe21f26a534d39e8db30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sat, 15 Jun 2019 11:25:01 +0200
Subject: [PATCH 07/89] Update date-fns manually to get passed this bug:
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

```
 ERROR  Failed to compile with 16 errors

This dependency was not found:

* date-fns/addSeconds in ./plugins/vue-filters.js

To install it, you can run: npm install --save date-fns/addSeconds

These relative modules were not found:

* ../../../../_lib/isSameUTCWeek/index.js in ./node_modules/date-fns/esm/locale/be/_lib/formatRelative/index.js, ./node_modules/date-fns/esm/locale/lv/_lib/formatRelative/index.js and 4 others
* ../_lib/format/formatters/index.js in ./node_modules/date-fns/format/index.js
* ../_lib/format/longFormatters/index.js in ./node_modules/date-fns/format/index.js
* ../_lib/getTimezoneOffsetInMilliseconds/index.js in ./node_modules/date-fns/format/index.js, ./node_modules/date-fns/formatRelative/index.js
* ../_lib/protectedTokens/index.js in ./node_modules/date-fns/format/index.js
* ../_lib/toInteger/index.js in ./node_modules/date-fns/format/index.js, ./node_modules/date-fns/subMilliseconds/index.js
* ../addMilliseconds/index.js in ./node_modules/date-fns/subMilliseconds/index.js
* ../differenceInCalendarDays/index.js in ./node_modules/date-fns/formatRelative/index.js
ℹ Waiting for file changes
```
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index 1abaf479b..5e42d0332 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -59,7 +59,7 @@
     "apollo-client": "~2.6.2",
     "cookie-universal-nuxt": "~2.0.16",
     "cross-env": "~5.2.0",
-    "date-fns": "2.0.0-alpha.33",
+    "date-fns": "2.0.0-alpha.34",
     "express": "~4.17.1",
     "graphql": "~14.3.1",
     "jsonwebtoken": "~8.5.1",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index e5c1daf8a..de0d07924 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -3754,10 +3754,10 @@ data-urls@^1.0.0:
     whatwg-mimetype "^2.2.0"
     whatwg-url "^7.0.0"
 
-date-fns@2.0.0-alpha.33:
-  version "2.0.0-alpha.33"
-  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.33.tgz#c2f73c3cc50ac301c9217eb93603c9bc40e891bf"
-  integrity sha512-tqUVEk3oxnJuNIvwAMKHAMo4uFRG0zXvjxZQll+BonoPt+m4NMcUgO14NDxbHuy7uYcrVErd2GdSsw02EDZQ7w==
+date-fns@2.0.0-alpha.34:
+  version "2.0.0-alpha.34"
+  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.34.tgz#5d3ae7ca0d08915ccfc87a20545250af4e9c3cae"
+  integrity sha512-yjSYUHASHvzOZl++cEms+Tw7oQOFA+7Z6/lL7L3lRO9j6pMfT48N6oEyvCGo/MVlH08XWmydgf8X9Y1eedf9sQ==
 
 date-now@^0.1.4:
   version "0.1.4"

From f9d25828d520fd838e4cefa367de948908641f33 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sat, 15 Jun 2019 11:47:24 +0200
Subject: [PATCH 08/89] Add reset password page

---
 webapp/locales/de.json          |  4 ++++
 webapp/locales/en.json          |  4 ++++
 webapp/nuxt.config.js           | 11 ++++++++++-
 webapp/pages/login.vue          |  5 +++++
 webapp/pages/password-reset.vue | 19 +++++++++++++++++++
 5 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 webapp/pages/password-reset.vue

diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index efe05a472..d783f9e37 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -8,11 +8,15 @@
     "logout": "Ausloggen",
     "email": "Deine E-Mail",
     "password": "Dein Passwort",
+    "forgotPassword": "Passwort vergessen?",
     "moreInfo": "Was ist Human Connection?",
     "moreInfoURL": "https://human-connection.org",
     "moreInfoHint": "zur Präsentationsseite",
     "hello": "Hallo"
   },
+  "password-reset": {
+    "title": "Passwort zurücksetzen"
+  },
   "editor": {
     "placeholder": "Schreib etwas Inspirierendes..."
   },
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 4fdcadedb..3a5405eec 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -8,11 +8,15 @@
     "logout": "Logout",
     "email": "Your Email",
     "password": "Your Password",
+    "forgotPassword": "Forgot Password?",
     "moreInfo": "What is Human Connection?",
     "moreInfoURL": "https://human-connection.org/en/",
     "moreInfoHint": "to the presentation page",
     "hello": "Hello"
   },
+  "password-reset": {
+    "title": "Reset your password"
+  },
   "editor": {
     "placeholder": "Leave your inspirational thoughts..."
   },
diff --git a/webapp/nuxt.config.js b/webapp/nuxt.config.js
index 49f2f5d0a..8af3dbb16 100644
--- a/webapp/nuxt.config.js
+++ b/webapp/nuxt.config.js
@@ -25,7 +25,16 @@ module.exports = {
 
   env: {
     // pages which do NOT require a login
-    publicPages: ['login', 'logout', 'register', 'signup', 'reset', 'reset-token', 'pages-slug'],
+    publicPages: [
+      'login',
+      'logout',
+      'password-reset',
+      'register',
+      'signup',
+      'reset',
+      'reset-token',
+      'pages-slug',
+    ],
     // pages to keep alive
     keepAlivePages: ['index'],
     // active locales
diff --git a/webapp/pages/login.vue b/webapp/pages/login.vue
index a96fbdbf1..94c974b29 100644
--- a/webapp/pages/login.vue
+++ b/webapp/pages/login.vue
@@ -45,6 +45,11 @@
                 name="password"
                 type="password"
               />
+              <ds-space class="password-reset-link" margin-bottom="large">
+                <nuxt-link to="/password-reset">
+                  {{ $t('login.forgotPassword') }}
+                </nuxt-link>
+              </ds-space>
               <ds-button
                 :loading="pending"
                 primary
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
new file mode 100644
index 000000000..0205ea4f4
--- /dev/null
+++ b/webapp/pages/password-reset.vue
@@ -0,0 +1,19 @@
+<template>
+  <ds-container width="small">
+    <ds-flex>
+      <ds-flex-item :width="{ base: '100%' }" centered>
+        <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
+          <ds-heading tag="h3">
+            {{ $t('password-reset.title') }}
+          </ds-heading>
+        </ds-space>
+      </ds-flex-item>
+    </ds-flex>
+  </ds-container>
+</template>
+
+<script>
+export default {
+  layout: 'default',
+}
+</script>

From e44ed7d281d5077786a56590dae11306681a9810 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sat, 15 Jun 2019 15:42:17 +0200
Subject: [PATCH 09/89] Start writing a resolver for requestPasswordReset

---
 .../src/middleware/permissionsMiddleware.js   |  1 +
 backend/src/schema/resolvers/passwordReset.js | 10 ++++
 .../schema/resolvers/passwordReset.spec.js    | 46 +++++++++++++++++++
 .../src/schema/resolvers/user_management.js   |  2 +-
 backend/src/schema/types/schema.gql           |  2 +
 5 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 backend/src/schema/resolvers/passwordReset.js
 create mode 100644 backend/src/schema/resolvers/passwordReset.spec.js

diff --git a/backend/src/middleware/permissionsMiddleware.js b/backend/src/middleware/permissionsMiddleware.js
index 10b777748..ad2787579 100644
--- a/backend/src/middleware/permissionsMiddleware.js
+++ b/backend/src/middleware/permissionsMiddleware.js
@@ -147,6 +147,7 @@ const permissions = shield(
       CreateComment: isAuthenticated,
       DeleteComment: isAuthor,
       DeleteUser: isDeletingOwnAccount,
+      requestPasswordReset: allow,
     },
     User: {
       email: isMyOwn,
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
new file mode 100644
index 000000000..83a1080d0
--- /dev/null
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -0,0 +1,10 @@
+export default {
+  Mutation: {
+    requestPasswordReset: async (_, { email }, { driver }) => {
+      throw Error('Not Implemented')
+    },
+    resetPassword: async (_, { email, token, newPassword }, { driver }) => {
+      throw Error('Not Implemented')
+    }
+  }
+}
diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
new file mode 100644
index 000000000..d07ca4b09
--- /dev/null
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -0,0 +1,46 @@
+import { GraphQLClient } from 'graphql-request'
+import Factory from '../../seed/factories'
+import { host, login } from '../../jest/helpers'
+import { getDriver } from '../../bootstrap/neo4j'
+
+const factory = Factory()
+let client
+const driver = getDriver()
+
+const getAllPasswordResets = async () => {
+  const session = driver.session()
+  let transactionRes = await session.run('MATCH (r:PasswordReset) RETURN r')
+  const resets = transactionRes.records.map(record => record.get('r'))
+  session.close()
+  return resets
+}
+
+describe('passwordReset', () => {
+  beforeEach(async () => {
+    client = new GraphQLClient(host)
+    await factory.create('User', {
+      email: 'user@example.org',
+      role: 'user',
+      password: '1234',
+    })
+  })
+
+  afterEach(async () => {
+    await factory.cleanDatabase()
+  })
+
+  describe('requestPasswordReset', () => {
+    const variables = { email: 'user@example.org' }
+    const mutation = `mutation($email: String!) { requestPasswordReset(email: $email) }`
+
+    it('resolves', async () => {
+      await expect(client.request(mutation, variables)).resolves.toEqual(true)
+    })
+
+    it('creates node with label `PasswordReset`', async () => {
+      await client.request(mutation, variables)
+      const resets = await getAllPasswordResets()
+      expect(resets).toHaveLength(1)
+    })
+  })
+})
diff --git a/backend/src/schema/resolvers/user_management.js b/backend/src/schema/resolvers/user_management.js
index eb07a07b3..e33314f7e 100644
--- a/backend/src/schema/resolvers/user_management.js
+++ b/backend/src/schema/resolvers/user_management.js
@@ -59,7 +59,7 @@ export default {
     changePassword: async (_, { oldPassword, newPassword }, { driver, user }) => {
       const session = driver.session()
       let result = await session.run(
-        `MATCH (user:User {email: $userEmail}) 
+        `MATCH (user:User {email: $userEmail})
          RETURN user {.id, .email, .password}`,
         {
           userEmail: user.email,
diff --git a/backend/src/schema/types/schema.gql b/backend/src/schema/types/schema.gql
index 2a8be9e09..358797631 100644
--- a/backend/src/schema/types/schema.gql
+++ b/backend/src/schema/types/schema.gql
@@ -25,6 +25,8 @@ type Mutation {
   login(email: String!, password: String!): String!
   signup(email: String!, password: String!): Boolean!
   changePassword(oldPassword: String!, newPassword: String!): String!
+  requestPasswordReset(email: String!): Boolean!
+  resetPassword(email: String!, resetToken: String!, newPassword: String!): String!
   report(id: ID!, description: String): Report
   disable(id: ID!): ID
   enable(id: ID!): ID

From c7ee0c8121c09a0ee2f25786a325266b968c6e7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sat, 15 Jun 2019 16:22:28 +0200
Subject: [PATCH 10/89] Implement tests for requestPasswordReset

---
 backend/src/schema/resolvers/passwordReset.js | 13 ++++++++++++-
 .../schema/resolvers/passwordReset.spec.js    | 19 ++++++++++++++++++-
 2 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index 83a1080d0..f3e1d32d2 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -1,7 +1,18 @@
 export default {
   Mutation: {
     requestPasswordReset: async (_, { email }, { driver }) => {
-      throw Error('Not Implemented')
+      const session = driver.session()
+      let validUntil = new Date()
+      validUntil += 3*60*1000
+      const cypher = `
+      MATCH(u:User) WHERE u.email = $email
+      CREATE(pr:PasswordReset {id: apoc.create.uuid(), validUntil: $validUntil, redeemedAt: NULL})
+      MERGE (u)-[:REQUESTED]->(pr)
+      RETURN u,pr
+      `
+      await session.run(cypher, { email, validUntil })
+      session.close()
+      return true
     },
     resetPassword: async (_, { email, token, newPassword }, { driver }) => {
       throw Error('Not Implemented')
diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
index d07ca4b09..3b0d39864 100644
--- a/backend/src/schema/resolvers/passwordReset.spec.js
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -34,7 +34,7 @@ describe('passwordReset', () => {
     const mutation = `mutation($email: String!) { requestPasswordReset(email: $email) }`
 
     it('resolves', async () => {
-      await expect(client.request(mutation, variables)).resolves.toEqual(true)
+      await expect(client.request(mutation, variables)).resolves.toEqual({"requestPasswordReset": true})
     })
 
     it('creates node with label `PasswordReset`', async () => {
@@ -42,5 +42,22 @@ describe('passwordReset', () => {
       const resets = await getAllPasswordResets()
       expect(resets).toHaveLength(1)
     })
+
+    it('creates an id used as a reset token', async () => {
+      await client.request(mutation, variables)
+      const [reset] = await getAllPasswordResets()
+      const { id: token } = reset.properties
+      expect(token).toMatch(/^........-....-....-....-............$/)
+    })
+
+    it('created PasswordReset is valid for less than 4 minutes', async () => {
+      await client.request(mutation, variables)
+      const [reset] = await getAllPasswordResets()
+      let { validUntil } = reset.properties
+      validUntil = Date.parse(validUntil)
+      const now = (new Date()).getTime()
+      expect(validUntil).toBeGreaterThan(now - 60*1000)
+      expect(validUntil).toBeLessThan(now + 4*60*1000)
+    })
   })
 })

From e583486143f208690abb3084e44cce76c8630b27 Mon Sep 17 00:00:00 2001
From: Matt Rider <mattwr18@gmail.com>
Date: Sat, 15 Jun 2019 15:23:51 -0300
Subject: [PATCH 11/89] Set up editor placeholder to use Vuex
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- to make reactive
- safer than using global event buses ($root.$emit)

Co-authored-by: Wolfgang Huß <wolle.huss@pjannto.com>
Co-authored-by: Mike Aono <aonomike@gmail.com>
---
 webapp/components/Editor/index.vue | 26 +++++++++++++-------------
 webapp/components/Editor/spec.js   | 20 ++++++++++++++++++++
 webapp/components/LocaleSwitch.vue |  4 +++-
 webapp/store/editor.js             | 17 +++++++++++++++++
 webapp/store/editor.spec.js        | 20 ++++++++++++++++++++
 5 files changed, 73 insertions(+), 14 deletions(-)
 create mode 100644 webapp/store/editor.js
 create mode 100644 webapp/store/editor.spec.js

diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index 0690b15bd..84649f436 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -12,9 +12,7 @@
           @{{ user.slug }}
         </div>
       </template>
-      <div v-else class="suggestion-list__item is-empty">
-        No users found
-      </div>
+      <div v-else class="suggestion-list__item is-empty">No users found</div>
     </div>
 
     <editor-menu-bubble :editor="editor">
@@ -175,6 +173,7 @@ import {
   History,
 } from 'tiptap-extensions'
 import Mention from './nodes/Mention.js'
+import { mapGetters } from 'vuex'
 
 let throttleInputEvent
 
@@ -212,7 +211,7 @@ export default {
           new ListItem(),
           new Placeholder({
             emptyNodeClass: 'is-empty',
-            emptyNodeText: this.$t('editor.placeholder'),
+            emptyNodeText: this.placeholder || this.$t('editor.placeholder'),
           }),
           new History(),
           new Mention({
@@ -297,6 +296,7 @@ export default {
     }
   },
   computed: {
+    ...mapGetters({ placeholder: 'editor/placeholder' }),
     hasResults() {
       return this.filteredUsers.length
     },
@@ -316,20 +316,20 @@ export default {
         this.editor.setContent(content)
       },
     },
-  },
-  mounted() {
-    this.$root.$on('changeLanguage', () => {
-      this.changePlaceHolderText()
-    })
+    placeholder: {
+      immediate: true,
+      handler: function(val) {
+        if (!val) {
+          return
+        }
+        this.editor.extensions.options.placeholder.emptyNodeText = val
+      },
+    },
   },
   beforeDestroy() {
-    this.$root.$off('changeLanguage')
     this.editor.destroy()
   },
   methods: {
-    changePlaceHolderText() {
-      this.editor.extensions.options.placeholder.emptyNodeText = this.$t('editor.placeholder')
-    },
     // navigate to the previous item
     // if it's the first item, navigate to the last one
     upHandler() {
diff --git a/webapp/components/Editor/spec.js b/webapp/components/Editor/spec.js
index 249192b57..b982d941d 100644
--- a/webapp/components/Editor/spec.js
+++ b/webapp/components/Editor/spec.js
@@ -1,31 +1,43 @@
 import { mount, createLocalVue } from '@vue/test-utils'
 import Editor from './'
+import Vuex from 'vuex'
 
 import Styleguide from '@human-connection/styleguide'
 
 const localVue = createLocalVue()
+localVue.use(Vuex)
 localVue.use(Styleguide)
 
 describe('Editor.vue', () => {
   let wrapper
   let propsData
   let mocks
+  let getters
 
   beforeEach(() => {
     propsData = {}
     mocks = {
       $t: () => {},
     }
+    getters = {
+      'editor/placeholder': () => {
+        return 'some cool placeholder'
+      },
+    }
   })
 
   describe('mount', () => {
     let Wrapper = () => {
+      const store = new Vuex.Store({
+        getters,
+      })
       return (wrapper = mount(Editor, {
         mocks,
         propsData,
         localVue,
         sync: false,
         stubs: { transition: false },
+        store,
       }))
     }
 
@@ -43,5 +55,13 @@ describe('Editor.vue', () => {
         expect(wrapper.find('.ProseMirror').text()).toContain('I am a piece of text')
       })
     })
+
+    describe('uses the placeholder', () => {
+      it('from the store', () => {
+        expect(wrapper.vm.editor.extensions.options.placeholder.emptyNodeText).toEqual(
+          'some cool placeholder',
+        )
+      })
+    })
   })
 })
diff --git a/webapp/components/LocaleSwitch.vue b/webapp/components/LocaleSwitch.vue
index f6f1a9727..aeee580b5 100644
--- a/webapp/components/LocaleSwitch.vue
+++ b/webapp/components/LocaleSwitch.vue
@@ -36,6 +36,7 @@
 import Dropdown from '~/components/Dropdown'
 import find from 'lodash/find'
 import orderBy from 'lodash/orderBy'
+import { mapMutations } from 'vuex'
 
 export default {
   components: {
@@ -65,10 +66,11 @@ export default {
     },
   },
   methods: {
+    ...mapMutations({ setPlaceholderText: 'editor/SET_PLACEHOLDER_TEXT' }),
     changeLanguage(locale, toggleMenu) {
       this.$i18n.set(locale)
       toggleMenu()
-      this.$root.$emit('changeLanguage')
+      this.setPlaceholderText(this.$t('editor.placeholder'))
     },
     matcher(locale) {
       return locale === this.$i18n.locale()
diff --git a/webapp/store/editor.js b/webapp/store/editor.js
new file mode 100644
index 000000000..9c5f665a0
--- /dev/null
+++ b/webapp/store/editor.js
@@ -0,0 +1,17 @@
+export const state = () => {
+  return {
+    placeholder: null,
+  }
+}
+
+export const getters = {
+  placeholder(state) {
+    return state.placeholder
+  },
+}
+
+export const mutations = {
+  SET_PLACEHOLDER_TEXT(state, text) {
+    state.placeholder = text
+  },
+}
diff --git a/webapp/store/editor.spec.js b/webapp/store/editor.spec.js
new file mode 100644
index 000000000..90477ea20
--- /dev/null
+++ b/webapp/store/editor.spec.js
@@ -0,0 +1,20 @@
+import { getters, mutations } from './editor.js'
+
+let state
+
+describe('getters', () => {
+  describe('placeholder', () => {
+    it('return the value in state', () => {
+      state = { placeholder: null }
+      expect(getters.placeholder(state)).toBe(null)
+    })
+  })
+})
+
+describe('mutations', () => {
+  it('SET_PLACEHOLDER_TEXT', () => {
+    state = { placeholder: null }
+    mutations.SET_PLACEHOLDER_TEXT(state, 'new placeholder')
+    expect(getters.placeholder(state)).toBe('new placeholder')
+  })
+})

From 4adc450f439c06c645ea7bc46f16b8cccfffe953 Mon Sep 17 00:00:00 2001
From: Matt Rider <mattwr18@gmail.com>
Date: Sat, 15 Jun 2019 15:53:30 -0300
Subject: [PATCH 12/89] Fix failing test

- add Vuex, with editor/placeholder getter
---
 .../ContributionForm/ContributionForm.spec.js        | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/webapp/components/ContributionForm/ContributionForm.spec.js b/webapp/components/ContributionForm/ContributionForm.spec.js
index f7f306fc3..8b741443f 100644
--- a/webapp/components/ContributionForm/ContributionForm.spec.js
+++ b/webapp/components/ContributionForm/ContributionForm.spec.js
@@ -1,9 +1,11 @@
 import { config, mount, createLocalVue } from '@vue/test-utils'
 import ContributionForm from './index.vue'
 import Styleguide from '@human-connection/styleguide'
+import Vuex from 'vuex'
 
 const localVue = createLocalVue()
 
+localVue.use(Vuex)
 localVue.use(Styleguide)
 
 config.stubs['no-ssr'] = '<span><slot /></span>'
@@ -53,8 +55,16 @@ describe('ContributionForm.vue', () => {
   })
 
   describe('mount', () => {
+    const getters = {
+      'editor/placeholder': () => {
+        return 'some cool placeholder'
+      },
+    }
+    const store = new Vuex.Store({
+      getters,
+    })
     const Wrapper = () => {
-      return mount(ContributionForm, { mocks, localVue, computed })
+      return mount(ContributionForm, { mocks, localVue, computed, store })
     }
 
     beforeEach(() => {

From 01eb25eca67311526e9377a83cf3f4198a787d7b Mon Sep 17 00:00:00 2001
From: Matt Rider <mattwr18@gmail.com>
Date: Sat, 15 Jun 2019 16:15:49 -0300
Subject: [PATCH 13/89] Update CommentForm with vuex

---
 webapp/components/comments/CommentForm/spec.js | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/webapp/components/comments/CommentForm/spec.js b/webapp/components/comments/CommentForm/spec.js
index ded57348c..16a4d454d 100644
--- a/webapp/components/comments/CommentForm/spec.js
+++ b/webapp/components/comments/CommentForm/spec.js
@@ -1,9 +1,10 @@
 import { mount, createLocalVue, createWrapper } from '@vue/test-utils'
 import CommentForm from './index.vue'
 import Styleguide from '@human-connection/styleguide'
+import Vuex from 'vuex'
 
 const localVue = createLocalVue()
-
+localVue.use(Vuex)
 localVue.use(Styleguide)
 
 describe('CommentForm.vue', () => {
@@ -35,8 +36,16 @@ describe('CommentForm.vue', () => {
   })
 
   describe('mount', () => {
+    const getters = {
+      'editor/placeholder': () => {
+        return 'some cool placeholder'
+      },
+    }
+    const store = new Vuex.Store({
+      getters,
+    })
     const Wrapper = () => {
-      return mount(CommentForm, { mocks, localVue, propsData })
+      return mount(CommentForm, { mocks, localVue, propsData, store })
     }
 
     beforeEach(() => {

From 145a8d8bf65efa55fd53e5a70d711ed5241aa11f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sat, 15 Jun 2019 23:01:22 +0200
Subject: [PATCH 14/89] Check invalid email

Sending a mail with further instructions even if the email is invalid
seems to be a good practice: A potential attacker will not now if a user
has an account under that email address. If a user does not remember the
email address, but has control over the other mail account, she will get
feedback that this mail account is incorrect.
---
 .../schema/resolvers/passwordReset.spec.js    | 61 ++++++++++++-------
 1 file changed, 39 insertions(+), 22 deletions(-)

diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
index 3b0d39864..4bd29c9c6 100644
--- a/backend/src/schema/resolvers/passwordReset.spec.js
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -30,34 +30,51 @@ describe('passwordReset', () => {
   })
 
   describe('requestPasswordReset', () => {
-    const variables = { email: 'user@example.org' }
     const mutation = `mutation($email: String!) { requestPasswordReset(email: $email) }`
 
-    it('resolves', async () => {
-      await expect(client.request(mutation, variables)).resolves.toEqual({"requestPasswordReset": true})
+    describe('with invalid email', () => {
+      const variables = { email: 'non-existent@example.org' }
+
+      it('resolves anyways', async () => {
+        await expect(client.request(mutation, variables)).resolves.toEqual({"requestPasswordReset": true})
+      })
+
+      it('creates no node', async () => {
+        await client.request(mutation, variables)
+        const resets = await getAllPasswordResets()
+        expect(resets).toHaveLength(0)
+      })
     })
 
-    it('creates node with label `PasswordReset`', async () => {
-      await client.request(mutation, variables)
-      const resets = await getAllPasswordResets()
-      expect(resets).toHaveLength(1)
-    })
+    describe('with a valid email', () => {
+      const variables = { email: 'user@example.org' }
 
-    it('creates an id used as a reset token', async () => {
-      await client.request(mutation, variables)
-      const [reset] = await getAllPasswordResets()
-      const { id: token } = reset.properties
-      expect(token).toMatch(/^........-....-....-....-............$/)
-    })
+      it('resolves', async () => {
+        await expect(client.request(mutation, variables)).resolves.toEqual({"requestPasswordReset": true})
+      })
 
-    it('created PasswordReset is valid for less than 4 minutes', async () => {
-      await client.request(mutation, variables)
-      const [reset] = await getAllPasswordResets()
-      let { validUntil } = reset.properties
-      validUntil = Date.parse(validUntil)
-      const now = (new Date()).getTime()
-      expect(validUntil).toBeGreaterThan(now - 60*1000)
-      expect(validUntil).toBeLessThan(now + 4*60*1000)
+      it('creates node with label `PasswordReset`', async () => {
+        await client.request(mutation, variables)
+        const resets = await getAllPasswordResets()
+        expect(resets).toHaveLength(1)
+      })
+
+      it('creates an id used as a reset token', async () => {
+        await client.request(mutation, variables)
+        const [reset] = await getAllPasswordResets()
+        const { id: token } = reset.properties
+        expect(token).toMatch(/^........-....-....-....-............$/)
+      })
+
+      it('created PasswordReset is valid for less than 4 minutes', async () => {
+        await client.request(mutation, variables)
+        const [reset] = await getAllPasswordResets()
+        let { validUntil } = reset.properties
+        validUntil = Date.parse(validUntil)
+        const now = (new Date()).getTime()
+        expect(validUntil).toBeGreaterThan(now - 60*1000)
+        expect(validUntil).toBeLessThan(now + 4*60*1000)
+      })
     })
   })
 })

From c9ea956f858c631e0735cc93ab28f571ed55bedb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Sun, 16 Jun 2019 00:08:36 +0200
Subject: [PATCH 15/89] Test+Implement resetPassword

---
 .../src/middleware/permissionsMiddleware.js   |   1 +
 backend/src/schema/resolvers/passwordReset.js |  53 +++++--
 .../schema/resolvers/passwordReset.spec.js    | 143 ++++++++++++++++--
 backend/src/schema/types/schema.gql           |   2 +-
 4 files changed, 174 insertions(+), 25 deletions(-)

diff --git a/backend/src/middleware/permissionsMiddleware.js b/backend/src/middleware/permissionsMiddleware.js
index ad2787579..dbcde849c 100644
--- a/backend/src/middleware/permissionsMiddleware.js
+++ b/backend/src/middleware/permissionsMiddleware.js
@@ -148,6 +148,7 @@ const permissions = shield(
       DeleteComment: isAuthor,
       DeleteUser: isDeletingOwnAccount,
       requestPasswordReset: allow,
+      resetPassword: allow,
     },
     User: {
       email: isMyOwn,
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index f3e1d32d2..d6d2a6e6c 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -1,21 +1,46 @@
-export default {
-  Mutation: {
-    requestPasswordReset: async (_, { email }, { driver }) => {
-      const session = driver.session()
-      let validUntil = new Date()
-      validUntil += 3*60*1000
-      const cypher = `
-      MATCH(u:User) WHERE u.email = $email
-      CREATE(pr:PasswordReset {id: apoc.create.uuid(), validUntil: $validUntil, redeemedAt: NULL})
+import uuid from 'uuid/v4'
+import bcrypt from 'bcryptjs'
+
+export async function createPasswordReset({ driver, token, email, validUntil }) {
+  const session = driver.session()
+  const cypher = `
+      MATCH (u:User) WHERE u.email = $email
+      CREATE(pr:PasswordReset {token: $token, validUntil: $validUntil, redeemedAt: NULL})
       MERGE (u)-[:REQUESTED]->(pr)
       RETURN u,pr
       `
-      await session.run(cypher, { email, validUntil })
-      session.close()
+  const transactionRes = await session.run(cypher, { token, email, validUntil })
+  const resets = transactionRes.records.map(record => record.get('pr'))
+  session.close()
+  return resets
+}
+
+export default {
+  Mutation: {
+    requestPasswordReset: async (_, { email }, { driver }) => {
+      let validUntil = new Date()
+      validUntil += 3 * 60 * 1000
+      const token = uuid()
+      await createPasswordReset({ driver, token, email, validUntil })
       return true
     },
     resetPassword: async (_, { email, token, newPassword }, { driver }) => {
-      throw Error('Not Implemented')
-    }
-  }
+      const session = driver.session()
+      const now = new Date().getTime()
+      const newHashedPassword = await bcrypt.hashSync(newPassword, 10)
+      const cypher = `
+      MATCH (r:PasswordReset {token: $token})
+      MATCH (u:User {email: $email})-[:REQUESTED]->(r)
+      WHERE r.validUntil > $now AND r.redeemedAt IS NULL
+      SET r.redeemedAt = $now
+      SET u.password = $newHashedPassword
+      RETURN r
+      `
+      let transactionRes = await session.run(cypher, { now, email, token, newHashedPassword })
+      const [reset] = transactionRes.records.map(record => record.get('r'))
+      const result = !!(reset && reset.properties.redeemedAt)
+      session.close()
+      return result
+    },
+  },
 }
diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
index 4bd29c9c6..89b724fca 100644
--- a/backend/src/schema/resolvers/passwordReset.spec.js
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -1,7 +1,8 @@
 import { GraphQLClient } from 'graphql-request'
 import Factory from '../../seed/factories'
-import { host, login } from '../../jest/helpers'
+import { host } from '../../jest/helpers'
 import { getDriver } from '../../bootstrap/neo4j'
+import { createPasswordReset } from './passwordReset'
 
 const factory = Factory()
 let client
@@ -36,7 +37,9 @@ describe('passwordReset', () => {
       const variables = { email: 'non-existent@example.org' }
 
       it('resolves anyways', async () => {
-        await expect(client.request(mutation, variables)).resolves.toEqual({"requestPasswordReset": true})
+        await expect(client.request(mutation, variables)).resolves.toEqual({
+          requestPasswordReset: true,
+        })
       })
 
       it('creates no node', async () => {
@@ -50,7 +53,9 @@ describe('passwordReset', () => {
       const variables = { email: 'user@example.org' }
 
       it('resolves', async () => {
-        await expect(client.request(mutation, variables)).resolves.toEqual({"requestPasswordReset": true})
+        await expect(client.request(mutation, variables)).resolves.toEqual({
+          requestPasswordReset: true,
+        })
       })
 
       it('creates node with label `PasswordReset`', async () => {
@@ -59,21 +64,139 @@ describe('passwordReset', () => {
         expect(resets).toHaveLength(1)
       })
 
-      it('creates an id used as a reset token', async () => {
+      it('creates a reset token', async () => {
         await client.request(mutation, variables)
-        const [reset] = await getAllPasswordResets()
-        const { id: token } = reset.properties
+        const resets = await getAllPasswordResets()
+        const [reset] = resets
+        const { token } = reset.properties
         expect(token).toMatch(/^........-....-....-....-............$/)
       })
 
       it('created PasswordReset is valid for less than 4 minutes', async () => {
         await client.request(mutation, variables)
-        const [reset] = await getAllPasswordResets()
+        const resets = await getAllPasswordResets()
+        const [reset] = resets
         let { validUntil } = reset.properties
         validUntil = Date.parse(validUntil)
-        const now = (new Date()).getTime()
-        expect(validUntil).toBeGreaterThan(now - 60*1000)
-        expect(validUntil).toBeLessThan(now + 4*60*1000)
+        const now = new Date().getTime()
+        expect(validUntil).toBeGreaterThan(now - 60 * 1000)
+        expect(validUntil).toBeLessThan(now + 4 * 60 * 1000)
+      })
+    })
+  })
+
+  describe('resetPassword', () => {
+    const setup = async (options = {}) => {
+      const {
+        email = 'user@example.org',
+        validUntil = new Date().getTime() + 3 * 60 * 1000,
+        token = 'abcdefgh-ijkl-mnop-qrst-uvwxyz123456',
+      } = options
+
+      const session = driver.session()
+      await createPasswordReset({ driver, email, validUntil, token })
+      session.close()
+    }
+
+    const mutation = `mutation($token: String!, $email: String!, $newPassword: String!) { resetPassword(token: $token, email: $email, newPassword: $newPassword) }`
+    let email = 'user@example.org'
+    let token = 'abcdefgh-ijkl-mnop-qrst-uvwxyz123456'
+    let newPassword = 'supersecret'
+    let variables
+
+    describe('invalid email', () => {
+      it('resolves to false', async () => {
+        await setup()
+        variables = { newPassword, email: 'non-existent@example.org', token }
+        await expect(client.request(mutation, variables)).resolves.toEqual({ resetPassword: false })
+      })
+    })
+
+    describe('valid email', () => {
+      describe('but invalid token', () => {
+        it('resolves to false', async () => {
+          await setup()
+          variables = { newPassword, email, token: 'slkdjfldsjflsdjfsjdfl' }
+          await expect(client.request(mutation, variables)).resolves.toEqual({
+            resetPassword: false,
+          })
+        })
+      })
+
+      describe('but invalid token', () => {
+        it('resolves to false', async () => {
+          variables = { newPassword, email: 'user@example.org', token: 'lksjdflksjdflksjdlkfjsf' }
+          await expect(client.request(mutation, variables)).resolves.toEqual({
+            resetPassword: false,
+          })
+        })
+      })
+
+      describe('and valid token', () => {
+        beforeEach(() => {
+          variables = {
+            newPassword,
+            email: 'user@example.org',
+            token: 'abcdefgh-ijkl-mnop-qrst-uvwxyz123456',
+          }
+        })
+
+        describe('and token not expired', () => {
+          beforeEach(async () => {
+            await setup()
+          })
+
+          it('resolves to true', async () => {
+            await expect(client.request(mutation, variables)).resolves.toEqual({
+              resetPassword: true,
+            })
+          })
+
+          it('updates PasswordReset `redeemedAt` property', async () => {
+            await client.request(mutation, variables)
+            const requests = await getAllPasswordResets()
+            const [request] = requests
+            const { redeemedAt } = request.properties
+            expect(redeemedAt).not.toBeNull()
+          })
+
+          it('updates password of the user', async () => {
+            await client.request(mutation, variables)
+            const checkLoginMutation = `
+            mutation($email: String!, $password: String!) {
+              login(email: $email, password: $password)
+            }
+            `
+            const expected = expect.objectContaining({ login: expect.any(String) })
+            await expect(
+              client.request(checkLoginMutation, {
+                email: 'user@example.org',
+                password: 'supersecret',
+              }),
+            ).resolves.toEqual(expected)
+          })
+        })
+
+        describe('but expired token', () => {
+          beforeEach(async () => {
+            const validUntil = new Date().getTime() - 1000
+            await setup({ validUntil })
+          })
+
+          it('resolves to false', async () => {
+            await expect(client.request(mutation, variables)).resolves.toEqual({
+              resetPassword: false,
+            })
+          })
+
+          it('does not update PasswordReset `redeemedAt` property', async () => {
+            await client.request(mutation, variables)
+            const requests = await getAllPasswordResets()
+            const [request] = requests
+            const { redeemedAt } = request.properties
+            expect(redeemedAt).toBeUndefined()
+          })
+        })
       })
     })
   })
diff --git a/backend/src/schema/types/schema.gql b/backend/src/schema/types/schema.gql
index 358797631..ae77ef8e8 100644
--- a/backend/src/schema/types/schema.gql
+++ b/backend/src/schema/types/schema.gql
@@ -26,7 +26,7 @@ type Mutation {
   signup(email: String!, password: String!): Boolean!
   changePassword(oldPassword: String!, newPassword: String!): String!
   requestPasswordReset(email: String!): Boolean!
-  resetPassword(email: String!, resetToken: String!, newPassword: String!): String!
+  resetPassword(email: String!, token: String!, newPassword: String!): Boolean!
   report(id: ID!, description: String): Report
   disable(id: ID!): ID
   enable(id: ID!): ID

From 31dde68ff23c3d36417b0161dff88c9495f5c73a Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 04:56:26 +0000
Subject: [PATCH 16/89] Bump date-fns from 2.0.0-alpha.33 to 2.0.0-alpha.34 in
 /webapp

Bumps [date-fns](https://github.com/date-fns/date-fns) from 2.0.0-alpha.33 to 2.0.0-alpha.34.
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Changelog](https://github.com/date-fns/date-fns/blob/master/CHANGELOG.md)
- [Commits](https://github.com/date-fns/date-fns/compare/v2.0.0-alpha.33...v2.0.0-alpha.34)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index 1abaf479b..5e42d0332 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -59,7 +59,7 @@
     "apollo-client": "~2.6.2",
     "cookie-universal-nuxt": "~2.0.16",
     "cross-env": "~5.2.0",
-    "date-fns": "2.0.0-alpha.33",
+    "date-fns": "2.0.0-alpha.34",
     "express": "~4.17.1",
     "graphql": "~14.3.1",
     "jsonwebtoken": "~8.5.1",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index e5c1daf8a..de0d07924 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -3754,10 +3754,10 @@ data-urls@^1.0.0:
     whatwg-mimetype "^2.2.0"
     whatwg-url "^7.0.0"
 
-date-fns@2.0.0-alpha.33:
-  version "2.0.0-alpha.33"
-  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.33.tgz#c2f73c3cc50ac301c9217eb93603c9bc40e891bf"
-  integrity sha512-tqUVEk3oxnJuNIvwAMKHAMo4uFRG0zXvjxZQll+BonoPt+m4NMcUgO14NDxbHuy7uYcrVErd2GdSsw02EDZQ7w==
+date-fns@2.0.0-alpha.34:
+  version "2.0.0-alpha.34"
+  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.34.tgz#5d3ae7ca0d08915ccfc87a20545250af4e9c3cae"
+  integrity sha512-yjSYUHASHvzOZl++cEms+Tw7oQOFA+7Z6/lL7L3lRO9j6pMfT48N6oEyvCGo/MVlH08XWmydgf8X9Y1eedf9sQ==
 
 date-now@^0.1.4:
   version "0.1.4"

From 1cdaef179eeaea8a24fca216bb64a64feedc7630 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 04:56:53 +0000
Subject: [PATCH 17/89] Bump eslint-config-prettier from 4.3.0 to 5.0.0 in
 /webapp

Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prettier/eslint-config-prettier/compare/v4.3.0...v5.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index 1abaf479b..5f926320b 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -90,7 +90,7 @@
     "babel-eslint": "~10.0.1",
     "babel-jest": "~24.8.0",
     "eslint": "~5.16.0",
-    "eslint-config-prettier": "~4.3.0",
+    "eslint-config-prettier": "~5.0.0",
     "eslint-config-standard": "~12.0.0",
     "eslint-loader": "~2.1.2",
     "eslint-plugin-import": "~2.17.3",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index e5c1daf8a..dcf099ab7 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -4236,10 +4236,10 @@ eslint-config-prettier@^3.3.0:
   dependencies:
     get-stdin "^6.0.0"
 
-eslint-config-prettier@~4.3.0:
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/eslint-config-prettier/-/eslint-config-prettier-4.3.0.tgz#c55c1fcac8ce4518aeb77906984e134d9eb5a4f0"
-  integrity sha512-sZwhSTHVVz78+kYD3t5pCWSYEdVSBR0PXnwjDRsUs8ytIrK8PLXw+6FKp8r3Z7rx4ZszdetWlXYKOHoUrrwPlA==
+eslint-config-prettier@~5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/eslint-config-prettier/-/eslint-config-prettier-5.0.0.tgz#f7a94b2b8ae7cbf25842c36fa96c6d32cd0a697c"
+  integrity sha512-c17Aqiz5e8LEqoc/QPmYnaxQFAHTx2KlCZBPxXXjEMmNchOLnV/7j0HoPZuC+rL/tDC9bazUYOKJW9bOhftI/w==
   dependencies:
     get-stdin "^6.0.0"
 

From dc420d4116b37607ceeba737c0000f9f5bdf1c76 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 04:57:46 +0000
Subject: [PATCH 18/89] Bump date-fns from 2.0.0-alpha.33 to 2.0.0-alpha.34 in
 /backend

Bumps [date-fns](https://github.com/date-fns/date-fns) from 2.0.0-alpha.33 to 2.0.0-alpha.34.
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Changelog](https://github.com/date-fns/date-fns/blob/master/CHANGELOG.md)
- [Commits](https://github.com/date-fns/date-fns/compare/v2.0.0-alpha.33...v2.0.0-alpha.34)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index c8537ae0b..d0ecf618c 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -52,7 +52,7 @@
     "cheerio": "~1.0.0-rc.3",
     "cors": "~2.8.5",
     "cross-env": "~5.2.0",
-    "date-fns": "2.0.0-alpha.33",
+    "date-fns": "2.0.0-alpha.34",
     "debug": "~4.1.1",
     "dotenv": "~8.0.0",
     "express": "~4.17.1",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d2c5da176..c8a5b4254 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -2586,10 +2586,10 @@ data-urls@^1.0.0:
     whatwg-mimetype "^2.2.0"
     whatwg-url "^7.0.0"
 
-date-fns@2.0.0-alpha.33:
-  version "2.0.0-alpha.33"
-  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.33.tgz#c2f73c3cc50ac301c9217eb93603c9bc40e891bf"
-  integrity sha512-tqUVEk3oxnJuNIvwAMKHAMo4uFRG0zXvjxZQll+BonoPt+m4NMcUgO14NDxbHuy7uYcrVErd2GdSsw02EDZQ7w==
+date-fns@2.0.0-alpha.34:
+  version "2.0.0-alpha.34"
+  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.34.tgz#5d3ae7ca0d08915ccfc87a20545250af4e9c3cae"
+  integrity sha512-yjSYUHASHvzOZl++cEms+Tw7oQOFA+7Z6/lL7L3lRO9j6pMfT48N6oEyvCGo/MVlH08XWmydgf8X9Y1eedf9sQ==
 
 debug@2.6.9, debug@^2.1.2, debug@^2.2.0, debug@^2.3.3, debug@^2.6.8, debug@^2.6.9:
   version "2.6.9"

From 8ff98cbc25f8fbe315c1021d61d87207541edc80 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 04:58:20 +0000
Subject: [PATCH 19/89] Bump apollo-link-context from 1.0.17 to 1.0.18 in
 /backend

Bumps [apollo-link-context](https://github.com/apollographql/apollo-link) from 1.0.17 to 1.0.18.
- [Release notes](https://github.com/apollographql/apollo-link/releases)
- [Changelog](https://github.com/apollographql/apollo-link/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-link/compare/apollo-link-context@1.0.17...apollo-link-context@1.0.18)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 34 +++++++++++++++++-----------------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index c8537ae0b..47d080de3 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -45,7 +45,7 @@
     "activitystrea.ms": "~2.1.3",
     "apollo-cache-inmemory": "~1.6.2",
     "apollo-client": "~2.6.2",
-    "apollo-link-context": "~1.0.14",
+    "apollo-link-context": "~1.0.18",
     "apollo-link-http": "~1.5.14",
     "apollo-server": "~2.6.3",
     "bcryptjs": "~2.4.3",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d2c5da176..200370ea2 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1388,12 +1388,12 @@ apollo-graphql@^0.3.0:
     apollo-env "0.5.1"
     lodash.sortby "^4.7.0"
 
-apollo-link-context@~1.0.14:
-  version "1.0.17"
-  resolved "https://registry.yarnpkg.com/apollo-link-context/-/apollo-link-context-1.0.17.tgz#439272cfb43ec1891506dd175ed907845b7de36c"
-  integrity sha512-W5UUfHcrrlP5uqJs5X1zbf84AMXhPZGAqX/7AQDgR6wY/7//sMGfJvm36KDkpIeSOElztGtM9z6zdPN1NbT41Q==
+apollo-link-context@~1.0.18:
+  version "1.0.18"
+  resolved "https://registry.yarnpkg.com/apollo-link-context/-/apollo-link-context-1.0.18.tgz#9e700e3314da8ded50057fee0a18af2bfcedbfc3"
+  integrity sha512-aG5cbUp1zqOHHQjAJXG7n/izeMQ6LApd/whEF5z6qZp5ATvcyfSNkCfy3KRJMMZZ3iNfVTs6jF+IUA8Zvf+zeg==
   dependencies:
-    apollo-link "^1.2.11"
+    apollo-link "^1.2.12"
     tslib "^1.9.3"
 
 apollo-link-http-common@^0.2.13:
@@ -1414,15 +1414,15 @@ apollo-link-http@~1.5.14:
     apollo-link-http-common "^0.2.13"
     tslib "^1.9.3"
 
-apollo-link@^1.0.0, apollo-link@^1.2.11, apollo-link@^1.2.3:
-  version "1.2.11"
-  resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.11.tgz#493293b747ad3237114ccd22e9f559e5e24a194d"
-  integrity sha512-PQvRCg13VduLy3X/0L79M6uOpTh5iHdxnxYuo8yL7sJlWybKRJwsv4IcRBJpMFbChOOaHY7Og9wgPo6DLKDKDA==
+apollo-link@^1.0.0, apollo-link@^1.2.11, apollo-link@^1.2.12, apollo-link@^1.2.3:
+  version "1.2.12"
+  resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.12.tgz#014b514fba95f1945c38ad4c216f31bcfee68429"
+  integrity sha512-fsgIAXPKThyMVEMWQsUN22AoQI+J/pVXcjRGAShtk97h7D8O+SPskFinCGEkxPeQpE83uKaqafB2IyWdjN+J3Q==
   dependencies:
-    apollo-utilities "^1.2.1"
-    ts-invariant "^0.3.2"
+    apollo-utilities "^1.3.0"
+    ts-invariant "^0.4.0"
     tslib "^1.9.3"
-    zen-observable-ts "^0.8.18"
+    zen-observable-ts "^0.8.19"
 
 apollo-server-caching@0.4.0:
   version "0.4.0"
@@ -1566,7 +1566,7 @@ apollo-upload-server@^7.0.0:
     http-errors "^1.7.0"
     object-path "^0.11.4"
 
-apollo-utilities@1.3.2, apollo-utilities@^1.0.1, apollo-utilities@^1.2.1, apollo-utilities@^1.3.2:
+apollo-utilities@1.3.2, apollo-utilities@^1.0.1, apollo-utilities@^1.3.0, apollo-utilities@^1.3.2:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/apollo-utilities/-/apollo-utilities-1.3.2.tgz#8cbdcf8b012f664cd6cb5767f6130f5aed9115c9"
   integrity sha512-JWNHj8XChz7S4OZghV6yc9FNnzEXj285QYp/nLNh943iObycI5GTDO3NGR9Dth12LRrSFMeDOConPfPln+WGfg==
@@ -8112,10 +8112,10 @@ yup@^0.27.0:
     synchronous-promise "^2.0.6"
     toposort "^2.0.2"
 
-zen-observable-ts@^0.8.18:
-  version "0.8.18"
-  resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-0.8.18.tgz#ade44b1060cc4a800627856ec10b9c67f5f639c8"
-  integrity sha512-q7d05s75Rn1j39U5Oapg3HI2wzriVwERVo4N7uFGpIYuHB9ff02P/E92P9B8T7QVC93jCMHpbXH7X0eVR5LA7A==
+zen-observable-ts@^0.8.19:
+  version "0.8.19"
+  resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-0.8.19.tgz#c094cd20e83ddb02a11144a6e2a89706946b5694"
+  integrity sha512-u1a2rpE13G+jSzrg3aiCqXU5tN2kw41b+cBZGmnc+30YimdkKiDj9bTowcB41eL77/17RF/h+393AuVgShyheQ==
   dependencies:
     tslib "^1.9.3"
     zen-observable "^0.8.0"

From 4566980eaafa63d19f54311d445246d6c52cbae3 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 04:58:59 +0000
Subject: [PATCH 20/89] Bump eslint-config-prettier from 4.3.0 to 5.0.0 in
 /backend

Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prettier/eslint-config-prettier/compare/v4.3.0...v5.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index c8537ae0b..f4fa102ab 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -94,7 +94,7 @@
     "chai": "~4.2.0",
     "cucumber": "~5.1.0",
     "eslint": "~5.16.0",
-    "eslint-config-prettier": "~4.3.0",
+    "eslint-config-prettier": "~5.0.0",
     "eslint-config-standard": "~12.0.0",
     "eslint-plugin-import": "~2.17.3",
     "eslint-plugin-jest": "~22.6.4",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d2c5da176..89ea212e4 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -2995,10 +2995,10 @@ escodegen@^1.9.1:
   optionalDependencies:
     source-map "~0.6.1"
 
-eslint-config-prettier@~4.3.0:
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/eslint-config-prettier/-/eslint-config-prettier-4.3.0.tgz#c55c1fcac8ce4518aeb77906984e134d9eb5a4f0"
-  integrity sha512-sZwhSTHVVz78+kYD3t5pCWSYEdVSBR0PXnwjDRsUs8ytIrK8PLXw+6FKp8r3Z7rx4ZszdetWlXYKOHoUrrwPlA==
+eslint-config-prettier@~5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/eslint-config-prettier/-/eslint-config-prettier-5.0.0.tgz#f7a94b2b8ae7cbf25842c36fa96c6d32cd0a697c"
+  integrity sha512-c17Aqiz5e8LEqoc/QPmYnaxQFAHTx2KlCZBPxXXjEMmNchOLnV/7j0HoPZuC+rL/tDC9bazUYOKJW9bOhftI/w==
   dependencies:
     get-stdin "^6.0.0"
 

From 7458fd62e222f43845a5f89de84c59358d1db789 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 04:59:16 +0000
Subject: [PATCH 21/89] Bump apollo-link-http from 1.5.14 to 1.5.15 in /backend

Bumps [apollo-link-http](https://github.com/apollographql/apollo-link) from 1.5.14 to 1.5.15.
- [Release notes](https://github.com/apollographql/apollo-link/releases)
- [Changelog](https://github.com/apollographql/apollo-link/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-link/compare/apollo-link-http@1.5.14...apollo-link-http@1.5.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 55 +++++++++++++++++++-------------------------
 2 files changed, 25 insertions(+), 32 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index c8537ae0b..a20dbe698 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -46,7 +46,7 @@
     "apollo-cache-inmemory": "~1.6.2",
     "apollo-client": "~2.6.2",
     "apollo-link-context": "~1.0.14",
-    "apollo-link-http": "~1.5.14",
+    "apollo-link-http": "~1.5.15",
     "apollo-server": "~2.6.3",
     "bcryptjs": "~2.4.3",
     "cheerio": "~1.0.0-rc.3",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d2c5da176..d53e5af20 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1396,33 +1396,33 @@ apollo-link-context@~1.0.14:
     apollo-link "^1.2.11"
     tslib "^1.9.3"
 
-apollo-link-http-common@^0.2.13:
-  version "0.2.13"
-  resolved "https://registry.yarnpkg.com/apollo-link-http-common/-/apollo-link-http-common-0.2.13.tgz#c688f6baaffdc7b269b2db7ae89dae7c58b5b350"
-  integrity sha512-Uyg1ECQpTTA691Fwx5e6Rc/6CPSu4TB4pQRTGIpwZ4l5JDOQ+812Wvi/e3IInmzOZpwx5YrrOfXrtN8BrsDXoA==
+apollo-link-http-common@^0.2.14:
+  version "0.2.14"
+  resolved "https://registry.yarnpkg.com/apollo-link-http-common/-/apollo-link-http-common-0.2.14.tgz#d3a195c12e00f4e311c417f121181dcc31f7d0c8"
+  integrity sha512-v6mRU1oN6XuX8beVIRB6OpF4q1ULhSnmy7ScnHnuo1qV6GaFmDcbdvXqxIkAV1Q8SQCo2lsv4HeqJOWhFfApOg==
   dependencies:
-    apollo-link "^1.2.11"
-    ts-invariant "^0.3.2"
+    apollo-link "^1.2.12"
+    ts-invariant "^0.4.0"
     tslib "^1.9.3"
 
-apollo-link-http@~1.5.14:
-  version "1.5.14"
-  resolved "https://registry.yarnpkg.com/apollo-link-http/-/apollo-link-http-1.5.14.tgz#ed6292248d1819ccd16523e346d35203a1b31109"
-  integrity sha512-XEoPXmGpxFG3wioovgAlPXIarWaW4oWzt8YzjTYZ87R4R7d1A3wKR/KcvkdMV1m5G7YSAHcNkDLe/8hF2nH6cg==
+apollo-link-http@~1.5.15:
+  version "1.5.15"
+  resolved "https://registry.yarnpkg.com/apollo-link-http/-/apollo-link-http-1.5.15.tgz#106ab23bb8997bd55965d05855736d33119652cf"
+  integrity sha512-epZFhCKDjD7+oNTVK3P39pqWGn4LEhShAoA1Q9e2tDrBjItNfviiE33RmcLcCURDYyW5JA6SMgdODNI4Is8tvQ==
   dependencies:
-    apollo-link "^1.2.11"
-    apollo-link-http-common "^0.2.13"
+    apollo-link "^1.2.12"
+    apollo-link-http-common "^0.2.14"
     tslib "^1.9.3"
 
-apollo-link@^1.0.0, apollo-link@^1.2.11, apollo-link@^1.2.3:
-  version "1.2.11"
-  resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.11.tgz#493293b747ad3237114ccd22e9f559e5e24a194d"
-  integrity sha512-PQvRCg13VduLy3X/0L79M6uOpTh5iHdxnxYuo8yL7sJlWybKRJwsv4IcRBJpMFbChOOaHY7Og9wgPo6DLKDKDA==
+apollo-link@^1.0.0, apollo-link@^1.2.11, apollo-link@^1.2.12, apollo-link@^1.2.3:
+  version "1.2.12"
+  resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.12.tgz#014b514fba95f1945c38ad4c216f31bcfee68429"
+  integrity sha512-fsgIAXPKThyMVEMWQsUN22AoQI+J/pVXcjRGAShtk97h7D8O+SPskFinCGEkxPeQpE83uKaqafB2IyWdjN+J3Q==
   dependencies:
-    apollo-utilities "^1.2.1"
-    ts-invariant "^0.3.2"
+    apollo-utilities "^1.3.0"
+    ts-invariant "^0.4.0"
     tslib "^1.9.3"
-    zen-observable-ts "^0.8.18"
+    zen-observable-ts "^0.8.19"
 
 apollo-server-caching@0.4.0:
   version "0.4.0"
@@ -1566,7 +1566,7 @@ apollo-upload-server@^7.0.0:
     http-errors "^1.7.0"
     object-path "^0.11.4"
 
-apollo-utilities@1.3.2, apollo-utilities@^1.0.1, apollo-utilities@^1.2.1, apollo-utilities@^1.3.2:
+apollo-utilities@1.3.2, apollo-utilities@^1.0.1, apollo-utilities@^1.3.0, apollo-utilities@^1.3.2:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/apollo-utilities/-/apollo-utilities-1.3.2.tgz#8cbdcf8b012f664cd6cb5767f6130f5aed9115c9"
   integrity sha512-JWNHj8XChz7S4OZghV6yc9FNnzEXj285QYp/nLNh943iObycI5GTDO3NGR9Dth12LRrSFMeDOConPfPln+WGfg==
@@ -7543,13 +7543,6 @@ trunc-text@1.0.1:
   resolved "https://registry.yarnpkg.com/trunc-text/-/trunc-text-1.0.1.tgz#58f876d8ac59b224b79834bb478b8656e69622b5"
   integrity sha1-WPh22KxZsiS3mDS7R4uGVuaWIrU=
 
-ts-invariant@^0.3.2:
-  version "0.3.2"
-  resolved "https://registry.yarnpkg.com/ts-invariant/-/ts-invariant-0.3.2.tgz#89a2ffeb70879b777258df1df1c59383c35209b0"
-  integrity sha512-QsY8BCaRnHiB5T6iE4DPlJMAKEG3gzMiUco9FEt1jUXQf0XP6zi0idT0i0rMTu8A326JqNSDsmlkA9dRSh1TRg==
-  dependencies:
-    tslib "^1.9.3"
-
 ts-invariant@^0.4.0:
   version "0.4.2"
   resolved "https://registry.yarnpkg.com/ts-invariant/-/ts-invariant-0.4.2.tgz#8685131b8083e67c66d602540e78763408be9113"
@@ -8112,10 +8105,10 @@ yup@^0.27.0:
     synchronous-promise "^2.0.6"
     toposort "^2.0.2"
 
-zen-observable-ts@^0.8.18:
-  version "0.8.18"
-  resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-0.8.18.tgz#ade44b1060cc4a800627856ec10b9c67f5f639c8"
-  integrity sha512-q7d05s75Rn1j39U5Oapg3HI2wzriVwERVo4N7uFGpIYuHB9ff02P/E92P9B8T7QVC93jCMHpbXH7X0eVR5LA7A==
+zen-observable-ts@^0.8.19:
+  version "0.8.19"
+  resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-0.8.19.tgz#c094cd20e83ddb02a11144a6e2a89706946b5694"
+  integrity sha512-u1a2rpE13G+jSzrg3aiCqXU5tN2kw41b+cBZGmnc+30YimdkKiDj9bTowcB41eL77/17RF/h+393AuVgShyheQ==
   dependencies:
     tslib "^1.9.3"
     zen-observable "^0.8.0"

From 65df4c5a20b9d05cd08cfd4a33cebab1ccc29461 Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Mon, 17 Jun 2019 12:16:15 +0200
Subject: [PATCH 22/89] use replace instead of substring

---
 .../maintenance-worker/migration/neo4j/badges.cql             | 2 +-
 .../maintenance-worker/migration/neo4j/contributions.cql      | 2 +-
 .../maintenance-worker/migration/neo4j/users.cql              | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql b/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql
index 2d1548d4f..027cea019 100644
--- a/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql
+++ b/deployment/legacy-migration/maintenance-worker/migration/neo4j/badges.cql
@@ -45,7 +45,7 @@ MERGE(b:Badge {id: badge._id["$oid"]})
 ON CREATE SET
 b.key       = badge.key,
 b.type      = badge.type,
-b.icon      = substring(badge.image.path, 38),
+b.icon      = replace(badge.image.path, 'https://api-alpha.human-connection.org', ''),
 b.status    = badge.status,
 b.createdAt = badge.createdAt.`$date`,
 b.updatedAt = badge.updatedAt.`$date`
diff --git a/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql b/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql
index 70f09e035..472354763 100644
--- a/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql
+++ b/deployment/legacy-migration/maintenance-worker/migration/neo4j/contributions.cql
@@ -131,7 +131,7 @@ MERGE (p:Post {id: post._id["$oid"]})
 ON CREATE SET
 p.title          = post.title,
 p.slug           = post.slug,
-p.image          = substring(post.teaserImg, 38),
+p.image          = replace(post.teaserImg, 'https://api-alpha.human-connection.org', ''),
 p.content        = post.content,
 p.contentExcerpt = post.contentExcerpt,
 p.visibility     = toLower(post.visibility),
diff --git a/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql b/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql
index 96251a9ce..4d7c9aa9f 100644
--- a/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql
+++ b/deployment/legacy-migration/maintenance-worker/migration/neo4j/users.cql
@@ -102,8 +102,8 @@ u.name       = user.name,
 u.slug       = user.slug,
 u.email      = user.email,
 u.password   = user.password,
-u.avatar     = substring(user.avatar, 38),
-u.coverImg   = substring(user.coverImg, 38),
+u.avatar     = replace(user.avatar, 'https://api-alpha.human-connection.org', ''),
+u.coverImg   = replace(user.coverImg, 'https://api-alpha.human-connection.org', ''),
 u.wasInvited = user.wasInvited,
 u.wasSeeded  = user.wasSeeded,
 u.role       = toLower(user.role),

From 5a806ca99e3fba3e178954d462c0f5b32610f078 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 12:24:14 +0200
Subject: [PATCH 23/89] Remove duplicate test case

---
 backend/src/schema/resolvers/passwordReset.spec.js | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
index 89b724fca..1fbd96b7a 100644
--- a/backend/src/schema/resolvers/passwordReset.spec.js
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -123,15 +123,6 @@ describe('passwordReset', () => {
         })
       })
 
-      describe('but invalid token', () => {
-        it('resolves to false', async () => {
-          variables = { newPassword, email: 'user@example.org', token: 'lksjdflksjdflksjdlkfjsf' }
-          await expect(client.request(mutation, variables)).resolves.toEqual({
-            resetPassword: false,
-          })
-        })
-      })
-
       describe('and valid token', () => {
         beforeEach(() => {
           variables = {

From 7228d68149e10517be360f1f6db3a08285ffd633 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 12:30:39 +0200
Subject: [PATCH 24/89] Write a nice form to reset your password

---
 webapp/locales/de.json          |  6 +++++-
 webapp/locales/en.json          |  6 +++++-
 webapp/pages/password-reset.vue | 23 ++++++++++++++++++++---
 3 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index d783f9e37..14ab9d906 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -15,7 +15,11 @@
     "hello": "Hallo"
   },
   "password-reset": {
-    "title": "Passwort zurücksetzen"
+    "title": "Passwort zurücksetzen",
+    "form": {
+      "description": "Eine Mail zum Zurücksetzen des Passworts wird an die angegebene E-Mail Adresse geschickt.",
+      "submit": "Email anfordern"
+    }
   },
   "editor": {
     "placeholder": "Schreib etwas Inspirierendes..."
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 3a5405eec..3c2b7c8d8 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -15,7 +15,11 @@
     "hello": "Hello"
   },
   "password-reset": {
-    "title": "Reset your password"
+    "title": "Reset your password",
+    "form": {
+      "description": "A password reset email will be sent to the given email address.",
+      "submit": "Request email"
+    }
   },
   "editor": {
     "placeholder": "Leave your inspirational thoughts..."
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 0205ea4f4..bd7da49be 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -3,9 +3,26 @@
     <ds-flex>
       <ds-flex-item :width="{ base: '100%' }" centered>
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
-          <ds-heading tag="h3">
-            {{ $t('password-reset.title') }}
-          </ds-heading>
+          <ds-card class="password-reset-card">
+            <ds-space margin="large">
+              <form>
+                <ds-input
+                  :placeholder="$t('login.email')"
+                  type="email"
+                  name="email"
+                  icon="envelope"
+                />
+                <ds-space margin-botton="large">
+                  <ds-text>
+                    {{ $t('password-reset.form.description') }}
+                  </ds-text>
+                </ds-space>
+                <ds-button primary fullwidth name="submit" type="submit" icon="sign-in">
+                  {{ $t('password-reset.form.submit') }}
+                </ds-button>
+              </form>
+            </ds-space>
+          </ds-card>
         </ds-space>
       </ds-flex-item>
     </ds-flex>

From c4eb2178f241a7119028888c028768176c71dbf4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 12:39:36 +0200
Subject: [PATCH 25/89] Scaffold page component test for password reset

---
 webapp/pages/password-reset.spec.js | 41 +++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 webapp/pages/password-reset.spec.js

diff --git a/webapp/pages/password-reset.spec.js b/webapp/pages/password-reset.spec.js
new file mode 100644
index 000000000..3c1f5b286
--- /dev/null
+++ b/webapp/pages/password-reset.spec.js
@@ -0,0 +1,41 @@
+import { shallowMount, createLocalVue } from '@vue/test-utils'
+import PasswordResetPage from './password-reset.vue'
+import Styleguide from '@human-connection/styleguide'
+
+const localVue = createLocalVue()
+
+localVue.use(Styleguide)
+
+describe('ProfileSlug', () => {
+  let wrapper
+  let Wrapper
+  let mocks
+
+  beforeEach(() => {
+    mocks = {
+      $toast: {
+        success: jest.fn(),
+        error: jest.fn(),
+      },
+      $t: jest.fn(),
+      $apollo: {
+        loading: false,
+        mutate: jest.fn().mockResolvedValue(),
+      },
+    }
+  })
+
+  describe('shallowMount', () => {
+    Wrapper = () => {
+      return shallowMount(PasswordResetPage, {
+        mocks,
+        localVue,
+      })
+    }
+
+    it('renders a password reset form', () => {
+      wrapper = Wrapper()
+      expect(wrapper.find('.password-reset-card').exists()).toBe(true)
+    })
+  })
+})

From 4dde53f67d4dca075240c90466fd765c67e24d19 Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Mon, 17 Jun 2019 13:30:18 +0200
Subject: [PATCH 26/89] added coverage report text in oder to fix coverage

---
 webapp/package.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/webapp/package.json b/webapp/package.json
index 1abaf479b..4f203ef5c 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -29,6 +29,7 @@
       "!**/?(*.)+(spec|test).js?(x)"
     ],
     "coverageReporters": [
+      "text",
       "lcov"
     ],
     "transform": {
@@ -110,4 +111,4 @@
     "vue-jest": "~3.0.4",
     "vue-svg-loader": "~0.12.0"
   }
-}
+}
\ No newline at end of file

From a501e1145daf8ad8fe4200b19750963a2018a879 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 14:02:25 +0200
Subject: [PATCH 27/89] Component test to call a mutation passes

---
 webapp/locales/de.json              |  8 +++-
 webapp/locales/en.json              |  8 +++-
 webapp/pages/password-reset.spec.js | 31 +++++++++++++--
 webapp/pages/password-reset.vue     | 59 +++++++++++++++++++++++++++--
 4 files changed, 96 insertions(+), 10 deletions(-)

diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 14ab9d906..7497648e1 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -18,7 +18,8 @@
     "title": "Passwort zurücksetzen",
     "form": {
       "description": "Eine Mail zum Zurücksetzen des Passworts wird an die angegebene E-Mail Adresse geschickt.",
-      "submit": "Email anfordern"
+      "submit": "Email anfordern",
+      "submitted": "Eine E-Mail zum Zurücksetzen wurde angefordert"
     }
   },
   "editor": {
@@ -201,7 +202,10 @@
     "name": "Name",
     "loadMore": "mehr laden",
     "loading": "wird geladen",
-    "reportContent": "Melden"
+    "reportContent": "Melden",
+    "validations": {
+      "email": "muss eine gültige E-Mail Adresse sein"
+    }
   },
   "actions": {
     "loading": "lade",
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 3c2b7c8d8..fd7968428 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -18,7 +18,8 @@
     "title": "Reset your password",
     "form": {
       "description": "A password reset email will be sent to the given email address.",
-      "submit": "Request email"
+      "submit": "Request email",
+      "submitted": "Reset email was requested"
     }
   },
   "editor": {
@@ -201,7 +202,10 @@
     "name": "Name",
     "loadMore": "load more",
     "loading": "loading",
-    "reportContent": "Report"
+    "reportContent": "Report",
+    "validations": {
+      "email": "must be a valid email address"
+    }
   },
   "actions": {
     "loading": "loading",
diff --git a/webapp/pages/password-reset.spec.js b/webapp/pages/password-reset.spec.js
index 3c1f5b286..bba001614 100644
--- a/webapp/pages/password-reset.spec.js
+++ b/webapp/pages/password-reset.spec.js
@@ -1,4 +1,4 @@
-import { shallowMount, createLocalVue } from '@vue/test-utils'
+import { mount, createLocalVue } from '@vue/test-utils'
 import PasswordResetPage from './password-reset.vue'
 import Styleguide from '@human-connection/styleguide'
 
@@ -25,9 +25,9 @@ describe('ProfileSlug', () => {
     }
   })
 
-  describe('shallowMount', () => {
+  describe('mount', () => {
     Wrapper = () => {
-      return shallowMount(PasswordResetPage, {
+      return mount(PasswordResetPage, {
         mocks,
         localVue,
       })
@@ -37,5 +37,30 @@ describe('ProfileSlug', () => {
       wrapper = Wrapper()
       expect(wrapper.find('.password-reset-card').exists()).toBe(true)
     })
+
+    describe('submit', () => {
+      beforeEach(async () => {
+        wrapper = Wrapper()
+        wrapper.find('input#email').setValue('mail@example.org')
+        await wrapper.find('form').trigger('submit')
+      })
+
+      it('calls requestPasswordReset graphql mutation', () => {
+        expect(mocks.$apollo.mutate).toHaveBeenCalled()
+      })
+
+      it.todo('delivers email to backend')
+      it.todo('disables form to avoid re-submission')
+      it.todo('displays a message that a password email was requested')
+    })
+
+    describe('given password reset token as URL param', () => {
+      it.todo('displays a form to update your password')
+      describe('submitting new password', () => {
+        it.todo('calls resetPassword graphql mutation')
+        it.todo('delivers new password to backend')
+        it.todo('displays success message')
+      })
+    })
   })
 })
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index bd7da49be..0ad9b7997 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -5,10 +5,17 @@
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
           <ds-card class="password-reset-card">
             <ds-space margin="large">
-              <form>
+              <ds-form
+                @input="handleInput"
+                @input-valid="handleInputValid"
+                v-model="formData"
+                :schema="formSchema"
+                @submit="handleSubmit">
                 <ds-input
                   :placeholder="$t('login.email')"
                   type="email"
+                  id="email"
+                  model="email"
                   name="email"
                   icon="envelope"
                 />
@@ -17,10 +24,12 @@
                     {{ $t('password-reset.form.description') }}
                   </ds-text>
                 </ds-space>
-                <ds-button primary fullwidth name="submit" type="submit" icon="sign-in">
+                <ds-button
+                  :disabled="disabled"
+                  :loading="$apollo.loading" primary fullwidth name="submit" type="submit" icon="envelope">
                   {{ $t('password-reset.form.submit') }}
                 </ds-button>
-              </form>
+              </ds-form>
             </ds-space>
           </ds-card>
         </ds-space>
@@ -30,7 +39,51 @@
 </template>
 
 <script>
+import gql from 'graphql-tag'
+
 export default {
   layout: 'default',
+  data() {
+    return {
+      formData: {
+        email: ''
+      },
+      formSchema: {
+        email: {
+          type: 'email',
+          required: true,
+          message: this.$t('common.validations.email'),
+        }
+      },
+      disabled: true,
+    }
+  },
+  methods: {
+    handleInput(data) {
+      this.disabled = true
+    },
+    handleInputValid(data) {
+      this.disabled = false
+    },
+    async handleSubmit() {
+      console.log('handleSubmit')
+      const mutation = gql`
+        mutation($email: String!) {
+          requestPasswordReset(email: $email)
+        }
+      `
+      const variables = this.formData
+
+      try {
+        const { data } = await this.$apollo.mutate({ mutation, variables })
+        this.$toast.success(this.$t('password-reset.form.submitted'))
+        this.formData = {
+          email: '',
+        }
+      } catch (err) {
+        this.$toast.error(err.message)
+      }
+    }
+  },
 }
 </script>

From de9ed55738f31442f81f19cbe9aa90c20c2947d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 14:29:24 +0200
Subject: [PATCH 28/89] Display nice success message on password reset

---
 webapp/locales/de.json              |  2 +-
 webapp/locales/en.json              |  2 +-
 webapp/pages/password-reset.spec.js | 18 ++++++++---
 webapp/pages/password-reset.vue     | 49 +++++++++++++++++++++--------
 4 files changed, 52 insertions(+), 19 deletions(-)

diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 7497648e1..88afa07e0 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -19,7 +19,7 @@
     "form": {
       "description": "Eine Mail zum Zurücksetzen des Passworts wird an die angegebene E-Mail Adresse geschickt.",
       "submit": "Email anfordern",
-      "submitted": "Eine E-Mail zum Zurücksetzen wurde angefordert"
+      "submitted": "E-Mail verschickt an <b>{email}</b>"
     }
   },
   "editor": {
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index fd7968428..53ad9fb40 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -19,7 +19,7 @@
     "form": {
       "description": "A password reset email will be sent to the given email address.",
       "submit": "Request email",
-      "submitted": "Reset email was requested"
+      "submitted": "Email sent to <b>{email}</b>"
     }
   },
   "editor": {
diff --git a/webapp/pages/password-reset.spec.js b/webapp/pages/password-reset.spec.js
index bba001614..e78ace4ba 100644
--- a/webapp/pages/password-reset.spec.js
+++ b/webapp/pages/password-reset.spec.js
@@ -20,7 +20,7 @@ describe('ProfileSlug', () => {
       $t: jest.fn(),
       $apollo: {
         loading: false,
-        mutate: jest.fn().mockResolvedValue(),
+        mutate: jest.fn().mockResolvedValue({ data: { reqestPasswordReset: true } }),
       },
     }
   })
@@ -49,9 +49,19 @@ describe('ProfileSlug', () => {
         expect(mocks.$apollo.mutate).toHaveBeenCalled()
       })
 
-      it.todo('delivers email to backend')
-      it.todo('disables form to avoid re-submission')
-      it.todo('displays a message that a password email was requested')
+      it('delivers email to backend', () => {
+        const expected = expect.objectContaining({ variables: { email: 'mail@example.org' } })
+        expect(mocks.$apollo.mutate).toHaveBeenCalledWith(expected)
+      })
+
+      it('hides form to avoid re-submission', () => {
+        expect(wrapper.find('form').exists()).not.toBeTruthy()
+      })
+
+      it('displays a message that a password email was requested', () => {
+        const expected = ['password-reset.form.submitted', { email: 'mail@example.org' }]
+        expect(mocks.$t).toHaveBeenCalledWith(...expected)
+      })
     })
 
     describe('given password reset token as URL param', () => {
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 0ad9b7997..9e7d2d195 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -6,11 +6,13 @@
           <ds-card class="password-reset-card">
             <ds-space margin="large">
               <ds-form
+                v-if="!submitted"
                 @input="handleInput"
                 @input-valid="handleInputValid"
                 v-model="formData"
                 :schema="formSchema"
-                @submit="handleSubmit">
+                @submit="handleSubmit"
+              >
                 <ds-input
                   :placeholder="$t('login.email')"
                   type="email"
@@ -26,10 +28,24 @@
                 </ds-space>
                 <ds-button
                   :disabled="disabled"
-                  :loading="$apollo.loading" primary fullwidth name="submit" type="submit" icon="envelope">
+                  :loading="$apollo.loading"
+                  primary
+                  fullwidth
+                  name="submit"
+                  type="submit"
+                  icon="envelope"
+                >
                   {{ $t('password-reset.form.submit') }}
                 </ds-button>
               </ds-form>
+              <div v-else>
+                <transition name="ds-transition-fade">
+                  <ds-flex centered>
+                    <sweetalert-icon icon="success" />
+                  </ds-flex>
+                </transition>
+                <ds-text v-html="submitMessage" />
+              </div>
             </ds-space>
           </ds-card>
         </ds-space>
@@ -40,33 +56,43 @@
 
 <script>
 import gql from 'graphql-tag'
+import { SweetalertIcon } from 'vue-sweetalert-icons'
 
 export default {
   layout: 'default',
+  components: {
+    SweetalertIcon,
+  },
   data() {
     return {
       formData: {
-        email: ''
+        email: '',
       },
       formSchema: {
         email: {
           type: 'email',
           required: true,
           message: this.$t('common.validations.email'),
-        }
+        },
       },
       disabled: true,
+      submitted: false,
     }
   },
+  computed: {
+    submitMessage() {
+      const { email } = this.formData
+      return this.$t('password-reset.form.submitted', { email })
+    },
+  },
   methods: {
-    handleInput(data) {
+    handleInput() {
       this.disabled = true
     },
-    handleInputValid(data) {
+    handleInputValid() {
       this.disabled = false
     },
     async handleSubmit() {
-      console.log('handleSubmit')
       const mutation = gql`
         mutation($email: String!) {
           requestPasswordReset(email: $email)
@@ -75,15 +101,12 @@ export default {
       const variables = this.formData
 
       try {
-        const { data } = await this.$apollo.mutate({ mutation, variables })
-        this.$toast.success(this.$t('password-reset.form.submitted'))
-        this.formData = {
-          email: '',
-        }
+        await this.$apollo.mutate({ mutation, variables })
+        this.submitted = true
       } catch (err) {
         this.$toast.error(err.message)
       }
-    }
+    },
   },
 }
 </script>

From 35428fbaaad0b061bb5466b9b3e781d59107d332 Mon Sep 17 00:00:00 2001
From: Matt Rider <mattwr18@gmail.com>
Date: Mon, 17 Jun 2019 10:07:53 -0300
Subject: [PATCH 29/89] Add test for LocaleSwitch

---
 .../LocaleSwitch/LocaleSwitch.spec.js         | 68 +++++++++++++++++++
 .../{ => LocaleSwitch}/LocaleSwitch.vue       |  0
 webapp/layouts/default.vue                    |  2 +-
 webapp/pages/login.vue                        |  2 +-
 4 files changed, 70 insertions(+), 2 deletions(-)
 create mode 100644 webapp/components/LocaleSwitch/LocaleSwitch.spec.js
 rename webapp/components/{ => LocaleSwitch}/LocaleSwitch.vue (100%)

diff --git a/webapp/components/LocaleSwitch/LocaleSwitch.spec.js b/webapp/components/LocaleSwitch/LocaleSwitch.spec.js
new file mode 100644
index 000000000..ae81881d6
--- /dev/null
+++ b/webapp/components/LocaleSwitch/LocaleSwitch.spec.js
@@ -0,0 +1,68 @@
+import { mount, createLocalVue } from '@vue/test-utils'
+import Styleguide from '@human-connection/styleguide'
+import Vuex from 'vuex'
+import VTooltip from 'v-tooltip'
+import LocaleSwitch from './LocaleSwitch.vue'
+import { mutations } from '~/store/editor'
+
+const localVue = createLocalVue()
+
+localVue.use(Vuex)
+localVue.use(Styleguide)
+localVue.use(VTooltip)
+
+describe('LocaleSwitch.vue', () => {
+  let wrapper
+  let mocks
+  let computed
+  let deutschLanguageItem
+
+  beforeEach(() => {
+    mocks = {
+      $i18n: {
+        locale: () => 'de',
+        set: jest.fn(),
+      },
+      $t: jest.fn(),
+      setPlaceholderText: jest.fn(),
+    }
+    computed = {
+      current: () => {
+        return { code: 'en' }
+      },
+      routes: () => {
+        return [
+          {
+            name: 'English',
+            path: 'en',
+          },
+          {
+            name: 'Deutsch',
+            path: 'de',
+          },
+        ]
+      },
+    }
+  })
+
+  describe('mount', () => {
+    const store = new Vuex.Store({
+      mutations: {
+        'editor/SET_PLACEHOLDER_TEXT': mutations.SET_PLACEHOLDER_TEXT,
+      },
+    })
+    const Wrapper = () => {
+      return mount(LocaleSwitch, { mocks, localVue, store, computed })
+    }
+    beforeEach(() => {
+      wrapper = Wrapper()
+      wrapper.find('.locale-menu').trigger('click')
+      deutschLanguageItem = wrapper.findAll('li').at(1)
+      deutschLanguageItem.trigger('click')
+    })
+
+    it("changes a user's locale", () => {
+      expect(mocks.$i18n.set).toHaveBeenCalledTimes(1)
+    })
+  })
+})
diff --git a/webapp/components/LocaleSwitch.vue b/webapp/components/LocaleSwitch/LocaleSwitch.vue
similarity index 100%
rename from webapp/components/LocaleSwitch.vue
rename to webapp/components/LocaleSwitch/LocaleSwitch.vue
diff --git a/webapp/layouts/default.vue b/webapp/layouts/default.vue
index 7708d6d2e..162bae0fb 100644
--- a/webapp/layouts/default.vue
+++ b/webapp/layouts/default.vue
@@ -92,7 +92,7 @@
 
 <script>
 import { mapGetters, mapActions } from 'vuex'
-import LocaleSwitch from '~/components/LocaleSwitch'
+import LocaleSwitch from '~/components/LocaleSwitch/LocaleSwitch'
 import SearchInput from '~/components/SearchInput.vue'
 import Modal from '~/components/Modal'
 import NotificationMenu from '~/components/notifications/NotificationMenu'
diff --git a/webapp/pages/login.vue b/webapp/pages/login.vue
index a96fbdbf1..7520eaa5b 100644
--- a/webapp/pages/login.vue
+++ b/webapp/pages/login.vue
@@ -73,7 +73,7 @@
 </template>
 
 <script>
-import LocaleSwitch from '~/components/LocaleSwitch'
+import LocaleSwitch from '~/components/LocaleSwitch/LocaleSwitch'
 
 export default {
   components: {

From 0e3eb4327678f64ed47dd1d5c11e1cad3c4c829a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 14:53:28 +0200
Subject: [PATCH 30/89] Split PasswordResetPage into subcomponents

---
 .../PasswordReset/PasswordReset.spec.js}      |   4 +-
 .../PasswordReset/PasswordReset.vue           | 103 ++++++++++++++++++
 webapp/pages/password-reset.vue               |  98 +----------------
 3 files changed, 109 insertions(+), 96 deletions(-)
 rename webapp/{pages/password-reset.spec.js => components/PasswordReset/PasswordReset.spec.js} (95%)
 create mode 100644 webapp/components/PasswordReset/PasswordReset.vue

diff --git a/webapp/pages/password-reset.spec.js b/webapp/components/PasswordReset/PasswordReset.spec.js
similarity index 95%
rename from webapp/pages/password-reset.spec.js
rename to webapp/components/PasswordReset/PasswordReset.spec.js
index e78ace4ba..e55b9273a 100644
--- a/webapp/pages/password-reset.spec.js
+++ b/webapp/components/PasswordReset/PasswordReset.spec.js
@@ -1,5 +1,5 @@
 import { mount, createLocalVue } from '@vue/test-utils'
-import PasswordResetPage from './password-reset.vue'
+import PasswordReset from './PasswordReset'
 import Styleguide from '@human-connection/styleguide'
 
 const localVue = createLocalVue()
@@ -27,7 +27,7 @@ describe('ProfileSlug', () => {
 
   describe('mount', () => {
     Wrapper = () => {
-      return mount(PasswordResetPage, {
+      return mount(PasswordReset, {
         mocks,
         localVue,
       })
diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/PasswordReset.vue
new file mode 100644
index 000000000..7a74bbe31
--- /dev/null
+++ b/webapp/components/PasswordReset/PasswordReset.vue
@@ -0,0 +1,103 @@
+<template>
+  <ds-card class="password-reset-card">
+    <ds-space margin="large">
+      <ds-form
+        v-if="!submitted"
+        @input="handleInput"
+        @input-valid="handleInputValid"
+        v-model="formData"
+        :schema="formSchema"
+        @submit="handleSubmit"
+        >
+        <ds-input
+          :placeholder="$t('login.email')"
+          type="email"
+          id="email"
+          model="email"
+          name="email"
+          icon="envelope"
+          />
+          <ds-space margin-botton="large">
+            <ds-text>
+              {{ $t('password-reset.form.description') }}
+            </ds-text>
+          </ds-space>
+          <ds-button
+            :disabled="disabled"
+            :loading="$apollo.loading"
+            primary
+            fullwidth
+            name="submit"
+            type="submit"
+            icon="envelope"
+            >
+            {{ $t('password-reset.form.submit') }}
+          </ds-button>
+      </ds-form>
+      <div v-else>
+        <transition name="ds-transition-fade">
+        <ds-flex centered>
+          <sweetalert-icon icon="success" />
+        </ds-flex>
+        </transition>
+        <ds-text v-html="submitMessage" />
+      </div>
+    </ds-space>
+  </ds-card>
+</template>
+
+<script>
+import gql from 'graphql-tag'
+import { SweetalertIcon } from 'vue-sweetalert-icons'
+
+export default {
+  components: {
+    SweetalertIcon,
+  },
+  data() {
+    return {
+      formData: {
+        email: '',
+      },
+      formSchema: {
+        email: {
+          type: 'email',
+          required: true,
+          message: this.$t('common.validations.email'),
+        },
+      },
+      disabled: true,
+      submitted: false,
+    }
+  },
+  computed: {
+    submitMessage() {
+      const { email } = this.formData
+      return this.$t('password-reset.form.submitted', { email })
+    },
+  },
+  methods: {
+    handleInput() {
+      this.disabled = true
+    },
+    handleInputValid() {
+      this.disabled = false
+    },
+    async handleSubmit() {
+      const mutation = gql`
+        mutation($email: String!) {
+          requestPasswordReset(email: $email)
+        }
+      `
+      const variables = this.formData
+
+      try {
+        await this.$apollo.mutate({ mutation, variables })
+        this.submitted = true
+      } catch (err) {
+        this.$toast.error(err.message)
+      }
+    },
+  },
+}
+</script>
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 9e7d2d195..98642cfe8 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -3,51 +3,7 @@
     <ds-flex>
       <ds-flex-item :width="{ base: '100%' }" centered>
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
-          <ds-card class="password-reset-card">
-            <ds-space margin="large">
-              <ds-form
-                v-if="!submitted"
-                @input="handleInput"
-                @input-valid="handleInputValid"
-                v-model="formData"
-                :schema="formSchema"
-                @submit="handleSubmit"
-              >
-                <ds-input
-                  :placeholder="$t('login.email')"
-                  type="email"
-                  id="email"
-                  model="email"
-                  name="email"
-                  icon="envelope"
-                />
-                <ds-space margin-botton="large">
-                  <ds-text>
-                    {{ $t('password-reset.form.description') }}
-                  </ds-text>
-                </ds-space>
-                <ds-button
-                  :disabled="disabled"
-                  :loading="$apollo.loading"
-                  primary
-                  fullwidth
-                  name="submit"
-                  type="submit"
-                  icon="envelope"
-                >
-                  {{ $t('password-reset.form.submit') }}
-                </ds-button>
-              </ds-form>
-              <div v-else>
-                <transition name="ds-transition-fade">
-                  <ds-flex centered>
-                    <sweetalert-icon icon="success" />
-                  </ds-flex>
-                </transition>
-                <ds-text v-html="submitMessage" />
-              </div>
-            </ds-space>
-          </ds-card>
+          <password-reset />
         </ds-space>
       </ds-flex-item>
     </ds-flex>
@@ -55,58 +11,12 @@
 </template>
 
 <script>
-import gql from 'graphql-tag'
-import { SweetalertIcon } from 'vue-sweetalert-icons'
+import PasswordReset from '~/components/PasswordReset/PasswordReset'
 
 export default {
   layout: 'default',
   components: {
-    SweetalertIcon,
-  },
-  data() {
-    return {
-      formData: {
-        email: '',
-      },
-      formSchema: {
-        email: {
-          type: 'email',
-          required: true,
-          message: this.$t('common.validations.email'),
-        },
-      },
-      disabled: true,
-      submitted: false,
-    }
-  },
-  computed: {
-    submitMessage() {
-      const { email } = this.formData
-      return this.$t('password-reset.form.submitted', { email })
-    },
-  },
-  methods: {
-    handleInput() {
-      this.disabled = true
-    },
-    handleInputValid() {
-      this.disabled = false
-    },
-    async handleSubmit() {
-      const mutation = gql`
-        mutation($email: String!) {
-          requestPasswordReset(email: $email)
-        }
-      `
-      const variables = this.formData
-
-      try {
-        await this.$apollo.mutate({ mutation, variables })
-        this.submitted = true
-      } catch (err) {
-        this.$toast.error(err.message)
-      }
-    },
-  },
+    PasswordReset,
+  }
 }
 </script>

From aa6855434de199fa68e09125d0ea5642db759249 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 15:10:57 +0200
Subject: [PATCH 31/89] Emit `submitted` from PasswordReset component

---
 .../PasswordReset/PasswordReset.spec.js       | 19 +++----
 .../PasswordReset/PasswordReset.vue           |  6 ++-
 .../PasswordReset/VerifyCode.spec.js          | 50 +++++++++++++++++++
 .../components/PasswordReset/VerifyCode.vue   |  9 ++++
 webapp/locales/de.json                        |  5 ++
 webapp/locales/en.json                        |  5 ++
 6 files changed, 84 insertions(+), 10 deletions(-)
 create mode 100644 webapp/components/PasswordReset/VerifyCode.spec.js
 create mode 100644 webapp/components/PasswordReset/VerifyCode.vue

diff --git a/webapp/components/PasswordReset/PasswordReset.spec.js b/webapp/components/PasswordReset/PasswordReset.spec.js
index e55b9273a..6284fed36 100644
--- a/webapp/components/PasswordReset/PasswordReset.spec.js
+++ b/webapp/components/PasswordReset/PasswordReset.spec.js
@@ -6,7 +6,7 @@ const localVue = createLocalVue()
 
 localVue.use(Styleguide)
 
-describe('ProfileSlug', () => {
+describe('PasswordReset', () => {
   let wrapper
   let Wrapper
   let mocks
@@ -26,6 +26,8 @@ describe('ProfileSlug', () => {
   })
 
   describe('mount', () => {
+    beforeEach(jest.useFakeTimers)
+
     Wrapper = () => {
       return mount(PasswordReset, {
         mocks,
@@ -35,7 +37,7 @@ describe('ProfileSlug', () => {
 
     it('renders a password reset form', () => {
       wrapper = Wrapper()
-      expect(wrapper.find('.password-reset-card').exists()).toBe(true)
+      expect(wrapper.find('.password-reset').exists()).toBe(true)
     })
 
     describe('submit', () => {
@@ -62,14 +64,13 @@ describe('ProfileSlug', () => {
         const expected = ['password-reset.form.submitted', { email: 'mail@example.org' }]
         expect(mocks.$t).toHaveBeenCalledWith(...expected)
       })
-    })
 
-    describe('given password reset token as URL param', () => {
-      it.todo('displays a form to update your password')
-      describe('submitting new password', () => {
-        it.todo('calls resetPassword graphql mutation')
-        it.todo('delivers new password to backend')
-        it.todo('displays success message')
+      describe('after animation', () => {
+        beforeEach(jest.runAllTimers)
+
+        it('emits `submitted`', () => {
+          expect(wrapper.emitted('submitted')).toBeTruthy()
+        })
       })
     })
   })
diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/PasswordReset.vue
index 7a74bbe31..175207949 100644
--- a/webapp/components/PasswordReset/PasswordReset.vue
+++ b/webapp/components/PasswordReset/PasswordReset.vue
@@ -1,5 +1,5 @@
 <template>
-  <ds-card class="password-reset-card">
+  <ds-card class="password-reset">
     <ds-space margin="large">
       <ds-form
         v-if="!submitted"
@@ -94,6 +94,10 @@ export default {
       try {
         await this.$apollo.mutate({ mutation, variables })
         this.submitted = true
+
+        setTimeout(() => {
+          this.$emit('submitted')
+        }, 1000)
       } catch (err) {
         this.$toast.error(err.message)
       }
diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
new file mode 100644
index 000000000..92d6f8d07
--- /dev/null
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -0,0 +1,50 @@
+import { mount, createLocalVue } from '@vue/test-utils'
+import VerifyCode from './VerifyCode'
+import Styleguide from '@human-connection/styleguide'
+
+const localVue = createLocalVue()
+
+localVue.use(Styleguide)
+
+describe('VerifyCode ', () => {
+  let wrapper
+  let Wrapper
+  let mocks
+
+  beforeEach(() => {
+    mocks = {
+      $toast: {
+        success: jest.fn(),
+        error: jest.fn(),
+      },
+      $t: jest.fn(),
+      $apollo: {
+        loading: false,
+        mutate: jest.fn().mockResolvedValue({ data: { resetPassword: false } }),
+      },
+    }
+  })
+
+  describe('mount', () => {
+    Wrapper = () => {
+      return mount(VerifyCode, {
+        mocks,
+        localVue,
+      })
+    }
+
+    it('renders a verify code form', () => {
+      wrapper = Wrapper()
+      expect(wrapper.find('.verify-code').exists()).toBe(true)
+    })
+
+    describe('after verification code given', () => {
+      it.todo('displays a form to update your password')
+      describe('submitting new password', () => {
+        it.todo('calls resetPassword graphql mutation')
+        it.todo('delivers new password to backend')
+        it.todo('displays success message')
+      })
+    })
+  })
+})
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
new file mode 100644
index 000000000..d6bea39df
--- /dev/null
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -0,0 +1,9 @@
+<template>
+  <ds-card class="verify-code">
+    <ds-space margin="large">
+      <h1>
+        {{ $t('verify-code.form.description') }}
+      </h1>
+    </ds-space>
+  </ds-card>
+</template>
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 88afa07e0..5e2be98f8 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -22,6 +22,11 @@
       "submitted": "E-Mail verschickt an <b>{email}</b>"
     }
   },
+  "verify-code": {
+    "form": {
+      "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben."
+    }
+  },
   "editor": {
     "placeholder": "Schreib etwas Inspirierendes..."
   },
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 53ad9fb40..d7caa3cfb 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -22,6 +22,11 @@
       "submitted": "Email sent to <b>{email}</b>"
     }
   },
+  "verify-code": {
+    "form": {
+      "description": "Open your inbox and enter the code that we've sent to you."
+    }
+  },
   "editor": {
     "placeholder": "Leave your inspirational thoughts..."
   },

From edd6a3f0c3d6ee8aa3cf9aa1f082c0731fb75b47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 15:17:58 +0200
Subject: [PATCH 32/89] PW-Reset page switches password reset and verify

---
 .../PasswordReset/PasswordReset.spec.js       |  4 +-
 .../PasswordReset/PasswordReset.vue           | 46 +++++++++----------
 webapp/pages/password-reset.vue               | 17 ++++++-
 3 files changed, 40 insertions(+), 27 deletions(-)

diff --git a/webapp/components/PasswordReset/PasswordReset.spec.js b/webapp/components/PasswordReset/PasswordReset.spec.js
index 6284fed36..1adf68ee5 100644
--- a/webapp/components/PasswordReset/PasswordReset.spec.js
+++ b/webapp/components/PasswordReset/PasswordReset.spec.js
@@ -68,8 +68,8 @@ describe('PasswordReset', () => {
       describe('after animation', () => {
         beforeEach(jest.runAllTimers)
 
-        it('emits `submitted`', () => {
-          expect(wrapper.emitted('submitted')).toBeTruthy()
+        it('emits `handleSubmitted`', () => {
+          expect(wrapper.emitted('handleSubmitted')).toBeTruthy()
         })
       })
     })
diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/PasswordReset.vue
index 175207949..e34efc070 100644
--- a/webapp/components/PasswordReset/PasswordReset.vue
+++ b/webapp/components/PasswordReset/PasswordReset.vue
@@ -8,7 +8,7 @@
         v-model="formData"
         :schema="formSchema"
         @submit="handleSubmit"
-        >
+      >
         <ds-input
           :placeholder="$t('login.email')"
           type="email"
@@ -16,29 +16,29 @@
           model="email"
           name="email"
           icon="envelope"
-          />
-          <ds-space margin-botton="large">
-            <ds-text>
-              {{ $t('password-reset.form.description') }}
-            </ds-text>
-          </ds-space>
-          <ds-button
-            :disabled="disabled"
-            :loading="$apollo.loading"
-            primary
-            fullwidth
-            name="submit"
-            type="submit"
-            icon="envelope"
-            >
-            {{ $t('password-reset.form.submit') }}
-          </ds-button>
+        />
+        <ds-space margin-botton="large">
+          <ds-text>
+            {{ $t('password-reset.form.description') }}
+          </ds-text>
+        </ds-space>
+        <ds-button
+          :disabled="disabled"
+          :loading="$apollo.loading"
+          primary
+          fullwidth
+          name="submit"
+          type="submit"
+          icon="envelope"
+        >
+          {{ $t('password-reset.form.submit') }}
+        </ds-button>
       </ds-form>
       <div v-else>
         <transition name="ds-transition-fade">
-        <ds-flex centered>
-          <sweetalert-icon icon="success" />
-        </ds-flex>
+          <ds-flex centered>
+            <sweetalert-icon icon="success" />
+          </ds-flex>
         </transition>
         <ds-text v-html="submitMessage" />
       </div>
@@ -96,8 +96,8 @@ export default {
         this.submitted = true
 
         setTimeout(() => {
-          this.$emit('submitted')
-        }, 1000)
+          this.$emit('handleSubmitted')
+        }, 3000)
       } catch (err) {
         this.$toast.error(err.message)
       }
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 98642cfe8..0ef12cd32 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -3,7 +3,8 @@
     <ds-flex>
       <ds-flex-item :width="{ base: '100%' }" centered>
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
-          <password-reset />
+          <password-reset @handleSubmitted="handleSubmitted" v-if="!submitted" />
+          <verify-code v-else />
         </ds-space>
       </ds-flex-item>
     </ds-flex>
@@ -12,11 +13,23 @@
 
 <script>
 import PasswordReset from '~/components/PasswordReset/PasswordReset'
+import VerifyCode from '~/components/PasswordReset/VerifyCode'
 
 export default {
   layout: 'default',
+  data() {
+    return {
+      submitted: false,
+    }
+  },
   components: {
     PasswordReset,
-  }
+    VerifyCode,
+  },
+  methods: {
+    handleSubmitted() {
+      this.submitted = true
+    },
+  },
 }
 </script>

From 4e780f52dc35f731a2d688c2bd7835129d8f9244 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Mon, 17 Jun 2019 18:44:17 +0200
Subject: [PATCH 33/89] Copy and refactoring Mentions to Tags, Started

---
 webapp/components/ContributionForm/index.vue |  35 ++++-
 webapp/components/Editor/index.vue           | 138 +++++++++++++++----
 webapp/components/Editor/nodes/Mention.js    |   6 +-
 webapp/components/Editor/nodes/Tag.js        |  39 ++++++
 4 files changed, 185 insertions(+), 33 deletions(-)
 create mode 100644 webapp/components/Editor/nodes/Tag.js

diff --git a/webapp/components/ContributionForm/index.vue b/webapp/components/ContributionForm/index.vue
index 62c3650c8..3126fdc46 100644
--- a/webapp/components/ContributionForm/index.vue
+++ b/webapp/components/ContributionForm/index.vue
@@ -4,7 +4,12 @@
       <ds-card>
         <ds-input model="title" class="post-title" placeholder="Title" name="title" autofocus />
         <no-ssr>
-          <hc-editor :users="users" :value="form.content" @input="updateEditorContent" />
+          <hc-editor
+            :users="users"
+            :tags="tags"
+            :value="form.content"
+            @input="updateEditorContent"
+          />
         </no-ssr>
         <ds-space margin-bottom="xxx-large" />
         <ds-flex class="contribution-form-footer">
@@ -75,6 +80,7 @@ export default {
       disabled: false,
       slug: null,
       users: [],
+      tags: [],
     }
   },
   watch: {
@@ -148,17 +154,34 @@ export default {
   apollo: {
     User: {
       query() {
-        return gql(`{
-          User(orderBy: slug_asc) {
-            id
-            slug
+        return gql`
+          {
+            User(orderBy: slug_asc) {
+              id
+              slug
+            }
           }
-        }`)
+        `
       },
       result(result) {
         this.users = result.data.User
       },
     },
+    Tag: {
+      query() {
+        return gql`
+          {
+            Tag(orderBy: name_asc) {
+              id
+              name
+            }
+          }
+        `
+      },
+      result(result) {
+        this.tags = result.data.Tag
+      },
+    },
   },
 }
 </script>
diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index 0690b15bd..6307ff5ee 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -1,20 +1,30 @@
 <template>
   <div class="editor">
     <div v-show="showSuggestions" ref="suggestions" class="suggestion-list">
-      <template v-if="hasResults">
+      <template v-if="usersFilterHasResults">
         <div
           v-for="(user, index) in filteredUsers"
           :key="user.id"
           class="suggestion-list__item"
           :class="{ 'is-selected': navigatedUserIndex === index }"
-          @click="selectUser(user)"
+          @click="selectItem(user, 'mention')"
         >
           @{{ user.slug }}
         </div>
       </template>
-      <div v-else class="suggestion-list__item is-empty">
-        No users found
-      </div>
+      <div v-else class="suggestion-list__item is-empty">No users found</div>
+      <template v-if="tagsFilterHasResults">
+        <div
+          v-for="(tag, index) in filteredTags"
+          :key="tag.id"
+          class="suggestion-list__item"
+          :class="{ 'is-selected': navigatedUserIndex === index }"
+          @click="selectItem(tag, 'tag')"
+        >
+          #{{ tag.name }}
+        </div>
+      </template>
+      <div v-else class="suggestion-list__item is-empty">No users found</div>
     </div>
 
     <editor-menu-bubble :editor="editor">
@@ -175,6 +185,7 @@ import {
   History,
 } from 'tiptap-extensions'
 import Mention from './nodes/Mention.js'
+import Tag from './nodes/Tag.js'
 
 let throttleInputEvent
 
@@ -186,6 +197,7 @@ export default {
   },
   props: {
     users: { type: Array, default: () => [] },
+    tags: { type: Array, default: () => [] },
     value: { type: String, default: '' },
     doc: { type: Object, default: () => {} },
   },
@@ -250,17 +262,82 @@ export default {
             onKeyDown: ({ event }) => {
               // pressing up arrow
               if (event.keyCode === 38) {
-                this.upHandler()
+                this.upHandler(this.filteredUsers)
                 return true
               }
               // pressing down arrow
               if (event.keyCode === 40) {
-                this.downHandler()
+                this.downHandler(this.filteredUsers)
                 return true
               }
               // pressing enter
               if (event.keyCode === 13) {
-                this.enterHandler()
+                this.enterHandler(this.filteredUsers, 'mention')
+                return true
+              }
+              return false
+            },
+            // is called when a suggestion has changed
+            // this function is optional because there is basic filtering built-in
+            // you can overwrite it if you prefer your own filtering
+            // in this example we use fuse.js with support for fuzzy search
+            onFilter: (items, query) => {
+              if (!query) {
+                return items
+              }
+              const fuse = new Fuse(items, {
+                threshold: 0.2,
+                keys: ['slug'],
+              })
+              return fuse.search(query)
+            },
+          }),
+          new Tag({
+            items: () => {
+              return this.tags
+            },
+            onEnter: ({ items, query, range, command, virtualNode }) => {
+              this.query = query
+              this.filteredTags = items
+              this.suggestionRange = range
+              this.renderPopup(virtualNode)
+              // we save the command for inserting a selected mention
+              // this allows us to call it inside of our custom popup
+              // via keyboard navigation and on click
+              this.insertMention = command
+            },
+            // is called when a suggestion has changed
+            onChange: ({ items, query, range, virtualNode }) => {
+              this.query = query
+              this.filteredTags = items
+              this.suggestionRange = range
+              this.navigatedUserIndex = 0
+              this.renderPopup(virtualNode)
+            },
+            // is called when a suggestion is cancelled
+            onExit: () => {
+              // reset all saved values
+              this.query = null
+              this.filteredTags = []
+              this.suggestionRange = null
+              this.navigatedUserIndex = 0
+              this.destroyPopup()
+            },
+            // is called on every keyDown event while a suggestion is active
+            onKeyDown: ({ event }) => {
+              // pressing up arrow
+              if (event.keyCode === 38) {
+                this.upHandler(this.filteredTags)
+                return true
+              }
+              // pressing down arrow
+              if (event.keyCode === 40) {
+                this.downHandler(this.filteredTags)
+                return true
+              }
+              // pressing enter
+              if (event.keyCode === 13) {
+                this.enterHandler(this.filteredTags, 'tag')
                 return true
               }
               return false
@@ -291,17 +368,21 @@ export default {
       query: null,
       suggestionRange: null,
       filteredUsers: [],
+      filteredTags: [],
       navigatedUserIndex: 0,
       insertMention: () => {},
       observer: null,
     }
   },
   computed: {
-    hasResults() {
+    usersFilterHasResults() {
       return this.filteredUsers.length
     },
+    tagsFilterHasResults() {
+      return this.filteredTags.length
+    },
     showSuggestions() {
-      return this.query || this.hasResults
+      return this.query || this.usersFilterHasResults || this.tagsFilterHasResults
     },
   },
   watch: {
@@ -332,31 +413,40 @@ export default {
     },
     // navigate to the previous item
     // if it's the first item, navigate to the last one
-    upHandler() {
+    upHandler(filteredArray) {
       this.navigatedUserIndex =
-        (this.navigatedUserIndex + this.filteredUsers.length - 1) % this.filteredUsers.length
+        (this.navigatedUserIndex + this.filteredArray.length - 1) % this.filteredArray.length
     },
     // navigate to the next item
     // if it's the last item, navigate to the first one
-    downHandler() {
-      this.navigatedUserIndex = (this.navigatedUserIndex + 1) % this.filteredUsers.length
+    downHandler(filteredArray) {
+      this.navigatedUserIndex = (this.navigatedUserIndex + 1) % this.filteredArray.length
     },
-    enterHandler() {
-      const user = this.filteredUsers[this.navigatedUserIndex]
-      if (user) {
-        this.selectUser(user)
+    enterHandler(filteredArray, type) {
+      const item = this.filteredArray[this.navigatedUserIndex]
+      if (item) {
+        this.selectItem(item, type)
       }
     },
     // we have to replace our suggestion text with a mention
     // so it's important to pass also the position of your suggestion text
-    selectUser(user) {
+    selectItem(item, type) {
+      const typeAttrs = {
+        mention: {
+          // TODO: use router here
+          url: `/profile/${item.id}`,
+          label: item.slug,
+        },
+        tag: {
+          // TODO: Fill up with input tag in search field
+          url: ``,
+          // callBack: () => {},
+          label: item.name,
+        },
+      }
       this.insertMention({
         range: this.suggestionRange,
-        attrs: {
-          // TODO: use router here
-          url: `/profile/${user.id}`,
-          label: user.slug,
-        },
+        attrs: typeAttrs[type],
       })
       this.editor.focus()
     },
diff --git a/webapp/components/Editor/nodes/Mention.js b/webapp/components/Editor/nodes/Mention.js
index dc34a05ff..710ac13fd 100644
--- a/webapp/components/Editor/nodes/Mention.js
+++ b/webapp/components/Editor/nodes/Mention.js
@@ -19,9 +19,9 @@ export default class Mention extends TipTapMention {
         `${this.options.matcher.char}${node.attrs.label}`,
       ]
     }
-    patchedSchema.parseDOM = [
-      // this is not implemented
-    ]
+    // patchedSchema.parseDOM = [
+    //   // this is not implemented
+    // ]
     return patchedSchema
   }
 }
diff --git a/webapp/components/Editor/nodes/Tag.js b/webapp/components/Editor/nodes/Tag.js
new file mode 100644
index 000000000..f3fdd75e9
--- /dev/null
+++ b/webapp/components/Editor/nodes/Tag.js
@@ -0,0 +1,39 @@
+import { Mention as TipTapMention } from 'tiptap-extensions'
+
+export default class Tag extends TipTapMention {
+  get defaultOptions() {
+    return {
+      matcher: {
+        char: '#',
+        allowSpaces: false,
+        startOfLine: false,
+      },
+      mentionClass: 'tag',
+      suggestionClass: 'tag-suggestion',
+    }
+  }
+
+  get schema() {
+    const patchedSchema = super.schema
+
+    patchedSchema.attrs = {
+      url: {},
+      label: {},
+    }
+    patchedSchema.toDOM = node => {
+      return [
+        'a',
+        {
+          class: this.options.mentionClass,
+          href: node.attrs.url,
+          target: '_blank',
+        },
+        `${this.options.matcher.char}${node.attrs.label}`,
+      ]
+    }
+    // patchedSchema.parseDOM = [
+    //   // this is not implemented
+    // ]
+    return patchedSchema
+  }
+}

From 0da7b906bde543bc5552fbca27ac6bac2fe0419d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 21:11:10 +0200
Subject: [PATCH 34/89] Start with verify code component

---
 .../components/PasswordReset/VerifyCode.vue   | 26 ++++++++++++++++---
 webapp/locales/de.json                        |  3 ++-
 webapp/locales/en.json                        |  4 ++-
 3 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index d6bea39df..73bcfa6cd 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -1,9 +1,29 @@
 <template>
   <ds-card class="verify-code">
     <ds-space margin="large">
-      <h1>
-        {{ $t('verify-code.form.description') }}
-      </h1>
+      <ds-form v-model="formData" :schema="formSchema" @submit="handleSubmit">
+        <ds-input
+          :placeholder="$t('verify-code.form.input')"
+          model="token"
+          name="token"
+          icon="question-circle"
+        />
+        <ds-space margin-botton="large">
+          <ds-text>
+            {{ $t('verify-code.form.description') }}
+          </ds-text>
+        </ds-space>
+        <ds-button
+          :disabled="disabled"
+          :loading="$apollo.loading"
+          primary
+          fullwidth
+          name="submit"
+          type="submit"
+        >
+          {{ $t('verify-code.form.submit') }}
+        </ds-button>
+      </ds-form>
     </ds-space>
   </ds-card>
 </template>
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 5e2be98f8..dece0fcff 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -24,7 +24,8 @@
   },
   "verify-code": {
     "form": {
-      "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben."
+      "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
+      "submit": "Sicherheitscode überprüfen"
     }
   },
   "editor": {
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index d7caa3cfb..d18603278 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -24,7 +24,9 @@
   },
   "verify-code": {
     "form": {
-      "description": "Open your inbox and enter the code that we've sent to you."
+      "input": "Enter your code",
+      "description": "Open your inbox and enter the code that we've sent to you.",
+      "submit": "Check security code"
     }
   },
   "editor": {

From 21506335b551685d485a6450c45f429187637a7a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Mon, 17 Jun 2019 22:51:07 +0200
Subject: [PATCH 35/89] Add validations for the code

---
 .../PasswordReset/PasswordReset.vue           |  2 +-
 .../components/PasswordReset/VerifyCode.vue   | 25 +++++++++++++++++--
 webapp/locales/de.json                        |  6 ++++-
 webapp/locales/en.json                        |  5 +++-
 4 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/PasswordReset.vue
index e34efc070..e7d3a5f65 100644
--- a/webapp/components/PasswordReset/PasswordReset.vue
+++ b/webapp/components/PasswordReset/PasswordReset.vue
@@ -63,7 +63,7 @@ export default {
         email: {
           type: 'email',
           required: true,
-          message: this.$t('common.validations.email'),
+          message: this.$t('password-reset.form.validations.email'),
         },
       },
       disabled: true,
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 73bcfa6cd..7df5395f0 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -4,8 +4,8 @@
       <ds-form v-model="formData" :schema="formSchema" @submit="handleSubmit">
         <ds-input
           :placeholder="$t('verify-code.form.input')"
-          model="token"
-          name="token"
+          model="code"
+          name="code"
           icon="question-circle"
         />
         <ds-space margin-botton="large">
@@ -27,3 +27,24 @@
     </ds-space>
   </ds-card>
 </template>
+
+<script>
+export default {
+  data() {
+    return {
+      formData: {
+        code: '',
+      },
+      formSchema: {
+        code: {
+          type: 'string',
+          min: 6,
+          max: 6,
+          required: true,
+          message: this.$t('verify-code.form.validations.code'),
+        },
+      },
+    }
+  },
+}
+</script>
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index dece0fcff..3610ff68b 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -24,8 +24,12 @@
   },
   "verify-code": {
     "form": {
+      "input": "Code eingeben",
       "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
-      "submit": "Sicherheitscode überprüfen"
+      "submit": "Sicherheitscode überprüfen",
+      "validations": {
+        "code": "muss genau 6 Buchstaben lang sein"
+      }
     }
   },
   "editor": {
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index d18603278..225c26391 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -26,7 +26,10 @@
     "form": {
       "input": "Enter your code",
       "description": "Open your inbox and enter the code that we've sent to you.",
-      "submit": "Check security code"
+      "submit": "Check security code",
+      "validations": {
+        "code": "must be 6 characters long"
+      }
     }
   },
   "editor": {

From eadfbe6190d387abac27375f12701ee06a2af674 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Mon, 17 Jun 2019 21:17:00 +0000
Subject: [PATCH 36/89] Bump apollo-link-http from 1.5.14 to 1.5.15 in /backend

Bumps [apollo-link-http](https://github.com/apollographql/apollo-link) from 1.5.14 to 1.5.15.
- [Release notes](https://github.com/apollographql/apollo-link/releases)
- [Changelog](https://github.com/apollographql/apollo-link/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-link/compare/apollo-link-http@1.5.14...apollo-link-http@1.5.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 33 +++++++++++++--------------------
 2 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index c6736e02b..ca6868036 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -46,7 +46,7 @@
     "apollo-cache-inmemory": "~1.6.2",
     "apollo-client": "~2.6.2",
     "apollo-link-context": "~1.0.18",
-    "apollo-link-http": "~1.5.14",
+    "apollo-link-http": "~1.5.15",
     "apollo-server": "~2.6.3",
     "bcryptjs": "~2.4.3",
     "cheerio": "~1.0.0-rc.3",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d213dc7d1..bc1e958ff 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1396,25 +1396,25 @@ apollo-link-context@~1.0.18:
     apollo-link "^1.2.12"
     tslib "^1.9.3"
 
-apollo-link-http-common@^0.2.13:
-  version "0.2.13"
-  resolved "https://registry.yarnpkg.com/apollo-link-http-common/-/apollo-link-http-common-0.2.13.tgz#c688f6baaffdc7b269b2db7ae89dae7c58b5b350"
-  integrity sha512-Uyg1ECQpTTA691Fwx5e6Rc/6CPSu4TB4pQRTGIpwZ4l5JDOQ+812Wvi/e3IInmzOZpwx5YrrOfXrtN8BrsDXoA==
+apollo-link-http-common@^0.2.14:
+  version "0.2.14"
+  resolved "https://registry.yarnpkg.com/apollo-link-http-common/-/apollo-link-http-common-0.2.14.tgz#d3a195c12e00f4e311c417f121181dcc31f7d0c8"
+  integrity sha512-v6mRU1oN6XuX8beVIRB6OpF4q1ULhSnmy7ScnHnuo1qV6GaFmDcbdvXqxIkAV1Q8SQCo2lsv4HeqJOWhFfApOg==
   dependencies:
-    apollo-link "^1.2.11"
-    ts-invariant "^0.3.2"
+    apollo-link "^1.2.12"
+    ts-invariant "^0.4.0"
     tslib "^1.9.3"
 
-apollo-link-http@~1.5.14:
-  version "1.5.14"
-  resolved "https://registry.yarnpkg.com/apollo-link-http/-/apollo-link-http-1.5.14.tgz#ed6292248d1819ccd16523e346d35203a1b31109"
-  integrity sha512-XEoPXmGpxFG3wioovgAlPXIarWaW4oWzt8YzjTYZ87R4R7d1A3wKR/KcvkdMV1m5G7YSAHcNkDLe/8hF2nH6cg==
+apollo-link-http@~1.5.15:
+  version "1.5.15"
+  resolved "https://registry.yarnpkg.com/apollo-link-http/-/apollo-link-http-1.5.15.tgz#106ab23bb8997bd55965d05855736d33119652cf"
+  integrity sha512-epZFhCKDjD7+oNTVK3P39pqWGn4LEhShAoA1Q9e2tDrBjItNfviiE33RmcLcCURDYyW5JA6SMgdODNI4Is8tvQ==
   dependencies:
-    apollo-link "^1.2.11"
-    apollo-link-http-common "^0.2.13"
+    apollo-link "^1.2.12"
+    apollo-link-http-common "^0.2.14"
     tslib "^1.9.3"
 
-apollo-link@^1.0.0, apollo-link@^1.2.11, apollo-link@^1.2.12, apollo-link@^1.2.3:
+apollo-link@^1.0.0, apollo-link@^1.2.12, apollo-link@^1.2.3:
   version "1.2.12"
   resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.12.tgz#014b514fba95f1945c38ad4c216f31bcfee68429"
   integrity sha512-fsgIAXPKThyMVEMWQsUN22AoQI+J/pVXcjRGAShtk97h7D8O+SPskFinCGEkxPeQpE83uKaqafB2IyWdjN+J3Q==
@@ -7543,13 +7543,6 @@ trunc-text@1.0.1:
   resolved "https://registry.yarnpkg.com/trunc-text/-/trunc-text-1.0.1.tgz#58f876d8ac59b224b79834bb478b8656e69622b5"
   integrity sha1-WPh22KxZsiS3mDS7R4uGVuaWIrU=
 
-ts-invariant@^0.3.2:
-  version "0.3.2"
-  resolved "https://registry.yarnpkg.com/ts-invariant/-/ts-invariant-0.3.2.tgz#89a2ffeb70879b777258df1df1c59383c35209b0"
-  integrity sha512-QsY8BCaRnHiB5T6iE4DPlJMAKEG3gzMiUco9FEt1jUXQf0XP6zi0idT0i0rMTu8A326JqNSDsmlkA9dRSh1TRg==
-  dependencies:
-    tslib "^1.9.3"
-
 ts-invariant@^0.4.0:
   version "0.4.2"
   resolved "https://registry.yarnpkg.com/ts-invariant/-/ts-invariant-0.4.2.tgz#8685131b8083e67c66d602540e78763408be9113"

From 994eecd2c246abc256920896ccfc89bcd62dbec8 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Tue, 18 Jun 2019 05:04:09 +0000
Subject: [PATCH 37/89] Bump babel-eslint from 10.0.1 to 10.0.2 in /backend

Bumps [babel-eslint](https://github.com/babel/babel-eslint) from 10.0.1 to 10.0.2.
- [Release notes](https://github.com/babel/babel-eslint/releases)
- [Commits](https://github.com/babel/babel-eslint/compare/v10.0.1...v10.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index ca6868036..e448310d4 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -89,7 +89,7 @@
     "@babel/register": "~7.4.4",
     "apollo-server-testing": "~2.6.3",
     "babel-core": "~7.0.0-0",
-    "babel-eslint": "~10.0.1",
+    "babel-eslint": "~10.0.2",
     "babel-jest": "~24.8.0",
     "chai": "~4.2.0",
     "cucumber": "~5.1.0",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index bc1e958ff..e044ecc1f 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1790,10 +1790,10 @@ babel-core@~7.0.0-0:
   resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-7.0.0-bridge.0.tgz#95a492ddd90f9b4e9a4a1da14eb335b87b634ece"
   integrity sha512-poPX9mZH/5CSanm50Q+1toVci6pv5KSRv/5TWCwtzQS5XEwn40BcCrgIeMFWP9CKKIniKXNxoIOnOq4VVlGXhg==
 
-babel-eslint@~10.0.1:
-  version "10.0.1"
-  resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-10.0.1.tgz#919681dc099614cd7d31d45c8908695092a1faed"
-  integrity sha512-z7OT1iNV+TjOwHNLLyJk+HN+YVWX+CLE6fPD2SymJZOZQBs+QIexFjhm4keGTm8MW9xr4EC9Q0PbaLB24V5GoQ==
+babel-eslint@~10.0.2:
+  version "10.0.2"
+  resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-10.0.2.tgz#182d5ac204579ff0881684b040560fdcc1558456"
+  integrity sha512-UdsurWPtgiPgpJ06ryUnuaSXC2s0WoSZnQmEpbAH65XZSdwowgN5MvyP7e88nW07FYXv72erVtpBkxyDVKhH1Q==
   dependencies:
     "@babel/code-frame" "^7.0.0"
     "@babel/parser" "^7.0.0"

From ef5a20b3df9e51e60beeba43b14c05040d92974d Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Tue, 18 Jun 2019 05:06:24 +0000
Subject: [PATCH 38/89] Bump babel-eslint from 10.0.1 to 10.0.2 in /webapp

Bumps [babel-eslint](https://github.com/babel/babel-eslint) from 10.0.1 to 10.0.2.
- [Release notes](https://github.com/babel/babel-eslint/releases)
- [Commits](https://github.com/babel/babel-eslint/compare/v10.0.1...v10.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index a3d8c6dda..5340149df 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -87,7 +87,7 @@
     "@vue/server-test-utils": "~1.0.0-beta.29",
     "@vue/test-utils": "~1.0.0-beta.29",
     "babel-core": "~7.0.0-bridge.0",
-    "babel-eslint": "~10.0.1",
+    "babel-eslint": "~10.0.2",
     "babel-jest": "~24.8.0",
     "eslint": "~5.16.0",
     "eslint-config-prettier": "~5.0.0",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index 80d519770..262c58021 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -2310,10 +2310,10 @@ babel-core@~7.0.0-bridge.0:
   resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-7.0.0-bridge.0.tgz#95a492ddd90f9b4e9a4a1da14eb335b87b634ece"
   integrity sha512-poPX9mZH/5CSanm50Q+1toVci6pv5KSRv/5TWCwtzQS5XEwn40BcCrgIeMFWP9CKKIniKXNxoIOnOq4VVlGXhg==
 
-babel-eslint@~10.0.1:
-  version "10.0.1"
-  resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-10.0.1.tgz#919681dc099614cd7d31d45c8908695092a1faed"
-  integrity sha512-z7OT1iNV+TjOwHNLLyJk+HN+YVWX+CLE6fPD2SymJZOZQBs+QIexFjhm4keGTm8MW9xr4EC9Q0PbaLB24V5GoQ==
+babel-eslint@~10.0.2:
+  version "10.0.2"
+  resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-10.0.2.tgz#182d5ac204579ff0881684b040560fdcc1558456"
+  integrity sha512-UdsurWPtgiPgpJ06ryUnuaSXC2s0WoSZnQmEpbAH65XZSdwowgN5MvyP7e88nW07FYXv72erVtpBkxyDVKhH1Q==
   dependencies:
     "@babel/code-frame" "^7.0.0"
     "@babel/parser" "^7.0.0"

From 0a66ad56d949cc8596eb02901c305faad14ef3db Mon Sep 17 00:00:00 2001
From: senderfm <dev@sender.fm>
Date: Tue, 18 Jun 2019 09:58:29 +0200
Subject: [PATCH 39/89] Fix Specs, lint, fix test

---
 .../comments/CommentList/CommentList.spec.js          |  2 +-
 webapp/components/comments/CommentList/index.vue      |  4 ++--
 webapp/pages/post/_id.vue                             | 11 +++++++++++
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/webapp/components/comments/CommentList/CommentList.spec.js b/webapp/components/comments/CommentList/CommentList.spec.js
index b15e4f7d6..503c0fe6d 100644
--- a/webapp/components/comments/CommentList/CommentList.spec.js
+++ b/webapp/components/comments/CommentList/CommentList.spec.js
@@ -86,7 +86,7 @@ describe('CommentList.vue', () => {
     })
 
     it('displays comments when there are comments to display', () => {
-      expect(wrapper.find('div#comments').text()).toEqual('this is a comment')
+      expect(wrapper.find('div.comments').text()).toEqual('this is a comment')
     })
 
     it("refetches a post's comments from the backend", () => {
diff --git a/webapp/components/comments/CommentList/index.vue b/webapp/components/comments/CommentList/index.vue
index c70c00c85..26118e745 100644
--- a/webapp/components/comments/CommentList/index.vue
+++ b/webapp/components/comments/CommentList/index.vue
@@ -1,5 +1,5 @@
 <template>
-  <div>
+  <div id="comments">
     <h3 style="margin-top: -10px;">
       <span>
         <ds-icon name="comments" />
@@ -16,7 +16,7 @@
       </span>
     </h3>
     <ds-space margin-bottom="large" />
-    <div v-if="comments && comments.length" id="comments" class="comments">
+    <div v-if="comments && comments.length" class="comments">
       <comment
         v-for="(comment, index) in comments"
         :key="comment.id"
diff --git a/webapp/pages/post/_id.vue b/webapp/pages/post/_id.vue
index a02afd3b9..3f8d93868 100644
--- a/webapp/pages/post/_id.vue
+++ b/webapp/pages/post/_id.vue
@@ -77,6 +77,17 @@ export default {
       ]
     },
   },
+  watch: {
+    $route(to, from) {
+      if (to.hash === '#comments') {
+        window.scroll({
+          top: document.getElementById('comments').offsetTop,
+          left: 0,
+          behavior: 'smooth',
+        })
+      }
+    },
+  },
 }
 </script>
 

From 8484704460788ee66e555b99670774c7374892f0 Mon Sep 17 00:00:00 2001
From: senderfm <dev@sender.fm>
Date: Tue, 18 Jun 2019 10:49:20 +0200
Subject: [PATCH 40/89] Fix a text description for the filter bubble

---
 webapp/components/FilterMenu/FilterMenu.vue | 9 ++++++---
 webapp/locales/de.json                      | 4 ++++
 webapp/locales/en.json                      | 3 +++
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/webapp/components/FilterMenu/FilterMenu.vue b/webapp/components/FilterMenu/FilterMenu.vue
index 70dd3c236..16009b6eb 100644
--- a/webapp/components/FilterMenu/FilterMenu.vue
+++ b/webapp/components/FilterMenu/FilterMenu.vue
@@ -2,13 +2,16 @@
   <ds-card>
     <ds-flex>
       <ds-flex-item class="filter-menu-title">
-        <ds-heading size="h3">
-          {{ $t('filter-menu.title') }}
-        </ds-heading>
+        <ds-heading size="h3">{{ $t('filter-menu.title') }}</ds-heading>
       </ds-flex-item>
       <ds-flex-item>
         <div class="filter-menu-buttons">
           <ds-button
+            v-tooltip="{
+              content: this.$t('contribution.filterFollow'),
+              placement: 'left',
+              delay: { show: 500 },
+            }"
             name="filter-by-followed-authors-only"
             icon="user-plus"
             :primary="!!filterAuthorIsFollowedById"
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index efe05a472..93e9702c0 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -303,7 +303,11 @@
     }
   },
   "contribution": {
+    "newPost": "Erstelle einen neuen Beitrag",
+    "filterFollow": "Beiträge filtern von Usern denen ich folge",
+    "filterALL": "Alle Beiträge anzeigen",
     "success": "Gespeichert!",
     "languageSelectLabel": "Sprache"
   }
+
 }
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 4fdcadedb..6b6bee1c3 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -302,6 +302,9 @@
     }
   },
   "contribution": {
+    "newPost": "Create a new Post",
+    "filterFollow": "Filter contributions from users I follow",
+    "filterALL": "View all contributions",
     "success": "Saved!",
     "languageSelectLabel": "Language"
   }

From 8fc74b9e14c2fea130865c14a246f7cd4032eff7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 12:09:06 +0200
Subject: [PATCH 41/89] Put validation error translations together

---
 webapp/components/PasswordReset/PasswordReset.vue | 2 +-
 webapp/components/PasswordReset/VerifyCode.vue    | 2 +-
 webapp/locales/de.json                            | 8 +++-----
 webapp/locales/en.json                            | 8 +++-----
 4 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/PasswordReset.vue
index e7d3a5f65..e34efc070 100644
--- a/webapp/components/PasswordReset/PasswordReset.vue
+++ b/webapp/components/PasswordReset/PasswordReset.vue
@@ -63,7 +63,7 @@ export default {
         email: {
           type: 'email',
           required: true,
-          message: this.$t('password-reset.form.validations.email'),
+          message: this.$t('common.validations.email'),
         },
       },
       disabled: true,
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 7df5395f0..13415a5fa 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -41,7 +41,7 @@ export default {
           min: 6,
           max: 6,
           required: true,
-          message: this.$t('verify-code.form.validations.code'),
+          message: this.$t('common.validations.verification-code'),
         },
       },
     }
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 3610ff68b..2c5f9a07e 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -26,10 +26,7 @@
     "form": {
       "input": "Code eingeben",
       "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
-      "submit": "Sicherheitscode überprüfen",
-      "validations": {
-        "code": "muss genau 6 Buchstaben lang sein"
-      }
+      "submit": "Sicherheitscode überprüfen"
     }
   },
   "editor": {
@@ -214,7 +211,8 @@
     "loading": "wird geladen",
     "reportContent": "Melden",
     "validations": {
-      "email": "muss eine gültige E-Mail Adresse sein"
+      "email": "muss eine gültige E-Mail Adresse sein",
+      "verification-code": "muss genau 6 Buchstaben lang sein"
     }
   },
   "actions": {
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 225c26391..44d1153da 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -26,10 +26,7 @@
     "form": {
       "input": "Enter your code",
       "description": "Open your inbox and enter the code that we've sent to you.",
-      "submit": "Check security code",
-      "validations": {
-        "code": "must be 6 characters long"
-      }
+      "submit": "Check security code"
     }
   },
   "editor": {
@@ -214,7 +211,8 @@
     "loading": "loading",
     "reportContent": "Report",
     "validations": {
-      "email": "must be a valid email address"
+      "email": "must be a valid email address",
+      "verification-code": "must be 6 characters long"
     }
   },
   "actions": {

From de40499007529de22b8e8c756b8fa04a3f2e521d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 12:41:58 +0200
Subject: [PATCH 42/89] Move to next step after verify code

---
 webapp/components/PasswordReset/VerifyCode.spec.js | 11 ++++++++++-
 webapp/components/PasswordReset/VerifyCode.vue     | 10 +++++++++-
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 92d6f8d07..3904f62f2 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -39,7 +39,16 @@ describe('VerifyCode ', () => {
     })
 
     describe('after verification code given', () => {
-      it.todo('displays a form to update your password')
+      beforeEach(() => {
+        wrapper = Wrapper()
+        wrapper.find('input').setValue('123456')
+        wrapper.find('form').trigger('submit')
+      })
+
+      it('displays a form to update your password', () => {
+        expect(wrapper.find('.change-password').exists()).toBe(true)
+      })
+
       describe('submitting new password', () => {
         it.todo('calls resetPassword graphql mutation')
         it.todo('delivers new password to backend')
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 13415a5fa..3defca13d 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -1,7 +1,7 @@
 <template>
   <ds-card class="verify-code">
     <ds-space margin="large">
-      <ds-form v-model="formData" :schema="formSchema" @submit="handleSubmit">
+      <ds-form v-if="!codeSubmitted" v-model="formData" :schema="formSchema" @submit="handleSubmit">
         <ds-input
           :placeholder="$t('verify-code.form.input')"
           model="code"
@@ -24,11 +24,13 @@
           {{ $t('verify-code.form.submit') }}
         </ds-button>
       </ds-form>
+      <div v-else class="change-password" />
     </ds-space>
   </ds-card>
 </template>
 
 <script>
+
 export default {
   data() {
     return {
@@ -44,7 +46,13 @@ export default {
           message: this.$t('common.validations.verification-code'),
         },
       },
+      codeSubmitted: false
     }
   },
+  methods: {
+    handleSubmit(){
+      this.codeSubmitted = true
+    }
+  }
 }
 </script>

From 5a781b0bc6c494509174c696cd233ae462aeb49d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 12:58:43 +0200
Subject: [PATCH 43/89] Copy+Paste code form Password/Change, DRY later

---
 .../components/PasswordReset/VerifyCode.vue   | 122 ++++++++++++++----
 1 file changed, 97 insertions(+), 25 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 3defca13d..bd214bbef 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -1,7 +1,14 @@
 <template>
   <ds-card class="verify-code">
     <ds-space margin="large">
-      <ds-form v-if="!codeSubmitted" v-model="formData" :schema="formSchema" @submit="handleSubmit">
+      <ds-form
+        v-if="!codeSubmitted"
+        v-model="verification.formData"
+        :schema="verification.formSchema"
+        @submit="handleSubmitVerify"
+        @input="handleInput"
+        @input-valid="handleInputValid"
+      >
         <ds-input
           :placeholder="$t('verify-code.form.input')"
           model="code"
@@ -13,46 +20,111 @@
             {{ $t('verify-code.form.description') }}
           </ds-text>
         </ds-space>
-        <ds-button
-          :disabled="disabled"
-          :loading="$apollo.loading"
-          primary
-          fullwidth
-          name="submit"
-          type="submit"
-        >
+        <ds-button :disabled="disabled" primary fullwidth name="submit" type="submit">
           {{ $t('verify-code.form.submit') }}
         </ds-button>
       </ds-form>
-      <div v-else class="change-password" />
+      <ds-form
+        v-else
+        v-model="password.formData"
+        :schema="password.formSchema"
+        @submit="handleSubmitPassword"
+        @input="handleInput"
+        @input-valid="handleInputValid"
+        class="change-password"
+      >
+        <ds-input
+          id="newPassword"
+          model="newPassword"
+          type="password"
+          :label="$t('settings.security.change-password.label-new-password')"
+        />
+        <ds-input
+          id="confirmPassword"
+          model="confirmPassword"
+          type="password"
+          :label="$t('settings.security.change-password.label-new-password-confirm')"
+        />
+        <password-strength :password="password.formData.newPassword" />
+        <ds-space margin-top="base">
+          <ds-button :loading="$apollo.loading" :disabled="disabled" primary>
+            {{ $t('settings.security.change-password.button') }}
+          </ds-button>
+        </ds-space>
+      </ds-form>
     </ds-space>
   </ds-card>
 </template>
 
 <script>
-
+import PasswordStrength from '../Password/Strength'
 export default {
+  components: {
+    PasswordStrength,
+  },
   data() {
     return {
-      formData: {
-        code: '',
-      },
-      formSchema: {
-        code: {
-          type: 'string',
-          min: 6,
-          max: 6,
-          required: true,
-          message: this.$t('common.validations.verification-code'),
+      verification: {
+        formData: {
+          code: '',
+        },
+        formSchema: {
+          code: {
+            type: 'string',
+            min: 6,
+            max: 6,
+            required: true,
+            message: this.$t('common.validations.verification-code'),
+          },
         },
       },
-      codeSubmitted: false
+      password: {
+        formData: {
+          newPassword: '',
+          confirmPassword: '',
+        },
+        formSchema: {
+          newPassword: {
+            type: 'string',
+            required: true,
+            message: this.$t('settings.security.change-password.message-new-password-required'),
+          },
+          confirmPassword: [
+            { validator: this.matchPassword },
+            {
+              type: 'string',
+              required: true,
+              message: this.$t(
+                'settings.security.change-password.message-new-password-confirm-required',
+              ),
+            },
+          ],
+        },
+      },
+      codeSubmitted: false,
+      disabled: true,
     }
   },
   methods: {
-    handleSubmit(){
+    async handleInput(data) {
+      this.disabled = true
+    },
+    async handleInputValid(data) {
+      this.disabled = false
+    },
+    handleSubmitVerify() {
       this.codeSubmitted = true
-    }
-  }
+    },
+    handleSubmitPassword() {},
+    matchPassword(rule, value, callback, source, options) {
+      var errors = []
+      if (this.password.formData.newPassword !== value) {
+        errors.push(
+          new Error(this.$t('settings.security.change-password.message-new-password-missmatch')),
+        )
+      }
+      callback(errors)
+    },
+  },
 }
 </script>

From a641ab68840da4b6c2f848f2ba1f6664a4eb3b30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 13:01:19 +0200
Subject: [PATCH 44/89] Turn off autocomplete for all password fields

---
 webapp/components/Password/Change.vue          | 3 +++
 webapp/components/PasswordReset/VerifyCode.vue | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/webapp/components/Password/Change.vue b/webapp/components/Password/Change.vue
index 95da2a7be..63c797157 100644
--- a/webapp/components/Password/Change.vue
+++ b/webapp/components/Password/Change.vue
@@ -11,18 +11,21 @@
         id="oldPassword"
         model="oldPassword"
         type="password"
+        autocomplete="off"
         :label="$t('settings.security.change-password.label-old-password')"
       />
       <ds-input
         id="newPassword"
         model="newPassword"
         type="password"
+        autocomplete="off"
         :label="$t('settings.security.change-password.label-new-password')"
       />
       <ds-input
         id="confirmPassword"
         model="confirmPassword"
         type="password"
+        autocomplete="off"
         :label="$t('settings.security.change-password.label-new-password-confirm')"
       />
       <password-strength :password="formData.newPassword" />
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index bd214bbef..6e8f116ed 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -37,12 +37,14 @@
           id="newPassword"
           model="newPassword"
           type="password"
+          autocomplete="off"
           :label="$t('settings.security.change-password.label-new-password')"
         />
         <ds-input
           id="confirmPassword"
           model="confirmPassword"
           type="password"
+          autocomplete="off"
           :label="$t('settings.security.change-password.label-new-password-confirm')"
         />
         <password-strength :password="password.formData.newPassword" />

From 288e5002fd4dd21b98993a8fffd76f77e0fbf485 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 13:13:13 +0200
Subject: [PATCH 45/89] Flesh out VerifyCode.spec.js

---
 .../PasswordReset/VerifyCode.spec.js          | 26 ++++++++++++++++---
 webapp/locales/de.json                        |  6 ++++-
 webapp/locales/en.json                        |  6 ++++-
 3 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 3904f62f2..63e8ce2b3 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -20,7 +20,7 @@ describe('VerifyCode ', () => {
       $t: jest.fn(),
       $apollo: {
         loading: false,
-        mutate: jest.fn().mockResolvedValue({ data: { resetPassword: false } }),
+        mutate: jest.fn().mockResolvedValue({ data: { resetPassword: true } }),
       },
     }
   })
@@ -50,9 +50,27 @@ describe('VerifyCode ', () => {
       })
 
       describe('submitting new password', () => {
-        it.todo('calls resetPassword graphql mutation')
-        it.todo('delivers new password to backend')
-        it.todo('displays success message')
+        beforeEach(() => {
+          wrapper.find('input#newPassword').setValue('supersecret')
+          wrapper.find('input#confirmPassword').setValue('supersecret')
+          wrapper.find('form').trigger('submit')
+        })
+
+        it('calls resetPassword graphql mutation', () => {
+          expect(mocks.$apollo.mutate).toHaveBeenCalled()
+        })
+
+        it('delivers new password to backend', () => {
+          const expected = expect.objectContaining({ variables: { newPassword: 'supersecret' } })
+          expect(mocks.$apollo.mutate).toHaveBeenCalledWith(expected)
+        })
+
+        describe('password reset successful', () => {
+          it('displays success message', () => {
+            const expected = 'verify-code.change-password.sucess'
+            expect(mocks.$t).toHaveBeenCalledWith(expected)
+          })
+        })
       })
     })
   })
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 2c5f9a07e..cd04befe0 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -26,7 +26,11 @@
     "form": {
       "input": "Code eingeben",
       "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
-      "submit": "Sicherheitscode überprüfen"
+      "submit": "Sicherheitscode überprüfen",
+      "change-password":{
+        "success": "Änderung des Passworts war erfolgreich",
+        "failure": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode."
+      }
     }
   },
   "editor": {
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 44d1153da..b0dcc0f03 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -26,7 +26,11 @@
     "form": {
       "input": "Enter your code",
       "description": "Open your inbox and enter the code that we've sent to you.",
-      "submit": "Check security code"
+      "submit": "Check security code",
+      "change-password": {
+        "success": "Changing your password was successful",
+        "failure": "Changing your password failed. Probably the security code was not correct"
+      }
     }
   },
   "editor": {

From 559210d204bb2be26bed55aad00395160a7e65bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 13:23:37 +0200
Subject: [PATCH 46/89] Oh, forgot, you have to add the email again

Well, this is not good practice. If an attacker has access to the
mailbox then she knows also the email account as well. It's better to
ask the user for the unique username, e.g. `@username`.

https://stackoverflow.com/a/16018373
---
 .../PasswordReset/VerifyCode.spec.js          |  3 ++-
 .../components/PasswordReset/VerifyCode.vue   | 22 +++++++++++++++----
 webapp/locales/de.json                        |  2 +-
 webapp/locales/en.json                        |  2 +-
 4 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 63e8ce2b3..0d198721b 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -41,7 +41,8 @@ describe('VerifyCode ', () => {
     describe('after verification code given', () => {
       beforeEach(() => {
         wrapper = Wrapper()
-        wrapper.find('input').setValue('123456')
+        wrapper.find('input#email').setValue('mail@example.org')
+        wrapper.find('input#code').setValue('123456')
         wrapper.find('form').trigger('submit')
       })
 
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 6e8f116ed..67a164ba6 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -2,7 +2,7 @@
   <ds-card class="verify-code">
     <ds-space margin="large">
       <ds-form
-        v-if="!codeSubmitted"
+        v-if="!verificationSubmitted"
         v-model="verification.formData"
         :schema="verification.formSchema"
         @submit="handleSubmitVerify"
@@ -10,9 +10,17 @@
         @input-valid="handleInputValid"
       >
         <ds-input
-          :placeholder="$t('verify-code.form.input')"
+          :placeholder="$t('login.email')"
+          model="email"
+          id="email"
+          name="email"
+          icon="envelope"
+        />
+        <ds-input
+          :placeholder="$t('verify-code.form.code')"
           model="code"
           name="code"
+          id="code"
           icon="question-circle"
         />
         <ds-space margin-botton="large">
@@ -68,9 +76,15 @@ export default {
     return {
       verification: {
         formData: {
+          email: '',
           code: '',
         },
         formSchema: {
+          email: {
+            type: 'email',
+            required: true,
+            message: this.$t('common.validations.email'),
+          },
           code: {
             type: 'string',
             min: 6,
@@ -103,7 +117,7 @@ export default {
           ],
         },
       },
-      codeSubmitted: false,
+      verificationSubmitted: false,
       disabled: true,
     }
   },
@@ -115,7 +129,7 @@ export default {
       this.disabled = false
     },
     handleSubmitVerify() {
-      this.codeSubmitted = true
+      this.verificationSubmitted = true
     },
     handleSubmitPassword() {},
     matchPassword(rule, value, callback, source, options) {
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index cd04befe0..502f72607 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -24,7 +24,7 @@
   },
   "verify-code": {
     "form": {
-      "input": "Code eingeben",
+      "code": "Code eingeben",
       "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
       "submit": "Sicherheitscode überprüfen",
       "change-password":{
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index b0dcc0f03..2aac32ca6 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -24,7 +24,7 @@
   },
   "verify-code": {
     "form": {
-      "input": "Enter your code",
+      "code": "Enter your code",
       "description": "Open your inbox and enter the code that we've sent to you.",
       "submit": "Check security code",
       "change-password": {

From 3948cb8ace7f426840807f99b932a28b6dceb394 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 13:48:30 +0200
Subject: [PATCH 47/89] VerifyCode.spec passes

---
 .../PasswordReset/VerifyCode.spec.js          |  16 ++-
 .../components/PasswordReset/VerifyCode.vue   | 107 ++++++++++++------
 webapp/locales/de.json                        |   2 +-
 webapp/locales/en.json                        |   2 +-
 4 files changed, 90 insertions(+), 37 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 0d198721b..217c58ce9 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -26,6 +26,8 @@ describe('VerifyCode ', () => {
   })
 
   describe('mount', () => {
+    beforeEach(jest.useFakeTimers)
+
     Wrapper = () => {
       return mount(VerifyCode, {
         mocks,
@@ -62,15 +64,25 @@ describe('VerifyCode ', () => {
         })
 
         it('delivers new password to backend', () => {
-          const expected = expect.objectContaining({ variables: { newPassword: 'supersecret' } })
+          const expected = expect.objectContaining({
+            variables: { token: '123456', email: 'mail@example.org', newPassword: 'supersecret' },
+          })
           expect(mocks.$apollo.mutate).toHaveBeenCalledWith(expected)
         })
 
         describe('password reset successful', () => {
           it('displays success message', () => {
-            const expected = 'verify-code.change-password.sucess'
+            const expected = 'verify-code.form.change-password.success'
             expect(mocks.$t).toHaveBeenCalledWith(expected)
           })
+
+          describe('after animation', () => {
+            beforeEach(jest.runAllTimers)
+
+            it('emits `change-password-sucess`', () => {
+              expect(wrapper.emitted('change-password-result')).toEqual([['success']])
+            })
+          })
         })
       })
     })
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 67a164ba6..49f951324 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -32,42 +32,49 @@
           {{ $t('verify-code.form.submit') }}
         </ds-button>
       </ds-form>
-      <ds-form
-        v-else
-        v-model="password.formData"
-        :schema="password.formSchema"
-        @submit="handleSubmitPassword"
-        @input="handleInput"
-        @input-valid="handleInputValid"
-        class="change-password"
-      >
-        <ds-input
-          id="newPassword"
-          model="newPassword"
-          type="password"
-          autocomplete="off"
-          :label="$t('settings.security.change-password.label-new-password')"
-        />
-        <ds-input
-          id="confirmPassword"
-          model="confirmPassword"
-          type="password"
-          autocomplete="off"
-          :label="$t('settings.security.change-password.label-new-password-confirm')"
-        />
-        <password-strength :password="password.formData.newPassword" />
-        <ds-space margin-top="base">
-          <ds-button :loading="$apollo.loading" :disabled="disabled" primary>
-            {{ $t('settings.security.change-password.button') }}
-          </ds-button>
-        </ds-space>
-      </ds-form>
+      <template v-else>
+        <ds-form
+          v-if="!changePasswordResult"
+          v-model="password.formData"
+          :schema="password.formSchema"
+          @submit="handleSubmitPassword"
+          @input="handleInput"
+          @input-valid="handleInputValid"
+          class="change-password"
+        >
+          <ds-input
+            id="newPassword"
+            model="newPassword"
+            type="password"
+            autocomplete="off"
+            :label="$t('settings.security.change-password.label-new-password')"
+          />
+          <ds-input
+            id="confirmPassword"
+            model="confirmPassword"
+            type="password"
+            autocomplete="off"
+            :label="$t('settings.security.change-password.label-new-password-confirm')"
+          />
+          <password-strength :password="password.formData.newPassword" />
+          <ds-space margin-top="base">
+            <ds-button :loading="$apollo.loading" :disabled="disabled" primary>
+              {{ $t('settings.security.change-password.button') }}
+            </ds-button>
+          </ds-space>
+        </ds-form>
+        <ds-text v-else>
+          {{ changePasswordResultMessage }}
+        </ds-text>
+      </template>
     </ds-space>
   </ds-card>
 </template>
 
 <script>
 import PasswordStrength from '../Password/Strength'
+import gql from 'graphql-tag'
+
 export default {
   components: {
     PasswordStrength,
@@ -119,19 +126,53 @@ export default {
       },
       verificationSubmitted: false,
       disabled: true,
+      changePasswordResult: null,
     }
   },
+  computed: {
+    changePasswordResultMessage() {
+      if (!this.changePasswordResult) return ''
+      return this.$t(`verify-code.form.change-password.${this.changePasswordResult}`)
+    },
+  },
   methods: {
-    async handleInput(data) {
+    async handleInput() {
       this.disabled = true
     },
-    async handleInputValid(data) {
+    async handleInputValid() {
       this.disabled = false
     },
     handleSubmitVerify() {
       this.verificationSubmitted = true
     },
-    handleSubmitPassword() {},
+    async handleSubmitPassword() {
+      const mutation = gql`
+        mutation($token: String!, $email: String!, $newPassword: String!) {
+          resetPassword(token: $token, email: $email, newPassword: $newPassword)
+        }
+      `
+      const { newPassword } = this.password.formData
+      const { email, code: token } = this.verification.formData
+      const variables = { newPassword, email, token }
+      try {
+        const {
+          data: { resetPassword },
+        } = await this.$apollo.mutate({ mutation, variables })
+        const changePasswordResult = resetPassword ? 'success' : 'failure'
+        this.changePasswordResult = changePasswordResult
+        this.$emit('change-password-result', changePasswordResult)
+        this.verification.formData = {
+          code: '',
+          email: '',
+        }
+        this.password.formData = {
+          newPassword: '',
+          confirmPassword: '',
+        }
+      } catch (err) {
+        this.$toast.error(err.message)
+      }
+    },
     matchPassword(rule, value, callback, source, options) {
       var errors = []
       if (this.password.formData.newPassword !== value) {
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 502f72607..1adebdaf8 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -29,7 +29,7 @@
       "submit": "Sicherheitscode überprüfen",
       "change-password":{
         "success": "Änderung des Passworts war erfolgreich",
-        "failure": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode."
+        "failure": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?"
       }
     }
   },
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 2aac32ca6..6a4c43613 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -29,7 +29,7 @@
       "submit": "Check security code",
       "change-password": {
         "success": "Changing your password was successful",
-        "failure": "Changing your password failed. Probably the security code was not correct"
+        "failure": "Changing your password failed. Maybe the security code was not correct?"
       }
     }
   },

From 69434cdc7fc8425eb8efd2d039d878506caf55f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 16:11:05 +0200
Subject: [PATCH 48/89] Nicer information messages

---
 webapp/components/PasswordReset/PasswordReset.vue | 2 +-
 webapp/components/PasswordReset/VerifyCode.vue    | 3 +++
 webapp/locales/de.json                            | 2 +-
 webapp/locales/en.json                            | 2 +-
 4 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/PasswordReset.vue
index e34efc070..f183307e6 100644
--- a/webapp/components/PasswordReset/PasswordReset.vue
+++ b/webapp/components/PasswordReset/PasswordReset.vue
@@ -37,7 +37,7 @@
       <div v-else>
         <transition name="ds-transition-fade">
           <ds-flex centered>
-            <sweetalert-icon icon="success" />
+            <sweetalert-icon icon="info" />
           </ds-flex>
         </transition>
         <ds-text v-html="submitMessage" />
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 49f951324..4743a4ed6 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -64,6 +64,7 @@
           </ds-space>
         </ds-form>
         <ds-text v-else>
+          <sweetalert-icon :icon="changePasswordResult" />
           {{ changePasswordResultMessage }}
         </ds-text>
       </template>
@@ -74,9 +75,11 @@
 <script>
 import PasswordStrength from '../Password/Strength'
 import gql from 'graphql-tag'
+import { SweetalertIcon } from 'vue-sweetalert-icons'
 
 export default {
   components: {
+    SweetalertIcon,
     PasswordStrength,
   },
   data() {
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 1adebdaf8..a13b5620a 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -29,7 +29,7 @@
       "submit": "Sicherheitscode überprüfen",
       "change-password":{
         "success": "Änderung des Passworts war erfolgreich",
-        "failure": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?"
+        "error": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?"
       }
     }
   },
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 6a4c43613..a4f958c87 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -29,7 +29,7 @@
       "submit": "Check security code",
       "change-password": {
         "success": "Changing your password was successful",
-        "failure": "Changing your password failed. Maybe the security code was not correct?"
+        "error": "Changing your password failed. Maybe the security code was not correct?"
       }
     }
   },

From 8984df937120c91bdcdb0892671066ccfe097b6a Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Tue, 18 Jun 2019 17:43:00 +0200
Subject: [PATCH 49/89] lint fixes

---
 backend/src/activitypub/NitroDataSource.js   | 8 ++++++--
 backend/src/middleware/notifications/spec.js | 4 +++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/backend/src/activitypub/NitroDataSource.js b/backend/src/activitypub/NitroDataSource.js
index 0900bed6c..eea37337a 100644
--- a/backend/src/activitypub/NitroDataSource.js
+++ b/backend/src/activitypub/NitroDataSource.js
@@ -505,7 +505,9 @@ export default class NitroDataSource {
     const result2 = await this.client.mutate({
       mutation: gql`
           mutation {
-              AddCommentAuthor(from: {id: "${result.data.CreateComment.id}"}, to: {id: "${toUserId}"}) {
+              AddCommentAuthor(from: {id: "${
+                result.data.CreateComment.id
+              }"}, to: {id: "${toUserId}"}) {
                   id
               }
           }
@@ -517,7 +519,9 @@ export default class NitroDataSource {
     result = await this.client.mutate({
       mutation: gql`
           mutation {
-              AddCommentPost(from: { id: "${result.data.CreateComment.id}", to: { id: "${postId}" }}) {
+              AddCommentPost(from: { id: "${
+                result.data.CreateComment.id
+              }", to: { id: "${postId}" }}) {
                   id
               }
           }
diff --git a/backend/src/middleware/notifications/spec.js b/backend/src/middleware/notifications/spec.js
index 985654b0f..65212e544 100644
--- a/backend/src/middleware/notifications/spec.js
+++ b/backend/src/middleware/notifications/spec.js
@@ -87,7 +87,9 @@ describe('currentUser { notifications }', () => {
 
         describe('who mentions me again', () => {
           beforeEach(async () => {
-            const updatedContent = `${post.content} One more mention to <a href="/profile/you" class="mention">@al-capone</a>`
+            const updatedContent = `${
+              post.content
+            } One more mention to <a href="/profile/you" class="mention">@al-capone</a>`
             // The response `post.content` contains a link but the XSSmiddleware
             // should have the `mention` CSS class removed. I discovered this
             // during development and thought: A feature not a bug! This way we

From ba185bcb65c8d99d9295af2e432b7d0b1b8506ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 17:16:56 +0200
Subject: [PATCH 50/89] Refactor backend

---
 backend/src/schema/resolvers/passwordReset.js | 30 +++++-----
 .../schema/resolvers/passwordReset.spec.js    | 58 ++++++++-----------
 backend/src/schema/types/schema.gql           |  2 +-
 .../components/PasswordReset/VerifyCode.vue   | 10 ++--
 4 files changed, 45 insertions(+), 55 deletions(-)

diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index d6d2a6e6c..e2fb1a80f 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -1,15 +1,16 @@
 import uuid from 'uuid/v4'
 import bcrypt from 'bcryptjs'
 
-export async function createPasswordReset({ driver, token, email, validUntil }) {
+export async function createPasswordReset(options) {
+  const { driver, code, email, issuedAt = new Date() } = options
   const session = driver.session()
   const cypher = `
       MATCH (u:User) WHERE u.email = $email
-      CREATE(pr:PasswordReset {token: $token, validUntil: $validUntil, redeemedAt: NULL})
+      CREATE(pr:PasswordReset {code: $code, issuedAt: datetime($issuedAt), usedAt: NULL})
       MERGE (u)-[:REQUESTED]->(pr)
-      RETURN u,pr
+      RETURN pr
       `
-  const transactionRes = await session.run(cypher, { token, email, validUntil })
+  const transactionRes = await session.run(cypher, { issuedAt: issuedAt.toISOString(), code, email })
   const resets = transactionRes.records.map(record => record.get('pr'))
   session.close()
   return resets
@@ -18,27 +19,26 @@ export async function createPasswordReset({ driver, token, email, validUntil })
 export default {
   Mutation: {
     requestPasswordReset: async (_, { email }, { driver }) => {
-      let validUntil = new Date()
-      validUntil += 3 * 60 * 1000
-      const token = uuid()
-      await createPasswordReset({ driver, token, email, validUntil })
+      const code = uuid().substring(0,6)
+      await createPasswordReset({ driver, code, email })
       return true
     },
-    resetPassword: async (_, { email, token, newPassword }, { driver }) => {
+    resetPassword: async (_, { email, code, newPassword }, { driver }) => {
       const session = driver.session()
-      const now = new Date().getTime()
+      const stillValid = new Date()
+      stillValid.setDate(stillValid.getDate() - 1)
       const newHashedPassword = await bcrypt.hashSync(newPassword, 10)
       const cypher = `
-      MATCH (r:PasswordReset {token: $token})
+      MATCH (r:PasswordReset {code: $code})
       MATCH (u:User {email: $email})-[:REQUESTED]->(r)
-      WHERE r.validUntil > $now AND r.redeemedAt IS NULL
-      SET r.redeemedAt = $now
+      WHERE duration.between(r.issuedAt, datetime()).days <= 0 AND r.usedAt IS NULL
+      SET r.usedAt = datetime()
       SET u.password = $newHashedPassword
       RETURN r
       `
-      let transactionRes = await session.run(cypher, { now, email, token, newHashedPassword })
+      let transactionRes = await session.run(cypher, { stillValid, email, code, newHashedPassword })
       const [reset] = transactionRes.records.map(record => record.get('r'))
-      const result = !!(reset && reset.properties.redeemedAt)
+      const result = !!(reset && reset.properties.usedAt)
       session.close()
       return result
     },
diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
index 1fbd96b7a..6d0347703 100644
--- a/backend/src/schema/resolvers/passwordReset.spec.js
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -64,23 +64,12 @@ describe('passwordReset', () => {
         expect(resets).toHaveLength(1)
       })
 
-      it('creates a reset token', async () => {
+      it('creates a reset code', async () => {
         await client.request(mutation, variables)
         const resets = await getAllPasswordResets()
         const [reset] = resets
-        const { token } = reset.properties
-        expect(token).toMatch(/^........-....-....-....-............$/)
-      })
-
-      it('created PasswordReset is valid for less than 4 minutes', async () => {
-        await client.request(mutation, variables)
-        const resets = await getAllPasswordResets()
-        const [reset] = resets
-        let { validUntil } = reset.properties
-        validUntil = Date.parse(validUntil)
-        const now = new Date().getTime()
-        expect(validUntil).toBeGreaterThan(now - 60 * 1000)
-        expect(validUntil).toBeLessThan(now + 4 * 60 * 1000)
+        const { code } = reset.properties
+        expect(code).toHaveLength(6)
       })
     })
   })
@@ -89,50 +78,50 @@ describe('passwordReset', () => {
     const setup = async (options = {}) => {
       const {
         email = 'user@example.org',
-        validUntil = new Date().getTime() + 3 * 60 * 1000,
-        token = 'abcdefgh-ijkl-mnop-qrst-uvwxyz123456',
+        issuedAt = new Date(),
+        code = 'abcdef',
       } = options
 
       const session = driver.session()
-      await createPasswordReset({ driver, email, validUntil, token })
+      await createPasswordReset({ driver, email, issuedAt, code })
       session.close()
     }
 
-    const mutation = `mutation($token: String!, $email: String!, $newPassword: String!) { resetPassword(token: $token, email: $email, newPassword: $newPassword) }`
+    const mutation = `mutation($code: String!, $email: String!, $newPassword: String!) { resetPassword(code: $code, email: $email, newPassword: $newPassword) }`
     let email = 'user@example.org'
-    let token = 'abcdefgh-ijkl-mnop-qrst-uvwxyz123456'
+    let code = 'abcdef'
     let newPassword = 'supersecret'
     let variables
 
     describe('invalid email', () => {
       it('resolves to false', async () => {
         await setup()
-        variables = { newPassword, email: 'non-existent@example.org', token }
+        variables = { newPassword, email: 'non-existent@example.org', code }
         await expect(client.request(mutation, variables)).resolves.toEqual({ resetPassword: false })
       })
     })
 
     describe('valid email', () => {
-      describe('but invalid token', () => {
+      describe('but invalid code', () => {
         it('resolves to false', async () => {
           await setup()
-          variables = { newPassword, email, token: 'slkdjfldsjflsdjfsjdfl' }
+          variables = { newPassword, email, code: 'slkdjf' }
           await expect(client.request(mutation, variables)).resolves.toEqual({
             resetPassword: false,
           })
         })
       })
 
-      describe('and valid token', () => {
+      describe('and valid code', () => {
         beforeEach(() => {
           variables = {
             newPassword,
             email: 'user@example.org',
-            token: 'abcdefgh-ijkl-mnop-qrst-uvwxyz123456',
+            code: 'abcdef',
           }
         })
 
-        describe('and token not expired', () => {
+        describe('and code not expired', () => {
           beforeEach(async () => {
             await setup()
           })
@@ -143,12 +132,12 @@ describe('passwordReset', () => {
             })
           })
 
-          it('updates PasswordReset `redeemedAt` property', async () => {
+          it('updates PasswordReset `usedAt` property', async () => {
             await client.request(mutation, variables)
             const requests = await getAllPasswordResets()
             const [request] = requests
-            const { redeemedAt } = request.properties
-            expect(redeemedAt).not.toBeNull()
+            const { usedAt } = request.properties
+            expect(usedAt).not.toBeFalsy()
           })
 
           it('updates password of the user', async () => {
@@ -168,10 +157,11 @@ describe('passwordReset', () => {
           })
         })
 
-        describe('but expired token', () => {
+        describe('but expired code', () => {
           beforeEach(async () => {
-            const validUntil = new Date().getTime() - 1000
-            await setup({ validUntil })
+            const issuedAt = new Date()
+            issuedAt.setDate(issuedAt.getDate() - 1)
+            await setup({ issuedAt })
           })
 
           it('resolves to false', async () => {
@@ -180,12 +170,12 @@ describe('passwordReset', () => {
             })
           })
 
-          it('does not update PasswordReset `redeemedAt` property', async () => {
+          it('does not update PasswordReset `usedAt` property', async () => {
             await client.request(mutation, variables)
             const requests = await getAllPasswordResets()
             const [request] = requests
-            const { redeemedAt } = request.properties
-            expect(redeemedAt).toBeUndefined()
+            const { usedAt } = request.properties
+            expect(usedAt).toBeUndefined()
           })
         })
       })
diff --git a/backend/src/schema/types/schema.gql b/backend/src/schema/types/schema.gql
index ae77ef8e8..1ef83bac3 100644
--- a/backend/src/schema/types/schema.gql
+++ b/backend/src/schema/types/schema.gql
@@ -26,7 +26,7 @@ type Mutation {
   signup(email: String!, password: String!): Boolean!
   changePassword(oldPassword: String!, newPassword: String!): String!
   requestPasswordReset(email: String!): Boolean!
-  resetPassword(email: String!, token: String!, newPassword: String!): Boolean!
+  resetPassword(email: String!, code: String!, newPassword: String!): Boolean!
   report(id: ID!, description: String): Report
   disable(id: ID!): ID
   enable(id: ID!): ID
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 4743a4ed6..4d7c161cf 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -150,18 +150,18 @@ export default {
     },
     async handleSubmitPassword() {
       const mutation = gql`
-        mutation($token: String!, $email: String!, $newPassword: String!) {
-          resetPassword(token: $token, email: $email, newPassword: $newPassword)
+        mutation($code: String!, $email: String!, $newPassword: String!) {
+          resetPassword(code: $code, email: $email, newPassword: $newPassword)
         }
       `
       const { newPassword } = this.password.formData
-      const { email, code: token } = this.verification.formData
-      const variables = { newPassword, email, token }
+      const { email, code } = this.verification.formData
+      const variables = { newPassword, email, code }
       try {
         const {
           data: { resetPassword },
         } = await this.$apollo.mutate({ mutation, variables })
-        const changePasswordResult = resetPassword ? 'success' : 'failure'
+        const changePasswordResult = resetPassword ? 'success' : 'error'
         this.changePasswordResult = changePasswordResult
         this.$emit('change-password-result', changePasswordResult)
         this.verification.formData = {

From 7446464d6c5a0fc4b74ee21f9a0d3420a57a15c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 19:08:59 +0200
Subject: [PATCH 51/89] Better translations

---
 webapp/components/PasswordReset/VerifyCode.vue | 2 +-
 webapp/locales/de.json                         | 4 ++--
 webapp/locales/en.json                         | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 4d7c161cf..a69732b4c 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -29,7 +29,7 @@
           </ds-text>
         </ds-space>
         <ds-button :disabled="disabled" primary fullwidth name="submit" type="submit">
-          {{ $t('verify-code.form.submit') }}
+          {{ $t('verify-code.form.next') }}
         </ds-button>
       </ds-form>
       <template v-else>
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index a13b5620a..70762c85e 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -19,14 +19,14 @@
     "form": {
       "description": "Eine Mail zum Zurücksetzen des Passworts wird an die angegebene E-Mail Adresse geschickt.",
       "submit": "Email anfordern",
-      "submitted": "E-Mail verschickt an <b>{email}</b>"
+      "submitted": "Eine E-Mail mit weiteren Instruktionen wurde verschickt an <b>{email}</b>"
     }
   },
   "verify-code": {
     "form": {
       "code": "Code eingeben",
       "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
-      "submit": "Sicherheitscode überprüfen",
+      "next": "Weiter",
       "change-password":{
         "success": "Änderung des Passworts war erfolgreich",
         "error": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?"
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index a4f958c87..15743d571 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -19,14 +19,14 @@
     "form": {
       "description": "A password reset email will be sent to the given email address.",
       "submit": "Request email",
-      "submitted": "Email sent to <b>{email}</b>"
+      "submitted": "A mail with further instruction has been sent to <b>{email}</b>"
     }
   },
   "verify-code": {
     "form": {
       "code": "Enter your code",
       "description": "Open your inbox and enter the code that we've sent to you.",
-      "submit": "Check security code",
+      "next": "Continue",
       "change-password": {
         "success": "Changing your password was successful",
         "error": "Changing your password failed. Maybe the security code was not correct?"

From 506fe0fe9412add0004bd802b2071fd473708eb1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 22:35:44 +0200
Subject: [PATCH 52/89] Add support instructions

---
 .../components/PasswordReset/VerifyCode.vue   | 27 +++++++++++--------
 webapp/locales/de.json                        |  3 ++-
 webapp/locales/en.json                        |  3 ++-
 3 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index a69732b4c..e452d64e8 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -64,8 +64,20 @@
           </ds-space>
         </ds-form>
         <ds-text v-else>
-          <sweetalert-icon :icon="changePasswordResult" />
-          {{ changePasswordResultMessage }}
+          <template v-if="changePasswordResult === 'success'">
+            <sweetalert-icon icon="success" />
+            <ds-text>
+              {{ $t(`verify-code.form.change-password.success`) }}
+            </ds-text>
+          </template>
+          <template v-else>
+            <sweetalert-icon icon="error" />
+            <ds-text align="left">
+              {{ $t(`verify-code.form.change-password.error`) }}
+              {{ $t('verify-code.form.change-password.help') }}
+            </ds-text>
+            <a href="mailto:support@human-connection.org">support@human-connection.org</a>
+          </template>
         </ds-text>
       </template>
     </ds-space>
@@ -132,12 +144,6 @@ export default {
       changePasswordResult: null,
     }
   },
-  computed: {
-    changePasswordResultMessage() {
-      if (!this.changePasswordResult) return ''
-      return this.$t(`verify-code.form.change-password.${this.changePasswordResult}`)
-    },
-  },
   methods: {
     async handleInput() {
       this.disabled = true
@@ -161,9 +167,8 @@ export default {
         const {
           data: { resetPassword },
         } = await this.$apollo.mutate({ mutation, variables })
-        const changePasswordResult = resetPassword ? 'success' : 'error'
-        this.changePasswordResult = changePasswordResult
-        this.$emit('change-password-result', changePasswordResult)
+        this.changePasswordResult = resetPassword ? 'success' : 'error'
+        this.$emit('change-password-result', this.changePasswordResult)
         this.verification.formData = {
           code: '',
           email: '',
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 70762c85e..0970877d4 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -29,7 +29,8 @@
       "next": "Weiter",
       "change-password":{
         "success": "Änderung des Passworts war erfolgreich",
-        "error": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?"
+        "error": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?",
+        "help": "Falls Probleme auftreten, schreib uns gerne eine Mail an:"
       }
     }
   },
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 15743d571..41a806a7b 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -29,7 +29,8 @@
       "next": "Continue",
       "change-password": {
         "success": "Changing your password was successful",
-        "error": "Changing your password failed. Maybe the security code was not correct?"
+        "error": "Changing your password failed. Maybe the security code was not correct?",
+        "help": "In case of problems, feel free to ask for help by sending us a mail to:"
       }
     }
   },

From cc26d0be94a87fd4b409b4c2497847f6bed29b4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 22:48:53 +0200
Subject: [PATCH 53/89] Handle passwordReset response on reset page

---
 .../components/PasswordReset/VerifyCode.spec.js   |  2 +-
 webapp/components/PasswordReset/VerifyCode.vue    |  4 +++-
 webapp/pages/password-reset.vue                   | 15 ++++++++++-----
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 217c58ce9..cf12aacac 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -80,7 +80,7 @@ describe('VerifyCode ', () => {
             beforeEach(jest.runAllTimers)
 
             it('emits `change-password-sucess`', () => {
-              expect(wrapper.emitted('change-password-result')).toEqual([['success']])
+              expect(wrapper.emitted('passwordResetResponse')).toEqual([['success']])
             })
           })
         })
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index e452d64e8..d53d08bf2 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -168,7 +168,9 @@ export default {
           data: { resetPassword },
         } = await this.$apollo.mutate({ mutation, variables })
         this.changePasswordResult = resetPassword ? 'success' : 'error'
-        this.$emit('change-password-result', this.changePasswordResult)
+        setTimeout(() => {
+          this.$emit('passwordResetResponse', this.changePasswordResult)
+        }, 3000)
         this.verification.formData = {
           code: '',
           email: '',
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 0ef12cd32..3c6100430 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -3,8 +3,8 @@
     <ds-flex>
       <ds-flex-item :width="{ base: '100%' }" centered>
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
-          <password-reset @handleSubmitted="handleSubmitted" v-if="!submitted" />
-          <verify-code v-else />
+          <password-reset @handleSubmitted="handlePasswordResetRequested" v-if="!passwordResetRequested" />
+          <verify-code v-else @passwordResetResponse="handlePasswordResetResponse" />
         </ds-space>
       </ds-flex-item>
     </ds-flex>
@@ -19,7 +19,7 @@ export default {
   layout: 'default',
   data() {
     return {
-      submitted: false,
+      passwordResetRequested: false
     }
   },
   components: {
@@ -27,8 +27,13 @@ export default {
     VerifyCode,
   },
   methods: {
-    handleSubmitted() {
-      this.submitted = true
+    handlePasswordResetRequested() {
+      this.passwordResetRequested = true
+    },
+    handlePasswordResetResponse(response) {
+      if (response === 'success'){
+        this.$router.push('login')
+      }
     },
   },
 }

From 29b910cfb7b5338b5f344a46a5ef06628e18f50e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 23:24:29 +0200
Subject: [PATCH 54/89] Really basic passwordReset flow works

---
 backend/package.json                          |  1 +
 backend/src/config/index.js                   |  8 +++++
 backend/src/schema/resolvers/passwordReset.js | 32 +++++++++++++++++--
 .../schema/resolvers/passwordReset.spec.js    |  6 +---
 backend/yarn.lock                             |  5 +++
 5 files changed, 45 insertions(+), 7 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index c8537ae0b..45f47db44 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -72,6 +72,7 @@
     "neo4j-driver": "~1.7.4",
     "neo4j-graphql-js": "git+https://github.com/Human-Connection/neo4j-graphql-js.git#temporary_fixes",
     "node-fetch": "~2.6.0",
+    "nodemailer": "^6.2.1",
     "npm-run-all": "~4.1.5",
     "request": "~2.88.0",
     "sanitize-html": "~1.20.1",
diff --git a/backend/src/config/index.js b/backend/src/config/index.js
index aed6f7c1c..6931126e2 100644
--- a/backend/src/config/index.js
+++ b/backend/src/config/index.js
@@ -8,6 +8,13 @@ export const requiredConfigs = {
   PRIVATE_KEY_PASSPHRASE: process.env.PRIVATE_KEY_PASSPHRASE,
 }
 
+export const smtpConfigs = {
+  SMTP_HOST: process.env.SMTP_HOST || 'localhost',
+  SMTP_PORT: process.env.SMTP_PORT || 1025,
+  SMTP_USERNAME: process.env.SMTP_USERNAME,
+  SMTP_PASSWORD: process.env.SMTP_PASSWORD,
+}
+
 export const neo4jConfigs = {
   NEO4J_URI: process.env.NEO4J_URI || 'bolt://localhost:7687',
   NEO4J_USERNAME: process.env.NEO4J_USERNAME || 'neo4j',
@@ -29,6 +36,7 @@ export const developmentConfigs = {
 
 export default {
   ...requiredConfigs,
+  ...smtpConfigs,
   ...neo4jConfigs,
   ...serverConfigs,
   ...developmentConfigs,
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index e2fb1a80f..fe37187b5 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -1,5 +1,21 @@
 import uuid from 'uuid/v4'
 import bcrypt from 'bcryptjs'
+import CONFIG from '../../config'
+import nodemailer from 'nodemailer'
+
+const transporter = () => {
+  const { SMTP_HOST: host, SMTP_PORT: port, SMTP_USERNAME: user, SMTP_PASSWORD: pass } = CONFIG
+  const configs = {
+    host,
+    port,
+    ignoreTLS: true,
+    secure: false, // true for 465, false for other ports
+  }
+  if (user && pass) {
+    configs.auth = { user, pass }
+  }
+  return nodemailer.createTransport(configs)
+}
 
 export async function createPasswordReset(options) {
   const { driver, code, email, issuedAt = new Date() } = options
@@ -10,7 +26,11 @@ export async function createPasswordReset(options) {
       MERGE (u)-[:REQUESTED]->(pr)
       RETURN pr
       `
-  const transactionRes = await session.run(cypher, { issuedAt: issuedAt.toISOString(), code, email })
+  const transactionRes = await session.run(cypher, {
+    issuedAt: issuedAt.toISOString(),
+    code,
+    email,
+  })
   const resets = transactionRes.records.map(record => record.get('pr'))
   session.close()
   return resets
@@ -19,8 +39,16 @@ export async function createPasswordReset(options) {
 export default {
   Mutation: {
     requestPasswordReset: async (_, { email }, { driver }) => {
-      const code = uuid().substring(0,6)
+      const code = uuid().substring(0, 6)
       await createPasswordReset({ driver, code, email })
+      await transporter().sendMail({
+        from: '"Human Connection" <info@human-connection.org>', // sender address
+        to: email, // list of receivers
+        subject: 'Password Reset', // Subject line
+        text: `Code is ${code}`, // plain text body
+        html: `Code is <b>${code}</b>`, // plain text body
+      })
+
       return true
     },
     resetPassword: async (_, { email, code, newPassword }, { driver }) => {
diff --git a/backend/src/schema/resolvers/passwordReset.spec.js b/backend/src/schema/resolvers/passwordReset.spec.js
index 6d0347703..545945f51 100644
--- a/backend/src/schema/resolvers/passwordReset.spec.js
+++ b/backend/src/schema/resolvers/passwordReset.spec.js
@@ -76,11 +76,7 @@ describe('passwordReset', () => {
 
   describe('resetPassword', () => {
     const setup = async (options = {}) => {
-      const {
-        email = 'user@example.org',
-        issuedAt = new Date(),
-        code = 'abcdef',
-      } = options
+      const { email = 'user@example.org', issuedAt = new Date(), code = 'abcdef' } = options
 
       const session = driver.session()
       await createPasswordReset({ driver, email, issuedAt, code })
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d2c5da176..eaee0a3f3 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -5693,6 +5693,11 @@ node-releases@^1.1.19:
   dependencies:
     semver "^5.3.0"
 
+nodemailer@^6.2.1:
+  version "6.2.1"
+  resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-6.2.1.tgz#20d773925eb8f7a06166a0b62c751dc8290429f3"
+  integrity sha512-TagB7iuIi9uyNgHExo8lUDq3VK5/B0BpbkcjIgNvxbtVrjNqq0DwAOTuzALPVkK76kMhTSzIgHqg8X1uklVs6g==
+
 nodemon@~1.19.1:
   version "1.19.1"
   resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.19.1.tgz#576f0aad0f863aabf8c48517f6192ff987cd5071"

From d8eca07c217604cc67adb6444e09da627fbc1076 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 23:28:48 +0200
Subject: [PATCH 55/89] Fix lint

---
 webapp/pages/password-reset.vue | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 3c6100430..61a1d0b84 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -3,7 +3,10 @@
     <ds-flex>
       <ds-flex-item :width="{ base: '100%' }" centered>
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
-          <password-reset @handleSubmitted="handlePasswordResetRequested" v-if="!passwordResetRequested" />
+          <password-reset
+            @handleSubmitted="handlePasswordResetRequested"
+            v-if="!passwordResetRequested"
+          />
           <verify-code v-else @passwordResetResponse="handlePasswordResetResponse" />
         </ds-space>
       </ds-flex-item>
@@ -19,7 +22,7 @@ export default {
   layout: 'default',
   data() {
     return {
-      passwordResetRequested: false
+      passwordResetRequested: false,
     }
   },
   components: {
@@ -31,7 +34,7 @@ export default {
       this.passwordResetRequested = true
     },
     handlePasswordResetResponse(response) {
-      if (response === 'success'){
+      if (response === 'success') {
         this.$router.push('login')
       }
     },

From 38327ddf71d4529db23c1bb9273c84a3709825f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 23:49:38 +0200
Subject: [PATCH 56/89] Split password flow into different routes part 1

---
 webapp/nuxt.config.js                       |  4 ++-
 webapp/pages/login.vue                      |  2 +-
 webapp/pages/password-reset.vue             | 28 +--------------------
 webapp/pages/password-reset/request.vue     | 18 +++++++++++++
 webapp/pages/password-reset/verify-code.vue | 20 +++++++++++++++
 5 files changed, 43 insertions(+), 29 deletions(-)
 create mode 100644 webapp/pages/password-reset/request.vue
 create mode 100644 webapp/pages/password-reset/verify-code.vue

diff --git a/webapp/nuxt.config.js b/webapp/nuxt.config.js
index 8af3dbb16..7383f408a 100644
--- a/webapp/nuxt.config.js
+++ b/webapp/nuxt.config.js
@@ -28,7 +28,9 @@ module.exports = {
     publicPages: [
       'login',
       'logout',
-      'password-reset',
+      'password-reset-request',
+      'password-reset-verify-code',
+      'password-reset-change-password',
       'register',
       'signup',
       'reset',
diff --git a/webapp/pages/login.vue b/webapp/pages/login.vue
index 94c974b29..f858b931e 100644
--- a/webapp/pages/login.vue
+++ b/webapp/pages/login.vue
@@ -46,7 +46,7 @@
                 type="password"
               />
               <ds-space class="password-reset-link" margin-bottom="large">
-                <nuxt-link to="/password-reset">
+                <nuxt-link to="/password-reset/request">
                   {{ $t('login.forgotPassword') }}
                 </nuxt-link>
               </ds-space>
diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index 61a1d0b84..ca826524e 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -3,11 +3,7 @@
     <ds-flex>
       <ds-flex-item :width="{ base: '100%' }" centered>
         <ds-space style="text-align: center;" margin-top="small" margin-bottom="xxx-small" centered>
-          <password-reset
-            @handleSubmitted="handlePasswordResetRequested"
-            v-if="!passwordResetRequested"
-          />
-          <verify-code v-else @passwordResetResponse="handlePasswordResetResponse" />
+          <nuxt-child />
         </ds-space>
       </ds-flex-item>
     </ds-flex>
@@ -15,29 +11,7 @@
 </template>
 
 <script>
-import PasswordReset from '~/components/PasswordReset/PasswordReset'
-import VerifyCode from '~/components/PasswordReset/VerifyCode'
-
 export default {
   layout: 'default',
-  data() {
-    return {
-      passwordResetRequested: false,
-    }
-  },
-  components: {
-    PasswordReset,
-    VerifyCode,
-  },
-  methods: {
-    handlePasswordResetRequested() {
-      this.passwordResetRequested = true
-    },
-    handlePasswordResetResponse(response) {
-      if (response === 'success') {
-        this.$router.push('login')
-      }
-    },
-  },
 }
 </script>
diff --git a/webapp/pages/password-reset/request.vue b/webapp/pages/password-reset/request.vue
new file mode 100644
index 000000000..7cf37f537
--- /dev/null
+++ b/webapp/pages/password-reset/request.vue
@@ -0,0 +1,18 @@
+<template>
+  <password-reset @handleSubmitted="handlePasswordResetRequested" />
+</template>
+
+<script>
+import PasswordReset from '~/components/PasswordReset/PasswordReset'
+
+export default {
+  components: {
+    PasswordReset,
+  },
+  methods: {
+    handlePasswordResetRequested() {
+      this.$router.push('verify-code')
+    },
+  },
+}
+</script>
diff --git a/webapp/pages/password-reset/verify-code.vue b/webapp/pages/password-reset/verify-code.vue
new file mode 100644
index 000000000..e331c673c
--- /dev/null
+++ b/webapp/pages/password-reset/verify-code.vue
@@ -0,0 +1,20 @@
+<template>
+  <verify-code @passwordResetResponse="handlePasswordResetResponse" />
+</template>
+
+<script>
+import VerifyCode from '~/components/PasswordReset/VerifyCode'
+
+export default {
+  components: {
+    VerifyCode,
+  },
+  methods: {
+    handlePasswordResetResponse(response) {
+      if (response === 'success') {
+        this.$router.push('login')
+      }
+    },
+  },
+}
+</script>

From 304fd028f0ccb1a49f2aecfb63bfe15e91ad7092 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 18 Jun 2019 23:51:54 +0200
Subject: [PATCH 57/89] Leftover token=>code

---
 webapp/components/PasswordReset/VerifyCode.spec.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index cf12aacac..6f489e55f 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -65,7 +65,7 @@ describe('VerifyCode ', () => {
 
         it('delivers new password to backend', () => {
           const expected = expect.objectContaining({
-            variables: { token: '123456', email: 'mail@example.org', newPassword: 'supersecret' },
+            variables: { code: '123456', email: 'mail@example.org', newPassword: 'supersecret' },
           })
           expect(mocks.$apollo.mutate).toHaveBeenCalledWith(expected)
         })

From a6a0ee16a00afce4ff3e2ae427d250365893e2ea Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Wed, 19 Jun 2019 04:19:09 +0000
Subject: [PATCH 58/89] Bump apollo-client from 2.6.2 to 2.6.3 in /webapp

Bumps [apollo-client](https://github.com/apollographql/apollo-client) from 2.6.2 to 2.6.3.
- [Release notes](https://github.com/apollographql/apollo-client/releases)
- [Changelog](https://github.com/apollographql/apollo-client/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-client/compare/apollo-client@2.6.2...apollo-client@2.6.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index a3d8c6dda..a06c53bd2 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -56,7 +56,7 @@
     "@nuxtjs/style-resources": "~0.1.2",
     "accounting": "~0.4.1",
     "apollo-cache-inmemory": "~1.5.1",
-    "apollo-client": "~2.6.2",
+    "apollo-client": "~2.6.3",
     "cookie-universal-nuxt": "~2.0.16",
     "cross-env": "~5.2.0",
     "date-fns": "2.0.0-alpha.34",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index 80d519770..4008c11f8 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -1893,10 +1893,10 @@ apollo-cache@1.3.2, apollo-cache@^1.2.1:
     apollo-utilities "^1.3.2"
     tslib "^1.9.3"
 
-apollo-client@^2.5.1, apollo-client@~2.6.2:
-  version "2.6.2"
-  resolved "https://registry.yarnpkg.com/apollo-client/-/apollo-client-2.6.2.tgz#03b6af651e09b6e413e486ddc87464c85bd6e514"
-  integrity sha512-oks1MaT5x7gHcPeC8vPC1UzzsKaEIC0tye+jg72eMDt5OKc7BobStTeS/o2Ib3e0ii40nKxGBnMdl/Xa/p56Yg==
+apollo-client@^2.5.1, apollo-client@~2.6.3:
+  version "2.6.3"
+  resolved "https://registry.yarnpkg.com/apollo-client/-/apollo-client-2.6.3.tgz#9bb2d42fb59f1572e51417f341c5f743798d22db"
+  integrity sha512-DS8pmF5CGiiJ658dG+mDn8pmCMMQIljKJSTeMNHnFuDLV0uAPZoeaAwVFiAmB408Ujqt92oIZ/8yJJAwSIhd4A==
   dependencies:
     "@types/zen-observable" "^0.8.0"
     apollo-cache "1.3.2"

From 2e66c671c2cf086dbeab8d552b4d9ae75ab4c15f Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Wed, 19 Jun 2019 04:20:14 +0000
Subject: [PATCH 59/89] Bump apollo-client from 2.6.2 to 2.6.3 in /backend

Bumps [apollo-client](https://github.com/apollographql/apollo-client) from 2.6.2 to 2.6.3.
- [Release notes](https://github.com/apollographql/apollo-client/releases)
- [Changelog](https://github.com/apollographql/apollo-client/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-client/compare/apollo-client@2.6.2...apollo-client@2.6.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index ca6868036..1904cb71e 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -44,7 +44,7 @@
   "dependencies": {
     "activitystrea.ms": "~2.1.3",
     "apollo-cache-inmemory": "~1.6.2",
-    "apollo-client": "~2.6.2",
+    "apollo-client": "~2.6.3",
     "apollo-link-context": "~1.0.18",
     "apollo-link-http": "~1.5.15",
     "apollo-server": "~2.6.3",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index bc1e958ff..f0422d4ef 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1322,10 +1322,10 @@ apollo-cache@1.3.2, apollo-cache@^1.3.2:
     apollo-utilities "^1.3.2"
     tslib "^1.9.3"
 
-apollo-client@~2.6.2:
-  version "2.6.2"
-  resolved "https://registry.yarnpkg.com/apollo-client/-/apollo-client-2.6.2.tgz#03b6af651e09b6e413e486ddc87464c85bd6e514"
-  integrity sha512-oks1MaT5x7gHcPeC8vPC1UzzsKaEIC0tye+jg72eMDt5OKc7BobStTeS/o2Ib3e0ii40nKxGBnMdl/Xa/p56Yg==
+apollo-client@~2.6.3:
+  version "2.6.3"
+  resolved "https://registry.yarnpkg.com/apollo-client/-/apollo-client-2.6.3.tgz#9bb2d42fb59f1572e51417f341c5f743798d22db"
+  integrity sha512-DS8pmF5CGiiJ658dG+mDn8pmCMMQIljKJSTeMNHnFuDLV0uAPZoeaAwVFiAmB408Ujqt92oIZ/8yJJAwSIhd4A==
   dependencies:
     "@types/zen-observable" "^0.8.0"
     apollo-cache "1.3.2"

From 4725b8cbd256a6043ac7dafbdc25e170206a60ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 19 Jun 2019 09:12:26 +0200
Subject: [PATCH 60/89] Got Tags as `#` in the editor as an extension to work

---
 webapp/components/Editor/index.vue        |  3 +++
 webapp/components/Editor/nodes/Mention.js | 10 +++++++---
 webapp/components/Editor/nodes/Tag.js     | 10 +++++++---
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index 6307ff5ee..d8fd45697 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -625,6 +625,9 @@ li > p {
   .mention-suggestion {
     color: $color-primary;
   }
+  .tag-suggestion {
+    color: $color-primary;
+  }
   &__floating-menu {
     position: absolute;
     margin-top: -0.25rem;
diff --git a/webapp/components/Editor/nodes/Mention.js b/webapp/components/Editor/nodes/Mention.js
index 710ac13fd..c48b74286 100644
--- a/webapp/components/Editor/nodes/Mention.js
+++ b/webapp/components/Editor/nodes/Mention.js
@@ -1,6 +1,10 @@
 import { Mention as TipTapMention } from 'tiptap-extensions'
 
 export default class Mention extends TipTapMention {
+  get name() {
+    return 'mention'
+  }
+
   get schema() {
     const patchedSchema = super.schema
 
@@ -19,9 +23,9 @@ export default class Mention extends TipTapMention {
         `${this.options.matcher.char}${node.attrs.label}`,
       ]
     }
-    // patchedSchema.parseDOM = [
-    //   // this is not implemented
-    // ]
+    patchedSchema.parseDOM = [
+      // this is not implemented
+    ]
     return patchedSchema
   }
 }
diff --git a/webapp/components/Editor/nodes/Tag.js b/webapp/components/Editor/nodes/Tag.js
index f3fdd75e9..0a7324c81 100644
--- a/webapp/components/Editor/nodes/Tag.js
+++ b/webapp/components/Editor/nodes/Tag.js
@@ -1,6 +1,10 @@
 import { Mention as TipTapMention } from 'tiptap-extensions'
 
 export default class Tag extends TipTapMention {
+  get name() {
+    return 'tag'
+  }
+
   get defaultOptions() {
     return {
       matcher: {
@@ -31,9 +35,9 @@ export default class Tag extends TipTapMention {
         `${this.options.matcher.char}${node.attrs.label}`,
       ]
     }
-    // patchedSchema.parseDOM = [
-    //   // this is not implemented
-    // ]
+    patchedSchema.parseDOM = [
+      // this is not implemented
+    ]
     return patchedSchema
   }
 }

From 65471efb0d19a4f9130ef6e4aa2ac168758db2bc Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Wed, 19 Jun 2019 13:08:51 +0200
Subject: [PATCH 61/89] removed fixImageUrls reference

---
 backend/src/middleware/index.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/backend/src/middleware/index.js b/backend/src/middleware/index.js
index aae2dcef3..9b85bd340 100644
--- a/backend/src/middleware/index.js
+++ b/backend/src/middleware/index.js
@@ -40,7 +40,6 @@ export default schema => {
     'excerpt',
     'notifications',
     'xss',
-    'fixImageUrls',
     'softDelete',
     'user',
     'includedFields',

From 7613ddfc04c2e3f8fd62fc954f1c6486e5fdaeff Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Wed, 19 Jun 2019 13:36:14 +0200
Subject: [PATCH 62/89] lint fixes

---
 backend/src/activitypub/NitroDataSource.js   | 8 ++------
 backend/src/middleware/notifications/spec.js | 4 +---
 2 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/backend/src/activitypub/NitroDataSource.js b/backend/src/activitypub/NitroDataSource.js
index eea37337a..0900bed6c 100644
--- a/backend/src/activitypub/NitroDataSource.js
+++ b/backend/src/activitypub/NitroDataSource.js
@@ -505,9 +505,7 @@ export default class NitroDataSource {
     const result2 = await this.client.mutate({
       mutation: gql`
           mutation {
-              AddCommentAuthor(from: {id: "${
-                result.data.CreateComment.id
-              }"}, to: {id: "${toUserId}"}) {
+              AddCommentAuthor(from: {id: "${result.data.CreateComment.id}"}, to: {id: "${toUserId}"}) {
                   id
               }
           }
@@ -519,9 +517,7 @@ export default class NitroDataSource {
     result = await this.client.mutate({
       mutation: gql`
           mutation {
-              AddCommentPost(from: { id: "${
-                result.data.CreateComment.id
-              }", to: { id: "${postId}" }}) {
+              AddCommentPost(from: { id: "${result.data.CreateComment.id}", to: { id: "${postId}" }}) {
                   id
               }
           }
diff --git a/backend/src/middleware/notifications/spec.js b/backend/src/middleware/notifications/spec.js
index 65212e544..985654b0f 100644
--- a/backend/src/middleware/notifications/spec.js
+++ b/backend/src/middleware/notifications/spec.js
@@ -87,9 +87,7 @@ describe('currentUser { notifications }', () => {
 
         describe('who mentions me again', () => {
           beforeEach(async () => {
-            const updatedContent = `${
-              post.content
-            } One more mention to <a href="/profile/you" class="mention">@al-capone</a>`
+            const updatedContent = `${post.content} One more mention to <a href="/profile/you" class="mention">@al-capone</a>`
             // The response `post.content` contains a link but the XSSmiddleware
             // should have the `mention` CSS class removed. I discovered this
             // during development and thought: A feature not a bug! This way we

From a7eced5f8e26c866472fee73271f62a8f8d0ca74 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Wed, 19 Jun 2019 13:40:08 +0200
Subject: [PATCH 63/89] Redirect to `/' if user is authenticated

---
 webapp/pages/password-reset.vue | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/webapp/pages/password-reset.vue b/webapp/pages/password-reset.vue
index ca826524e..a781bd3fb 100644
--- a/webapp/pages/password-reset.vue
+++ b/webapp/pages/password-reset.vue
@@ -13,5 +13,10 @@
 <script>
 export default {
   layout: 'default',
+  asyncData({ store, redirect }) {
+    if (store.getters['auth/isLoggedIn']) {
+      redirect('/')
+    }
+  },
 }
 </script>

From c85c94aa40c3d91a474f76d6908b84d232ce5b1c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Wed, 19 Jun 2019 14:07:35 +0200
Subject: [PATCH 64/89] Splitting components, better route navigation

This also allows us to generate a password reset link to quickly reset
your password without entering the code and email manually.
---
 .../PasswordReset/ChangePassword.spec.js      |  83 +++++++++
 .../PasswordReset/ChangePassword.vue          | 140 +++++++++++++++
 ...{PasswordReset.spec.js => Request.spec.js} |   6 +-
 .../{PasswordReset.vue => Request.vue}        |   0
 .../PasswordReset/VerifyCode.spec.js          |  47 +-----
 .../components/PasswordReset/VerifyCode.vue   | 159 +++---------------
 .../pages/password-reset/change-password.vue  |  28 +++
 webapp/pages/password-reset/request.vue       |   6 +-
 webapp/pages/password-reset/verify-code.vue   |   8 +-
 9 files changed, 282 insertions(+), 195 deletions(-)
 create mode 100644 webapp/components/PasswordReset/ChangePassword.spec.js
 create mode 100644 webapp/components/PasswordReset/ChangePassword.vue
 rename webapp/components/PasswordReset/{PasswordReset.spec.js => Request.spec.js} (94%)
 rename webapp/components/PasswordReset/{PasswordReset.vue => Request.vue} (100%)
 create mode 100644 webapp/pages/password-reset/change-password.vue

diff --git a/webapp/components/PasswordReset/ChangePassword.spec.js b/webapp/components/PasswordReset/ChangePassword.spec.js
new file mode 100644
index 000000000..88caa6c6d
--- /dev/null
+++ b/webapp/components/PasswordReset/ChangePassword.spec.js
@@ -0,0 +1,83 @@
+import { mount, createLocalVue } from '@vue/test-utils'
+import ChangePassword from './ChangePassword'
+import Styleguide from '@human-connection/styleguide'
+
+const localVue = createLocalVue()
+
+localVue.use(Styleguide)
+
+describe('ChangePassword ', () => {
+  let wrapper
+  let Wrapper
+  let mocks
+  let propsData
+
+  beforeEach(() => {
+    propsData = {}
+    mocks = {
+      $toast: {
+        success: jest.fn(),
+        error: jest.fn(),
+      },
+      $t: jest.fn(),
+      $apollo: {
+        loading: false,
+        mutate: jest.fn().mockResolvedValue({ data: { resetPassword: true } }),
+      },
+    }
+  })
+
+  describe('mount', () => {
+    beforeEach(jest.useFakeTimers)
+
+    Wrapper = () => {
+      return mount(ChangePassword, {
+        mocks,
+        propsData,
+        localVue,
+      })
+    }
+
+    describe('given email and verification code', () => {
+      beforeEach(() => {
+        propsData.email = 'mail@example.org'
+        propsData.code = '123456'
+      })
+
+      describe('submitting new password', () => {
+        beforeEach(() => {
+          wrapper = Wrapper()
+          wrapper.find('input#newPassword').setValue('supersecret')
+          wrapper.find('input#confirmPassword').setValue('supersecret')
+          wrapper.find('form').trigger('submit')
+        })
+
+        it('calls resetPassword graphql mutation', () => {
+          expect(mocks.$apollo.mutate).toHaveBeenCalled()
+        })
+
+        it('delivers new password to backend', () => {
+          const expected = expect.objectContaining({
+            variables: { code: '123456', email: 'mail@example.org', newPassword: 'supersecret' },
+          })
+          expect(mocks.$apollo.mutate).toHaveBeenCalledWith(expected)
+        })
+
+        describe('password reset successful', () => {
+          it('displays success message', () => {
+            const expected = 'verify-code.form.change-password.success'
+            expect(mocks.$t).toHaveBeenCalledWith(expected)
+          })
+
+          describe('after animation', () => {
+            beforeEach(jest.runAllTimers)
+
+            it('emits `change-password-sucess`', () => {
+              expect(wrapper.emitted('passwordResetResponse')).toEqual([['success']])
+            })
+          })
+        })
+      })
+    })
+  })
+})
diff --git a/webapp/components/PasswordReset/ChangePassword.vue b/webapp/components/PasswordReset/ChangePassword.vue
new file mode 100644
index 000000000..5a12f9938
--- /dev/null
+++ b/webapp/components/PasswordReset/ChangePassword.vue
@@ -0,0 +1,140 @@
+<template>
+  <ds-card class="verify-code">
+    <ds-space margin="large">
+      <template>
+        <ds-form
+          v-if="!changePasswordResult"
+          v-model="formData"
+          :schema="formSchema"
+          @submit="handleSubmitPassword"
+          @input="handleInput"
+          @input-valid="handleInputValid"
+          class="change-password"
+        >
+          <ds-input
+            id="newPassword"
+            model="newPassword"
+            type="password"
+            autocomplete="off"
+            :label="$t('settings.security.change-password.label-new-password')"
+          />
+          <ds-input
+            id="confirmPassword"
+            model="confirmPassword"
+            type="password"
+            autocomplete="off"
+            :label="$t('settings.security.change-password.label-new-password-confirm')"
+          />
+          <password-strength :password="formData.newPassword" />
+          <ds-space margin-top="base">
+            <ds-button :loading="$apollo.loading" :disabled="disabled" primary>
+              {{ $t('settings.security.change-password.button') }}
+            </ds-button>
+          </ds-space>
+        </ds-form>
+        <ds-text v-else>
+          <template v-if="changePasswordResult === 'success'">
+            <sweetalert-icon icon="success" />
+            <ds-text>
+              {{ $t(`verify-code.form.change-password.success`) }}
+            </ds-text>
+          </template>
+          <template v-else>
+            <sweetalert-icon icon="error" />
+            <ds-text align="left">
+              {{ $t(`verify-code.form.change-password.error`) }}
+              {{ $t('verify-code.form.change-password.help') }}
+            </ds-text>
+            <a href="mailto:support@human-connection.org">support@human-connection.org</a>
+          </template>
+        </ds-text>
+      </template>
+    </ds-space>
+  </ds-card>
+</template>
+
+<script>
+import PasswordStrength from '../Password/Strength'
+import gql from 'graphql-tag'
+import { SweetalertIcon } from 'vue-sweetalert-icons'
+
+export default {
+  components: {
+    SweetalertIcon,
+    PasswordStrength,
+  },
+  props: {
+    email: { type: String, required: true },
+    code: { type: String, required: true },
+  },
+  data() {
+    return {
+      formData: {
+        newPassword: '',
+        confirmPassword: '',
+      },
+      formSchema: {
+        newPassword: {
+          type: 'string',
+          required: true,
+          message: this.$t('settings.security.change-password.message-new-password-required'),
+        },
+        confirmPassword: [
+          { validator: this.matchPassword },
+          {
+            type: 'string',
+            required: true,
+            message: this.$t(
+              'settings.security.change-password.message-new-password-confirm-required',
+            ),
+          },
+        ],
+      },
+      disabled: true,
+      changePasswordResult: null,
+    }
+  },
+  methods: {
+    async handleInput() {
+      this.disabled = true
+    },
+    async handleInputValid() {
+      this.disabled = false
+    },
+    async handleSubmitPassword() {
+      const mutation = gql`
+        mutation($code: String!, $email: String!, $newPassword: String!) {
+          resetPassword(code: $code, email: $email, newPassword: $newPassword)
+        }
+      `
+      const { newPassword } = this.formData
+      const { email, code } = this
+      const variables = { newPassword, email, code }
+      try {
+        const {
+          data: { resetPassword },
+        } = await this.$apollo.mutate({ mutation, variables })
+        this.changePasswordResult = resetPassword ? 'success' : 'error'
+        setTimeout(() => {
+          this.$emit('passwordResetResponse', this.changePasswordResult)
+        }, 3000)
+        this.formData = {
+          newPassword: '',
+          confirmPassword: '',
+        }
+      } catch (err) {
+        this.$toast.error(err.message)
+      }
+    },
+    matchPassword(rule, value, callback, source, options) {
+      var errors = []
+      if (this.formData.newPassword !== value) {
+        errors.push(
+          new Error(this.$t('settings.security.change-password.message-new-password-missmatch')),
+        )
+      }
+      callback(errors)
+    },
+  },
+}
+</script>
diff --git a/webapp/components/PasswordReset/PasswordReset.spec.js b/webapp/components/PasswordReset/Request.spec.js
similarity index 94%
rename from webapp/components/PasswordReset/PasswordReset.spec.js
rename to webapp/components/PasswordReset/Request.spec.js
index 1adf68ee5..e7a1f6866 100644
--- a/webapp/components/PasswordReset/PasswordReset.spec.js
+++ b/webapp/components/PasswordReset/Request.spec.js
@@ -1,12 +1,12 @@
 import { mount, createLocalVue } from '@vue/test-utils'
-import PasswordReset from './PasswordReset'
+import Request from './Request'
 import Styleguide from '@human-connection/styleguide'
 
 const localVue = createLocalVue()
 
 localVue.use(Styleguide)
 
-describe('PasswordReset', () => {
+describe('Request', () => {
   let wrapper
   let Wrapper
   let mocks
@@ -29,7 +29,7 @@ describe('PasswordReset', () => {
     beforeEach(jest.useFakeTimers)
 
     Wrapper = () => {
-      return mount(PasswordReset, {
+      return mount(Request, {
         mocks,
         localVue,
       })
diff --git a/webapp/components/PasswordReset/PasswordReset.vue b/webapp/components/PasswordReset/Request.vue
similarity index 100%
rename from webapp/components/PasswordReset/PasswordReset.vue
rename to webapp/components/PasswordReset/Request.vue
diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 6f489e55f..062e7e8f7 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -13,15 +13,7 @@ describe('VerifyCode ', () => {
 
   beforeEach(() => {
     mocks = {
-      $toast: {
-        success: jest.fn(),
-        error: jest.fn(),
-      },
       $t: jest.fn(),
-      $apollo: {
-        loading: false,
-        mutate: jest.fn().mockResolvedValue({ data: { resetPassword: true } }),
-      },
     }
   })
 
@@ -48,42 +40,9 @@ describe('VerifyCode ', () => {
         wrapper.find('form').trigger('submit')
       })
 
-      it('displays a form to update your password', () => {
-        expect(wrapper.find('.change-password').exists()).toBe(true)
-      })
-
-      describe('submitting new password', () => {
-        beforeEach(() => {
-          wrapper.find('input#newPassword').setValue('supersecret')
-          wrapper.find('input#confirmPassword').setValue('supersecret')
-          wrapper.find('form').trigger('submit')
-        })
-
-        it('calls resetPassword graphql mutation', () => {
-          expect(mocks.$apollo.mutate).toHaveBeenCalled()
-        })
-
-        it('delivers new password to backend', () => {
-          const expected = expect.objectContaining({
-            variables: { code: '123456', email: 'mail@example.org', newPassword: 'supersecret' },
-          })
-          expect(mocks.$apollo.mutate).toHaveBeenCalledWith(expected)
-        })
-
-        describe('password reset successful', () => {
-          it('displays success message', () => {
-            const expected = 'verify-code.form.change-password.success'
-            expect(mocks.$t).toHaveBeenCalledWith(expected)
-          })
-
-          describe('after animation', () => {
-            beforeEach(jest.runAllTimers)
-
-            it('emits `change-password-sucess`', () => {
-              expect(wrapper.emitted('passwordResetResponse')).toEqual([['success']])
-            })
-          })
-        })
+      it('emits `verifyCode`', () => {
+        const expected = [[{ code: '123456', email: 'mail@example.org' }]]
+        expect(wrapper.emitted('verification')).toEqual(expected)
       })
     })
   })
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index d53d08bf2..410a027af 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -2,9 +2,8 @@
   <ds-card class="verify-code">
     <ds-space margin="large">
       <ds-form
-        v-if="!verificationSubmitted"
-        v-model="verification.formData"
-        :schema="verification.formSchema"
+        v-model="formData"
+        :schema="formSchema"
         @submit="handleSubmitVerify"
         @input="handleInput"
         @input-valid="handleInputValid"
@@ -32,116 +31,33 @@
           {{ $t('verify-code.form.next') }}
         </ds-button>
       </ds-form>
-      <template v-else>
-        <ds-form
-          v-if="!changePasswordResult"
-          v-model="password.formData"
-          :schema="password.formSchema"
-          @submit="handleSubmitPassword"
-          @input="handleInput"
-          @input-valid="handleInputValid"
-          class="change-password"
-        >
-          <ds-input
-            id="newPassword"
-            model="newPassword"
-            type="password"
-            autocomplete="off"
-            :label="$t('settings.security.change-password.label-new-password')"
-          />
-          <ds-input
-            id="confirmPassword"
-            model="confirmPassword"
-            type="password"
-            autocomplete="off"
-            :label="$t('settings.security.change-password.label-new-password-confirm')"
-          />
-          <password-strength :password="password.formData.newPassword" />
-          <ds-space margin-top="base">
-            <ds-button :loading="$apollo.loading" :disabled="disabled" primary>
-              {{ $t('settings.security.change-password.button') }}
-            </ds-button>
-          </ds-space>
-        </ds-form>
-        <ds-text v-else>
-          <template v-if="changePasswordResult === 'success'">
-            <sweetalert-icon icon="success" />
-            <ds-text>
-              {{ $t(`verify-code.form.change-password.success`) }}
-            </ds-text>
-          </template>
-          <template v-else>
-            <sweetalert-icon icon="error" />
-            <ds-text align="left">
-              {{ $t(`verify-code.form.change-password.error`) }}
-              {{ $t('verify-code.form.change-password.help') }}
-            </ds-text>
-            <a href="mailto:support@human-connection.org">support@human-connection.org</a>
-          </template>
-        </ds-text>
-      </template>
     </ds-space>
   </ds-card>
 </template>
 
 <script>
-import PasswordStrength from '../Password/Strength'
-import gql from 'graphql-tag'
-import { SweetalertIcon } from 'vue-sweetalert-icons'
-
 export default {
-  components: {
-    SweetalertIcon,
-    PasswordStrength,
-  },
   data() {
     return {
-      verification: {
-        formData: {
-          email: '',
-          code: '',
+      formData: {
+        email: '',
+        code: '',
+      },
+      formSchema: {
+        email: {
+          type: 'email',
+          required: true,
+          message: this.$t('common.validations.email'),
         },
-        formSchema: {
-          email: {
-            type: 'email',
-            required: true,
-            message: this.$t('common.validations.email'),
-          },
-          code: {
-            type: 'string',
-            min: 6,
-            max: 6,
-            required: true,
-            message: this.$t('common.validations.verification-code'),
-          },
+        code: {
+          type: 'string',
+          min: 6,
+          max: 6,
+          required: true,
+          message: this.$t('common.validations.verification-code'),
         },
       },
-      password: {
-        formData: {
-          newPassword: '',
-          confirmPassword: '',
-        },
-        formSchema: {
-          newPassword: {
-            type: 'string',
-            required: true,
-            message: this.$t('settings.security.change-password.message-new-password-required'),
-          },
-          confirmPassword: [
-            { validator: this.matchPassword },
-            {
-              type: 'string',
-              required: true,
-              message: this.$t(
-                'settings.security.change-password.message-new-password-confirm-required',
-              ),
-            },
-          ],
-        },
-      },
-      verificationSubmitted: false,
       disabled: true,
-      changePasswordResult: null,
     }
   },
   methods: {
@@ -152,45 +68,8 @@ export default {
       this.disabled = false
     },
     handleSubmitVerify() {
-      this.verificationSubmitted = true
-    },
-    async handleSubmitPassword() {
-      const mutation = gql`
-        mutation($code: String!, $email: String!, $newPassword: String!) {
-          resetPassword(code: $code, email: $email, newPassword: $newPassword)
-        }
-      `
-      const { newPassword } = this.password.formData
-      const { email, code } = this.verification.formData
-      const variables = { newPassword, email, code }
-      try {
-        const {
-          data: { resetPassword },
-        } = await this.$apollo.mutate({ mutation, variables })
-        this.changePasswordResult = resetPassword ? 'success' : 'error'
-        setTimeout(() => {
-          this.$emit('passwordResetResponse', this.changePasswordResult)
-        }, 3000)
-        this.verification.formData = {
-          code: '',
-          email: '',
-        }
-        this.password.formData = {
-          newPassword: '',
-          confirmPassword: '',
-        }
-      } catch (err) {
-        this.$toast.error(err.message)
-      }
-    },
-    matchPassword(rule, value, callback, source, options) {
-      var errors = []
-      if (this.password.formData.newPassword !== value) {
-        errors.push(
-          new Error(this.$t('settings.security.change-password.message-new-password-missmatch')),
-        )
-      }
-      callback(errors)
+      const { email, code } = this.formData
+      this.$emit('verification', { email, code })
     },
   },
 }
diff --git a/webapp/pages/password-reset/change-password.vue b/webapp/pages/password-reset/change-password.vue
new file mode 100644
index 000000000..12ccc192a
--- /dev/null
+++ b/webapp/pages/password-reset/change-password.vue
@@ -0,0 +1,28 @@
+<template>
+  <change-password
+    :email="email"
+    :code="code"
+    @passwordResetResponse="handlePasswordResetResponse"
+  />
+</template>
+
+<script>
+import ChangePassword from '~/components/PasswordReset/ChangePassword'
+
+export default {
+  data() {
+    const { email = '', code = '' } = this.$route.query
+    return { email, code }
+  },
+  components: {
+    ChangePassword,
+  },
+  methods: {
+    handlePasswordResetResponse(response) {
+      if (response === 'success') {
+        this.$router.push('/login')
+      }
+    },
+  },
+}
+</script>
diff --git a/webapp/pages/password-reset/request.vue b/webapp/pages/password-reset/request.vue
index 7cf37f537..9148b4ed4 100644
--- a/webapp/pages/password-reset/request.vue
+++ b/webapp/pages/password-reset/request.vue
@@ -1,13 +1,13 @@
 <template>
-  <password-reset @handleSubmitted="handlePasswordResetRequested" />
+  <request @handleSubmitted="handlePasswordResetRequested" />
 </template>
 
 <script>
-import PasswordReset from '~/components/PasswordReset/PasswordReset'
+import Request from '~/components/PasswordReset/Request'
 
 export default {
   components: {
-    PasswordReset,
+    Request,
   },
   methods: {
     handlePasswordResetRequested() {
diff --git a/webapp/pages/password-reset/verify-code.vue b/webapp/pages/password-reset/verify-code.vue
index e331c673c..f733eaa66 100644
--- a/webapp/pages/password-reset/verify-code.vue
+++ b/webapp/pages/password-reset/verify-code.vue
@@ -1,5 +1,5 @@
 <template>
-  <verify-code @passwordResetResponse="handlePasswordResetResponse" />
+  <verify-code @verification="handleVerification" />
 </template>
 
 <script>
@@ -10,10 +10,8 @@ export default {
     VerifyCode,
   },
   methods: {
-    handlePasswordResetResponse(response) {
-      if (response === 'success') {
-        this.$router.push('login')
-      }
+    handleVerification({ email, code }) {
+      this.$router.push({ path: 'change-password', query: { email, code } })
     },
   },
 }

From 3f5e9a21ccbc6ce3e5989bc99c385ac2090f2970 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Wed, 19 Jun 2019 14:47:10 +0200
Subject: [PATCH 65/89] Disable SEND_MAILS for local development and test

.. but enable it by default for `docker-compose.override.yml`. If the developer
uses `docker-compose` we can safely assume that a local smtp server for
development is running.
---
 backend/.env.template                         |  4 ++++
 backend/src/config/index.js                   |  1 +
 backend/src/schema/resolvers/passwordReset.js | 16 +++++++++-------
 docker-compose.override.yml                   |  6 ++++++
 4 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/backend/.env.template b/backend/.env.template
index e905d1eb6..5bbf65e3b 100644
--- a/backend/.env.template
+++ b/backend/.env.template
@@ -5,6 +5,10 @@ GRAPHQL_PORT=4000
 GRAPHQL_URI=http://localhost:4000
 CLIENT_URI=http://localhost:3000
 MOCKS=false
+SMTP_HOST=localhost
+SMTP_PORT=1025
+SMTP_USERNAME=
+SMTP_PASSWORD=
 
 JWT_SECRET="b/&&7b78BF&fv/Vd"
 MAPBOX_TOKEN="pk.eyJ1IjoiaHVtYW4tY29ubmVjdGlvbiIsImEiOiJjajl0cnBubGoweTVlM3VwZ2lzNTNud3ZtIn0.KZ8KK9l70omjXbEkkbHGsQ"
diff --git a/backend/src/config/index.js b/backend/src/config/index.js
index 6931126e2..f0959ab53 100644
--- a/backend/src/config/index.js
+++ b/backend/src/config/index.js
@@ -28,6 +28,7 @@ export const serverConfigs = {
 }
 
 export const developmentConfigs = {
+  SEND_MAILS: process.env.SEND_MAILS || false,
   DEBUG: process.env.NODE_ENV !== 'production' && process.env.DEBUG === 'true',
   MOCKS: process.env.MOCKS === 'true',
   DISABLED_MIDDLEWARES:
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index fe37187b5..ed9ec7ea1 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -41,13 +41,15 @@ export default {
     requestPasswordReset: async (_, { email }, { driver }) => {
       const code = uuid().substring(0, 6)
       await createPasswordReset({ driver, code, email })
-      await transporter().sendMail({
-        from: '"Human Connection" <info@human-connection.org>', // sender address
-        to: email, // list of receivers
-        subject: 'Password Reset', // Subject line
-        text: `Code is ${code}`, // plain text body
-        html: `Code is <b>${code}</b>`, // plain text body
-      })
+      if (CONFIG.SEND_MAILS) {
+        await transporter().sendMail({
+          from: '"Human Connection" <info@human-connection.org>', // sender address
+          to: email, // list of receivers
+          subject: 'Password Reset', // Subject line
+          text: `Code is ${code}`, // plain text body
+          html: `Code is <b>${code}</b>`, // plain text body
+        })
+      }
 
       return true
     },
diff --git a/docker-compose.override.yml b/docker-compose.override.yml
index d7ee86bd6..9c82a8df5 100644
--- a/docker-compose.override.yml
+++ b/docker-compose.override.yml
@@ -5,6 +5,8 @@ services:
     image: djfarrelly/maildev
     ports:
       - 1080:80
+    networks:
+      - hc-network
   webapp:
     build:
       context: webapp
@@ -24,6 +26,10 @@ services:
       - backend_node_modules:/nitro-backend/node_modules
       - uploads:/nitro-backend/public/uploads
     command: yarn run dev
+    environment:
+      - SEND_MAILS=true
+      - SMTP_HOST=mailserver
+      - SMTP_PORT=25
   neo4j:
     environment:
       - NEO4J_AUTH=none

From 61ad100bfbf53539ebcea743a38d3e4a2745591e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Thu, 20 Jun 2019 00:09:26 +0200
Subject: [PATCH 66/89] Get rid of unnecessary .env var - document it

---
 backend/.env.template                         |  4 ++--
 backend/README.md                             |  3 +++
 backend/src/config/index.js                   | 23 +++++++++----------
 backend/src/schema/resolvers/passwordReset.js |  2 +-
 4 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/backend/.env.template b/backend/.env.template
index 5bbf65e3b..273ad7e64 100644
--- a/backend/.env.template
+++ b/backend/.env.template
@@ -5,8 +5,8 @@ GRAPHQL_PORT=4000
 GRAPHQL_URI=http://localhost:4000
 CLIENT_URI=http://localhost:3000
 MOCKS=false
-SMTP_HOST=localhost
-SMTP_PORT=1025
+SMTP_HOST=
+SMTP_PORT=
 SMTP_USERNAME=
 SMTP_PASSWORD=
 
diff --git a/backend/README.md b/backend/README.md
index 3cce123ac..cd56e231f 100644
--- a/backend/README.md
+++ b/backend/README.md
@@ -44,6 +44,9 @@ or start the backend in production environment with:
 yarn run start
 ```
 
+For e-mail delivery, please configure at least `SMTP_HOST` and `SMTP_PORT` in
+your `.env` configuration file.
+
 Your backend is up and running at [http://localhost:4000/](http://localhost:4000/)
 This will start the GraphQL service \(by default on localhost:4000\) where you
 can issue GraphQL requests or access GraphQL Playground in the browser.
diff --git a/backend/src/config/index.js b/backend/src/config/index.js
index f0959ab53..e376c51e3 100644
--- a/backend/src/config/index.js
+++ b/backend/src/config/index.js
@@ -2,18 +2,18 @@ import dotenv from 'dotenv'
 
 dotenv.config()
 
-export const requiredConfigs = {
-  MAPBOX_TOKEN: process.env.MAPBOX_TOKEN,
-  JWT_SECRET: process.env.JWT_SECRET,
-  PRIVATE_KEY_PASSPHRASE: process.env.PRIVATE_KEY_PASSPHRASE,
-}
+const {
+MAPBOX_TOKEN,
+JWT_SECRET,
+PRIVATE_KEY_PASSPHRASE,
+SMTP_HOST,
+SMTP_PORT,
+SMTP_USERNAME,
+SMTP_PASSWORD,
+} = process.env
 
-export const smtpConfigs = {
-  SMTP_HOST: process.env.SMTP_HOST || 'localhost',
-  SMTP_PORT: process.env.SMTP_PORT || 1025,
-  SMTP_USERNAME: process.env.SMTP_USERNAME,
-  SMTP_PASSWORD: process.env.SMTP_PASSWORD,
-}
+export const requiredConfigs = { MAPBOX_TOKEN, JWT_SECRET, PRIVATE_KEY_PASSPHRASE }
+export const smtpConfigs = { SMTP_HOST, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD }
 
 export const neo4jConfigs = {
   NEO4J_URI: process.env.NEO4J_URI || 'bolt://localhost:7687',
@@ -28,7 +28,6 @@ export const serverConfigs = {
 }
 
 export const developmentConfigs = {
-  SEND_MAILS: process.env.SEND_MAILS || false,
   DEBUG: process.env.NODE_ENV !== 'production' && process.env.DEBUG === 'true',
   MOCKS: process.env.MOCKS === 'true',
   DISABLED_MIDDLEWARES:
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index ed9ec7ea1..baf6c1339 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -41,7 +41,7 @@ export default {
     requestPasswordReset: async (_, { email }, { driver }) => {
       const code = uuid().substring(0, 6)
       await createPasswordReset({ driver, code, email })
-      if (CONFIG.SEND_MAILS) {
+      if (CONFIG.SMTP_HOST && CONFIG.SMTP_PORT) {
         await transporter().sendMail({
           from: '"Human Connection" <info@human-connection.org>', // sender address
           to: email, // list of receivers

From 9dd340c69b794b4aa8b59d0d94827f536f64849a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Thu, 20 Jun 2019 01:29:50 +0200
Subject: [PATCH 67/89] Template emails based on postmark-templates

Credit: https://github.com/wildbit/postmark-templates/

Also we distinguish now if a user has been found and if not. The
password reset link brings us directly to the last step in the flow.
---
 backend/src/config/index.js                   | 14 +--
 backend/src/schema/resolvers/passwordReset.js | 20 ++---
 .../resolvers/passwordReset/emailTemplates.js | 85 +++++++++++++++++++
 3 files changed, 100 insertions(+), 19 deletions(-)
 create mode 100644 backend/src/schema/resolvers/passwordReset/emailTemplates.js

diff --git a/backend/src/config/index.js b/backend/src/config/index.js
index e376c51e3..7b254c044 100644
--- a/backend/src/config/index.js
+++ b/backend/src/config/index.js
@@ -3,13 +3,13 @@ import dotenv from 'dotenv'
 dotenv.config()
 
 const {
-MAPBOX_TOKEN,
-JWT_SECRET,
-PRIVATE_KEY_PASSPHRASE,
-SMTP_HOST,
-SMTP_PORT,
-SMTP_USERNAME,
-SMTP_PASSWORD,
+  MAPBOX_TOKEN,
+  JWT_SECRET,
+  PRIVATE_KEY_PASSPHRASE,
+  SMTP_HOST,
+  SMTP_PORT,
+  SMTP_USERNAME,
+  SMTP_PASSWORD,
 } = process.env
 
 export const requiredConfigs = { MAPBOX_TOKEN, JWT_SECRET, PRIVATE_KEY_PASSPHRASE }
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index baf6c1339..b80e3d6aa 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -2,6 +2,7 @@ import uuid from 'uuid/v4'
 import bcrypt from 'bcryptjs'
 import CONFIG from '../../config'
 import nodemailer from 'nodemailer'
+import { resetPasswordMail, wrongAccountMail } from './passwordReset/emailTemplates'
 
 const transporter = () => {
   const { SMTP_HOST: host, SMTP_PORT: port, SMTP_USERNAME: user, SMTP_PASSWORD: pass } = CONFIG
@@ -24,33 +25,28 @@ export async function createPasswordReset(options) {
       MATCH (u:User) WHERE u.email = $email
       CREATE(pr:PasswordReset {code: $code, issuedAt: datetime($issuedAt), usedAt: NULL})
       MERGE (u)-[:REQUESTED]->(pr)
-      RETURN pr
+      RETURN u
       `
   const transactionRes = await session.run(cypher, {
     issuedAt: issuedAt.toISOString(),
     code,
     email,
   })
-  const resets = transactionRes.records.map(record => record.get('pr'))
+  const users = transactionRes.records.map(record => record.get('u'))
   session.close()
-  return resets
+  return users
 }
 
 export default {
   Mutation: {
     requestPasswordReset: async (_, { email }, { driver }) => {
       const code = uuid().substring(0, 6)
-      await createPasswordReset({ driver, code, email })
+      const [user] = await createPasswordReset({ driver, code, email })
       if (CONFIG.SMTP_HOST && CONFIG.SMTP_PORT) {
-        await transporter().sendMail({
-          from: '"Human Connection" <info@human-connection.org>', // sender address
-          to: email, // list of receivers
-          subject: 'Password Reset', // Subject line
-          text: `Code is ${code}`, // plain text body
-          html: `Code is <b>${code}</b>`, // plain text body
-        })
+        const name = (user && user.name) || ''
+        const mailTemplate = user ? resetPasswordMail : wrongAccountMail
+        await transporter().sendMail(mailTemplate({ email, code, name }))
       }
-
       return true
     },
     resetPassword: async (_, { email, code, newPassword }, { driver }) => {
diff --git a/backend/src/schema/resolvers/passwordReset/emailTemplates.js b/backend/src/schema/resolvers/passwordReset/emailTemplates.js
new file mode 100644
index 000000000..10d9c4ed5
--- /dev/null
+++ b/backend/src/schema/resolvers/passwordReset/emailTemplates.js
@@ -0,0 +1,85 @@
+import CONFIG from '../../../config'
+
+export const from = '"Human Connection" <info@human-connection.org>'
+
+export const resetPasswordMail = options => {
+  const {
+    name,
+    email,
+    code,
+    subject = 'Use this link to reset your password. The link is only valid for 24 hours.',
+    supportUrl = 'https://human-connection.org/en/contact/',
+  } = options
+  const actionUrl = new URL('/password-reset/change-password', CONFIG.CLIENT_URI)
+  actionUrl.searchParams.set('code', code)
+  actionUrl.searchParams.set('email', email)
+
+  return {
+    to: email,
+    subject,
+    text: `
+Hi ${name}!
+
+You recently requested to reset your password for your Human Connection account.
+Use the button below to reset it. This password reset is only valid for the next
+24 hours.
+
+${actionUrl}
+
+If you did not request a password reset, please ignore this email or contact
+support if you have questions:
+
+${supportUrl}
+
+Thanks,
+The Human Connection Team
+
+If you’re having trouble with the link above, you can manually copy and
+paste the following code into your browser window:
+
+${code}
+
+Human Connection gemeinnützige GmbH
+Bahnhofstr. 11
+73235 Weilheim / Teck
+Deutschland
+    `,
+  }
+}
+
+export const wrongAccountMail = options => {
+  const {
+    email,
+    subject = `We received a request to reset your password with this email address (${email})`,
+    supportUrl = 'https://human-connection.org/en/contact/',
+  } = options
+  const actionUrl = new URL('/password-reset/request', CONFIG.CLIENT_URI)
+  return {
+    to: email,
+    subject,
+    text: `
+We received a request to reset the password to access Human Connection with your
+email address, but we were unable to find an account associated with this
+address.
+
+If you use Human Connection and were expecting this email, consider trying to
+request a password reset using the email address associated with your account.
+Try a different email:
+
+${actionUrl}
+
+If you do not use Human Connection or did not request a password reset, please
+ignore this email. Feel free to contact support if you have further questions:
+
+${supportUrl}
+
+Thanks,
+The Human Connection Team
+
+Human Connection gemeinnützige GmbH
+Bahnhofstr. 11
+73235 Weilheim / Teck
+Deutschland
+  `,
+  }
+}

From c1ca7c6e5846f9d9dddf3a45fb0a2dbef06f8936 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Thu, 20 Jun 2019 04:34:36 +0000
Subject: [PATCH 68/89] Bump graphql-yoga from 1.17.4 to 1.18.0 in /backend

Bumps [graphql-yoga](https://github.com/prisma/graphql-yoga) from 1.17.4 to 1.18.0.
- [Release notes](https://github.com/prisma/graphql-yoga/releases)
- [Commits](https://github.com/prisma/graphql-yoga/compare/v1.17.4...v1.18.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 57 ++++++++++++++++++++++++++------------------
 2 files changed, 35 insertions(+), 24 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index e6c6f7cc3..4637769b9 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -63,7 +63,7 @@
     "graphql-middleware": "~3.0.2",
     "graphql-shield": "~5.3.8",
     "graphql-tag": "~2.10.1",
-    "graphql-yoga": "~1.17.4",
+    "graphql-yoga": "~1.18.0",
     "helmet": "~3.18.0",
     "jsonwebtoken": "~8.5.1",
     "linkifyjs": "~2.1.8",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index ea5891a1f..ec14eeadf 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1020,16 +1020,7 @@
     "@types/node" "*"
     "@types/range-parser" "*"
 
-"@types/express@*", "@types/express@^4.11.1":
-  version "4.16.0"
-  resolved "https://registry.yarnpkg.com/@types/express/-/express-4.16.0.tgz#6d8bc42ccaa6f35cf29a2b7c3333cb47b5a32a19"
-  integrity sha512-TtPEYumsmSTtTetAPXlJVf3kEqb6wZK0bZojpJQrnD/djV4q1oB6QQ8aKvKqwNPACoe02GNiy5zDzcYivR5Z2w==
-  dependencies:
-    "@types/body-parser" "*"
-    "@types/express-serve-static-core" "*"
-    "@types/serve-static" "*"
-
-"@types/express@4.17.0":
+"@types/express@*", "@types/express@4.17.0", "@types/express@^4.11.1":
   version "4.17.0"
   resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.0.tgz#49eaedb209582a86f12ed9b725160f12d04ef287"
   integrity sha512-CjaMu57cjgjuZbh9DpkloeGxV45CnMGlVd+XpG7Gm9QgVrd7KFq+X4HY0vM+2v0bczS48Wg7bvnMY5TN+Xmcfw==
@@ -2070,6 +2061,13 @@ busboy@^0.2.14:
     dicer "0.2.5"
     readable-stream "1.1.x"
 
+busboy@^0.3.1:
+  version "0.3.1"
+  resolved "https://registry.yarnpkg.com/busboy/-/busboy-0.3.1.tgz#170899274c5bf38aae27d5c62b71268cd585fd1b"
+  integrity sha512-y7tTxhGKXcyBxRKAni+awqx8uqaJKrSFSNFSeRG5CsWNdmy2BIK+6VGWEW7TZnIO/533mtMEA4rOevQV815YJw==
+  dependencies:
+    dicer "0.3.0"
+
 bytes@3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.0.tgz#f6cf7933a360e0588fa9fde85651cdc7f805d1f6"
@@ -2721,6 +2719,13 @@ dicer@0.2.5:
     readable-stream "1.1.x"
     streamsearch "0.1.2"
 
+dicer@0.3.0:
+  version "0.3.0"
+  resolved "https://registry.yarnpkg.com/dicer/-/dicer-0.3.0.tgz#eacd98b3bfbf92e8ab5c2fdb71aaac44bb06b872"
+  integrity sha512-MdceRRWqltEG2dZqO769g27N/3PXfcKl04VhYnBlo2YhH7zPi88VebsjTKclaOyiuMaGU72hTfw3VkUitGcVCA==
+  dependencies:
+    streamsearch "0.1.2"
+
 diff-sequences@^24.3.0:
   version "24.3.0"
   resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-24.3.0.tgz#0f20e8a1df1abddaf4d9c226680952e64118b975"
@@ -3535,6 +3540,11 @@ fs-capacitor@^1.0.0:
   resolved "https://registry.yarnpkg.com/fs-capacitor/-/fs-capacitor-1.0.1.tgz#ff9dbfa14dfaf4472537720f19c3088ed9278df0"
   integrity sha512-XdZK0Q78WP29Vm3FGgJRhRhrBm51PagovzWtW2kJ3Q6cYJbGtZqWSGTSPwvtEkyjIirFd7b8Yes/dpOYjt4RRQ==
 
+fs-capacitor@^2.0.4:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/fs-capacitor/-/fs-capacitor-2.0.4.tgz#5a22e72d40ae5078b4fe64fe4d08c0d3fc88ad3c"
+  integrity sha512-8S4f4WsCryNw2mJJchi46YgB6CR5Ze+4L1h8ewl9tEpL4SJ3ZO+c/bS4BWhB8bK+O3TMqhuZarTitd0S0eh2pA==
+
 fs-minipass@^1.2.5:
   version "1.2.5"
   resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-1.2.5.tgz#06c277218454ec288df77ada54a03b8702aacb9d"
@@ -3812,20 +3822,20 @@ graphql-tools@^4.0.0, graphql-tools@^4.0.4:
     iterall "^1.1.3"
     uuid "^3.1.0"
 
-graphql-upload@^8.0.2:
-  version "8.0.2"
-  resolved "https://registry.yarnpkg.com/graphql-upload/-/graphql-upload-8.0.2.tgz#1c1f116f15b7f8485cf40ff593a21368f0f58856"
-  integrity sha512-u8a5tKPfJ0rU4MY+B3skabL8pEjMkm3tUzq25KBx6nT0yEWmqUO7Z5tdwvwYLFpkLwew94Gue0ARbZtar3gLTw==
+graphql-upload@^8.0.0, graphql-upload@^8.0.2:
+  version "8.0.7"
+  resolved "https://registry.yarnpkg.com/graphql-upload/-/graphql-upload-8.0.7.tgz#8644264e241529552ea4b3797e7ee15809cf01a3"
+  integrity sha512-gi2yygbDPXbHPC7H0PNPqP++VKSoNoJO4UrXWq4T0Bi4IhyUd3Ycop/FSxhx2svWIK3jdXR/i0vi91yR1aAF0g==
   dependencies:
-    busboy "^0.2.14"
-    fs-capacitor "^1.0.0"
-    http-errors "^1.7.1"
+    busboy "^0.3.1"
+    fs-capacitor "^2.0.4"
+    http-errors "^1.7.2"
     object-path "^0.11.4"
 
-graphql-yoga@~1.17.4:
-  version "1.17.4"
-  resolved "https://registry.yarnpkg.com/graphql-yoga/-/graphql-yoga-1.17.4.tgz#6d325a6270399edf0776fb5f60a2e9e19512e63c"
-  integrity sha512-zOXFtmS43xDLoECKiuA3xVWH/wLDvLH1D/5fBKcaMFdF43ifDfnA9N6dlGggqAoOhqBnrqHwDpoKlJ6sI1LuxA==
+graphql-yoga@~1.18.0:
+  version "1.18.0"
+  resolved "https://registry.yarnpkg.com/graphql-yoga/-/graphql-yoga-1.18.0.tgz#2668278e94a0bd1b2ff8c60f928c4e18d62e381a"
+  integrity sha512-WEibitQA2oFTmD7XBO8/ps8DWeVpkzOzgbB3EvtM2oIpyGhPCzRZYrC7OS9MmijvRwLRXsgHImHWUm82ZrIOWA==
   dependencies:
     "@types/cors" "^2.8.4"
     "@types/express" "^4.11.1"
@@ -3847,6 +3857,7 @@ graphql-yoga@~1.17.4:
     graphql-playground-middleware-lambda "1.7.12"
     graphql-subscriptions "^0.5.8"
     graphql-tools "^4.0.0"
+    graphql-upload "^8.0.0"
     subscriptions-transport-ws "^0.9.8"
 
 "graphql@^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0", graphql@^14.2.1, graphql@~14.3.1:
@@ -4045,7 +4056,7 @@ htmlparser2@^3.10.0, htmlparser2@^3.9.1:
     inherits "^2.0.1"
     readable-stream "^3.0.6"
 
-http-errors@1.7.2, http-errors@~1.7.2:
+http-errors@1.7.2, http-errors@^1.7.2, http-errors@~1.7.2:
   version "1.7.2"
   resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.7.2.tgz#4f5029cf13239f31036e5b2e55292bcfbcc85c8f"
   integrity sha512-uUQBt3H/cSIVfch6i1EuPNy/YsRSOUBXTVfZ+yR7Zjez3qjBz6i9+i4zjNaoqcoFVI4lQJ5plg63TvGfRSDCRg==
@@ -4056,7 +4067,7 @@ http-errors@1.7.2, http-errors@~1.7.2:
     statuses ">= 1.5.0 < 2"
     toidentifier "1.0.0"
 
-http-errors@^1.7.0, http-errors@^1.7.1:
+http-errors@^1.7.0:
   version "1.7.1"
   resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.7.1.tgz#6a4ffe5d35188e1c39f872534690585852e1f027"
   integrity sha512-jWEUgtZWGSMba9I1N3gc1HmvpBUaNC9vDdA46yScAdp+C5rdEuKWUBLWTQpW9FwSWSbYYs++b6SDCxf9UEJzfw==

From 37b913620f208f122410a68ffc387d6e634e742c Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <dependabot-preview[bot]@users.noreply.github.com>
Date: Thu, 20 Jun 2019 04:35:38 +0000
Subject: [PATCH 69/89] Bump graphql-shield from 5.3.8 to 5.6.1 in /backend

Bumps [graphql-shield](https://github.com/maticzav/graphql-shield) from 5.3.8 to 5.6.1.
- [Release notes](https://github.com/maticzav/graphql-shield/releases)
- [Commits](https://github.com/maticzav/graphql-shield/compare/v5.3.8...v5.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index e6c6f7cc3..c8c44af71 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -61,7 +61,7 @@
     "graphql-custom-directives": "~0.2.14",
     "graphql-iso-date": "~3.6.1",
     "graphql-middleware": "~3.0.2",
-    "graphql-shield": "~5.3.8",
+    "graphql-shield": "~5.6.1",
     "graphql-tag": "~2.10.1",
     "graphql-yoga": "~1.17.4",
     "helmet": "~3.18.0",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index ea5891a1f..b7ec8a57d 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -3772,10 +3772,10 @@ graphql-request@~1.8.2:
   dependencies:
     cross-fetch "2.2.2"
 
-graphql-shield@~5.3.8:
-  version "5.3.8"
-  resolved "https://registry.yarnpkg.com/graphql-shield/-/graphql-shield-5.3.8.tgz#f9e7ad2285f6cfbe20a8a49154ce6c1b184e3893"
-  integrity sha512-33rQ8U5jMurHIapctHk7hBcUg3nxC7fmMIMtyWiomJXhBmztFq/SG7jNaapnL5M7Q/0BmoaSQd3FLSpelP9KPw==
+graphql-shield@~5.6.1:
+  version "5.6.1"
+  resolved "https://registry.yarnpkg.com/graphql-shield/-/graphql-shield-5.6.1.tgz#f4c9fb5ed329f823a738ad974b300d4a982691ca"
+  integrity sha512-Zrxrvx1Ep/nDdfQh/wN5PrH9JE4OEFdUmLzuyZSIGIAQWyXDk8FAl0cuNulnqI+zqrDzZ9TUj/zO3oV4hNKqCA==
   dependencies:
     "@types/yup" "0.26.16"
     lightercollective "^0.3.0"

From ffbe0b949a3bdba6bbc20869e51f120c92af5ce3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Thu, 20 Jun 2019 08:40:05 +0200
Subject: [PATCH 70/89] Translate menu item, renamed variables and tried to get
 hashtag to work correct

---
 webapp/components/Editor/index.vue    | 43 ++++++++++++++++-----------
 webapp/components/Editor/nodes/Tag.js |  1 +
 webapp/locales/de.json                |  8 ++++-
 webapp/locales/en.json                |  8 ++++-
 4 files changed, 41 insertions(+), 19 deletions(-)

diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index d8fd45697..4375681b5 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -6,25 +6,27 @@
           v-for="(user, index) in filteredUsers"
           :key="user.id"
           class="suggestion-list__item"
-          :class="{ 'is-selected': navigatedUserIndex === index }"
+          :class="{ 'is-selected': navigatedItemIndex === index }"
           @click="selectItem(user, 'mention')"
         >
           @{{ user.slug }}
         </div>
       </template>
-      <div v-else class="suggestion-list__item is-empty">No users found</div>
+      <div v-else class="suggestion-list__item is-empty">
+        {{ $t('editor.mention.noUsersFound') }}
+      </div>
       <template v-if="tagsFilterHasResults">
         <div
           v-for="(tag, index) in filteredTags"
           :key="tag.id"
           class="suggestion-list__item"
-          :class="{ 'is-selected': navigatedUserIndex === index }"
+          :class="{ 'is-selected': navigatedItemIndex === index }"
           @click="selectItem(tag, 'tag')"
         >
           #{{ tag.name }}
         </div>
       </template>
-      <div v-else class="suggestion-list__item is-empty">No users found</div>
+      <div v-else class="suggestion-list__item is-empty">{{ $t('editor.tag.noTagsFound') }}</div>
     </div>
 
     <editor-menu-bubble :editor="editor">
@@ -246,7 +248,7 @@ export default {
               this.query = query
               this.filteredUsers = items
               this.suggestionRange = range
-              this.navigatedUserIndex = 0
+              this.navigatedItemIndex = 0
               this.renderPopup(virtualNode)
             },
             // is called when a suggestion is cancelled
@@ -255,7 +257,7 @@ export default {
               this.query = null
               this.filteredUsers = []
               this.suggestionRange = null
-              this.navigatedUserIndex = 0
+              this.navigatedItemIndex = 0
               this.destroyPopup()
             },
             // is called on every keyDown event while a suggestion is active
@@ -311,7 +313,7 @@ export default {
               this.query = query
               this.filteredTags = items
               this.suggestionRange = range
-              this.navigatedUserIndex = 0
+              this.navigatedItemIndex = 0
               this.renderPopup(virtualNode)
             },
             // is called when a suggestion is cancelled
@@ -320,7 +322,7 @@ export default {
               this.query = null
               this.filteredTags = []
               this.suggestionRange = null
-              this.navigatedUserIndex = 0
+              this.navigatedItemIndex = 0
               this.destroyPopup()
             },
             // is called on every keyDown event while a suggestion is active
@@ -340,6 +342,11 @@ export default {
                 this.enterHandler(this.filteredTags, 'tag')
                 return true
               }
+              // pressing space
+              if (event.keyCode === 32) {
+                // this.enterHandler(this.filteredTags, 'tag')
+                return true
+              }
               return false
             },
             // is called when a suggestion has changed
@@ -369,17 +376,17 @@ export default {
       suggestionRange: null,
       filteredUsers: [],
       filteredTags: [],
-      navigatedUserIndex: 0,
+      navigatedItemIndex: 0,
       insertMention: () => {},
       observer: null,
     }
   },
   computed: {
     usersFilterHasResults() {
-      return this.filteredUsers.length
+      return this.filteredUsers.length > 0
     },
     tagsFilterHasResults() {
-      return this.filteredTags.length
+      return this.filteredTags.length > 0
     },
     showSuggestions() {
       return this.query || this.usersFilterHasResults || this.tagsFilterHasResults
@@ -414,16 +421,16 @@ export default {
     // navigate to the previous item
     // if it's the first item, navigate to the last one
     upHandler(filteredArray) {
-      this.navigatedUserIndex =
-        (this.navigatedUserIndex + this.filteredArray.length - 1) % this.filteredArray.length
+      this.navigatedItemIndex =
+        (this.navigatedItemIndex + this.filteredArray.length - 1) % this.filteredArray.length
     },
     // navigate to the next item
     // if it's the last item, navigate to the first one
     downHandler(filteredArray) {
-      this.navigatedUserIndex = (this.navigatedUserIndex + 1) % this.filteredArray.length
+      this.navigatedItemIndex = (this.navigatedItemIndex + 1) % this.filteredArray.length
     },
     enterHandler(filteredArray, type) {
-      const item = this.filteredArray[this.navigatedUserIndex]
+      const item = this.filteredArray[this.navigatedItemIndex]
       if (item) {
         this.selectItem(item, type)
       }
@@ -439,8 +446,7 @@ export default {
         },
         tag: {
           // TODO: Fill up with input tag in search field
-          url: ``,
-          // callBack: () => {},
+          url: `/search/hashtag:${item.name}`,
           label: item.name,
         },
       }
@@ -625,6 +631,9 @@ li > p {
   .mention-suggestion {
     color: $color-primary;
   }
+  .tag {
+    color: $color-primary;
+  }
   .tag-suggestion {
     color: $color-primary;
   }
diff --git a/webapp/components/Editor/nodes/Tag.js b/webapp/components/Editor/nodes/Tag.js
index 0a7324c81..e372eb21c 100644
--- a/webapp/components/Editor/nodes/Tag.js
+++ b/webapp/components/Editor/nodes/Tag.js
@@ -31,6 +31,7 @@ export default class Tag extends TipTapMention {
           class: this.options.mentionClass,
           href: node.attrs.url,
           target: '_blank',
+          // contenteditable: 'true',
         },
         `${this.options.matcher.char}${node.attrs.label}`,
       ]
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index 2f40bf165..cd9d86819 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -14,7 +14,13 @@
     "hello": "Hallo"
   },
   "editor": {
-    "placeholder": "Schreib etwas Inspirierendes..."
+    "placeholder": "Schreib etwas Inspirierendes...",
+    "mention": {
+      "noUsersFound": "Keine Benutzer gefunden"
+    },
+    "tag": {
+      "noTagsFound": "Keine Hashtags gefunden"
+    }
   },
   "profile": {
     "name": "Mein Profil",
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 2d105bc3b..47e649395 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -14,7 +14,13 @@
     "hello": "Hello"
   },
   "editor": {
-    "placeholder": "Leave your inspirational thoughts..."
+    "placeholder": "Leave your inspirational thoughts...",
+    "mention": {
+      "noUsersFound": "No users found"
+    },
+    "tag": {
+      "noTagsFound": "No hashtags found"
+    }
   },
   "profile": {
     "name": "My Profile",

From c5f2d7cc787b5857d8eb8282a78057934b0141b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Thu, 20 Jun 2019 11:26:51 +0200
Subject: [PATCH 71/89] Solve remaind merge conflict

---
 webapp/components/Editor/index.vue | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index b6e460c83..cbfaec854 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -187,11 +187,8 @@ import {
   History,
 } from 'tiptap-extensions'
 import Mention from './nodes/Mention.js'
-<<<<<<< HEAD
 import Tag from './nodes/Tag.js'
-=======
 import { mapGetters } from 'vuex'
->>>>>>> origin/master
 
 let throttleInputEvent
 
@@ -386,17 +383,12 @@ export default {
     }
   },
   computed: {
-<<<<<<< HEAD
+    ...mapGetters({ placeholder: 'editor/placeholder' }),
     usersFilterHasResults() {
       return this.filteredUsers.length > 0
     },
     tagsFilterHasResults() {
       return this.filteredTags.length > 0
-=======
-    ...mapGetters({ placeholder: 'editor/placeholder' }),
-    hasResults() {
-      return this.filteredUsers.length
->>>>>>> origin/master
     },
     showSuggestions() {
       return this.query || this.usersFilterHasResults || this.tagsFilterHasResults

From ff46740e90812db7e723384316975c347c741437 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Thu, 20 Jun 2019 15:12:26 +0200
Subject: [PATCH 72/89] Follow @mattwr18 suggetions don't enter mail twice

---
 .../components/PasswordReset/Request.spec.js  |  2 +-
 webapp/components/PasswordReset/Request.vue   |  6 +++---
 .../components/PasswordReset/VerifyCode.vue   | 19 +++++--------------
 webapp/pages/password-reset/request.vue       |  4 ++--
 webapp/pages/password-reset/verify-code.vue   |  6 +++++-
 5 files changed, 16 insertions(+), 21 deletions(-)

diff --git a/webapp/components/PasswordReset/Request.spec.js b/webapp/components/PasswordReset/Request.spec.js
index e7a1f6866..c9128a70e 100644
--- a/webapp/components/PasswordReset/Request.spec.js
+++ b/webapp/components/PasswordReset/Request.spec.js
@@ -69,7 +69,7 @@ describe('Request', () => {
         beforeEach(jest.runAllTimers)
 
         it('emits `handleSubmitted`', () => {
-          expect(wrapper.emitted('handleSubmitted')).toBeTruthy()
+          expect(wrapper.emitted('handleSubmitted')).toEqual([[{ email: 'mail@example.org' }]])
         })
       })
     })
diff --git a/webapp/components/PasswordReset/Request.vue b/webapp/components/PasswordReset/Request.vue
index f183307e6..8ca2da89b 100644
--- a/webapp/components/PasswordReset/Request.vue
+++ b/webapp/components/PasswordReset/Request.vue
@@ -89,14 +89,14 @@ export default {
           requestPasswordReset(email: $email)
         }
       `
-      const variables = this.formData
+      const { email } = this.formData
 
       try {
-        await this.$apollo.mutate({ mutation, variables })
+        await this.$apollo.mutate({ mutation, variables: { email } })
         this.submitted = true
 
         setTimeout(() => {
-          this.$emit('handleSubmitted')
+          this.$emit('handleSubmitted', { email })
         }, 3000)
       } catch (err) {
         this.$toast.error(err.message)
diff --git a/webapp/components/PasswordReset/VerifyCode.vue b/webapp/components/PasswordReset/VerifyCode.vue
index 410a027af..de1495e36 100644
--- a/webapp/components/PasswordReset/VerifyCode.vue
+++ b/webapp/components/PasswordReset/VerifyCode.vue
@@ -8,13 +8,6 @@
         @input="handleInput"
         @input-valid="handleInputValid"
       >
-        <ds-input
-          :placeholder="$t('login.email')"
-          model="email"
-          id="email"
-          name="email"
-          icon="envelope"
-        />
         <ds-input
           :placeholder="$t('verify-code.form.code')"
           model="code"
@@ -37,18 +30,15 @@
 
 <script>
 export default {
+  props: {
+    email: { type: String, required: true },
+  },
   data() {
     return {
       formData: {
-        email: '',
         code: '',
       },
       formSchema: {
-        email: {
-          type: 'email',
-          required: true,
-          message: this.$t('common.validations.email'),
-        },
         code: {
           type: 'string',
           min: 6,
@@ -68,7 +58,8 @@ export default {
       this.disabled = false
     },
     handleSubmitVerify() {
-      const { email, code } = this.formData
+      const { code } = this.formData
+      const email = this.email
       this.$emit('verification', { email, code })
     },
   },
diff --git a/webapp/pages/password-reset/request.vue b/webapp/pages/password-reset/request.vue
index 9148b4ed4..b7e5fe21a 100644
--- a/webapp/pages/password-reset/request.vue
+++ b/webapp/pages/password-reset/request.vue
@@ -10,8 +10,8 @@ export default {
     Request,
   },
   methods: {
-    handlePasswordResetRequested() {
-      this.$router.push('verify-code')
+    handlePasswordResetRequested({ email }) {
+      this.$router.push({ path: 'verify-code', query: { email } })
     },
   },
 }
diff --git a/webapp/pages/password-reset/verify-code.vue b/webapp/pages/password-reset/verify-code.vue
index f733eaa66..c814ea9ba 100644
--- a/webapp/pages/password-reset/verify-code.vue
+++ b/webapp/pages/password-reset/verify-code.vue
@@ -1,5 +1,5 @@
 <template>
-  <verify-code @verification="handleVerification" />
+  <verify-code :email="email" @verification="handleVerification" />
 </template>
 
 <script>
@@ -9,6 +9,10 @@ export default {
   components: {
     VerifyCode,
   },
+  data() {
+    const { email = '' } = this.$route.query
+    return { email }
+  },
   methods: {
     handleVerification({ email, code }) {
       this.$router.push({ path: 'change-password', query: { email, code } })

From 9ec9034ea5f935c460d62bc3fd1ad5356e834bb0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Thu, 20 Jun 2019 15:25:59 +0200
Subject: [PATCH 73/89] Fix translatios as suggested by @Tirokk

---
 backend/src/schema/resolvers/passwordReset/emailTemplates.js | 4 ++--
 webapp/locales/de.json                                       | 4 ++--
 webapp/locales/en.json                                       | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/src/schema/resolvers/passwordReset/emailTemplates.js b/backend/src/schema/resolvers/passwordReset/emailTemplates.js
index 10d9c4ed5..8508adccc 100644
--- a/backend/src/schema/resolvers/passwordReset/emailTemplates.js
+++ b/backend/src/schema/resolvers/passwordReset/emailTemplates.js
@@ -21,7 +21,7 @@ export const resetPasswordMail = options => {
 Hi ${name}!
 
 You recently requested to reset your password for your Human Connection account.
-Use the button below to reset it. This password reset is only valid for the next
+Use the link below to reset it. This password reset is only valid for the next
 24 hours.
 
 ${actionUrl}
@@ -34,7 +34,7 @@ ${supportUrl}
 Thanks,
 The Human Connection Team
 
-If you’re having trouble with the link above, you can manually copy and
+If you're having trouble with the link above, you can manually copy and
 paste the following code into your browser window:
 
 ${code}
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index aa44dcbbd..041539acd 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -25,10 +25,10 @@
   "verify-code": {
     "form": {
       "code": "Code eingeben",
-      "description": "Öffne Deine E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
+      "description": "Öffne dein E-Mail Postfach und gib den Code ein, den wir geschickt haben.",
       "next": "Weiter",
       "change-password":{
-        "success": "Änderung des Passworts war erfolgreich",
+        "success": "Änderung des Passworts war erfolgreich!",
         "error": "Passwort Änderung fehlgeschlagen. Möglicherweise falscher Sicherheitscode?",
         "help": "Falls Probleme auftreten, schreib uns gerne eine Mail an:"
       }
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 90229d09d..2442dc202 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -28,7 +28,7 @@
       "description": "Open your inbox and enter the code that we've sent to you.",
       "next": "Continue",
       "change-password": {
-        "success": "Changing your password was successful",
+        "success": "Changing your password was successful!",
         "error": "Changing your password failed. Maybe the security code was not correct?",
         "help": "In case of problems, feel free to ask for help by sending us a mail to:"
       }

From 1ed338542c5cb7fdca882dd255ec6b88abacabda Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Thu, 20 Jun 2019 15:29:19 +0200
Subject: [PATCH 74/89] Another suggestion by @Tirokk

---
 backend/src/schema/resolvers/passwordReset.js | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index b80e3d6aa..e822c4649 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -55,15 +55,15 @@ export default {
       stillValid.setDate(stillValid.getDate() - 1)
       const newHashedPassword = await bcrypt.hashSync(newPassword, 10)
       const cypher = `
-      MATCH (r:PasswordReset {code: $code})
-      MATCH (u:User {email: $email})-[:REQUESTED]->(r)
-      WHERE duration.between(r.issuedAt, datetime()).days <= 0 AND r.usedAt IS NULL
-      SET r.usedAt = datetime()
+      MATCH (pr:PasswordReset {code: $code})
+      MATCH (u:User {email: $email})-[:REQUESTED]->(pr)
+      WHERE duration.between(pr.issuedAt, datetime()).days <= 0 AND pr.usedAt IS NULL
+      SET pr.usedAt = datetime()
       SET u.password = $newHashedPassword
-      RETURN r
+      RETURN pr
       `
       let transactionRes = await session.run(cypher, { stillValid, email, code, newHashedPassword })
-      const [reset] = transactionRes.records.map(record => record.get('r'))
+      const [reset] = transactionRes.records.map(record => record.get('pr'))
       const result = !!(reset && reset.properties.usedAt)
       session.close()
       return result

From da30001ba885551a07d3821e028cac249e96d48c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Thu, 20 Jun 2019 15:51:28 +0200
Subject: [PATCH 75/89] Testing mail delivery with a remote SMTP server

---
 backend/.env.template                         |  1 +
 backend/src/config/index.js                   | 27 ++++++++++---------
 backend/src/schema/resolvers/passwordReset.js |  8 +++---
 docker-compose.override.yml                   |  2 +-
 4 files changed, 21 insertions(+), 17 deletions(-)

diff --git a/backend/.env.template b/backend/.env.template
index 273ad7e64..0c80529a1 100644
--- a/backend/.env.template
+++ b/backend/.env.template
@@ -7,6 +7,7 @@ CLIENT_URI=http://localhost:3000
 MOCKS=false
 SMTP_HOST=
 SMTP_PORT=
+SMTP_IGNORE_TLS=true
 SMTP_USERNAME=
 SMTP_PASSWORD=
 
diff --git a/backend/src/config/index.js b/backend/src/config/index.js
index 7b254c044..320b636e9 100644
--- a/backend/src/config/index.js
+++ b/backend/src/config/index.js
@@ -6,26 +6,29 @@ const {
   MAPBOX_TOKEN,
   JWT_SECRET,
   PRIVATE_KEY_PASSPHRASE,
+  SMTP_IGNORE_TLS = true,
   SMTP_HOST,
   SMTP_PORT,
   SMTP_USERNAME,
   SMTP_PASSWORD,
+  NEO4J_URI = 'bolt://localhost:7687',
+  NEO4J_USERNAME = 'neo4j',
+  NEO4J_PASSWORD = 'neo4j',
+  GRAPHQL_PORT = 4000,
+  CLIENT_URI = 'http://localhost:3000',
+  GRAPHQL_URI = 'http://localhost:4000',
 } = process.env
 
 export const requiredConfigs = { MAPBOX_TOKEN, JWT_SECRET, PRIVATE_KEY_PASSPHRASE }
-export const smtpConfigs = { SMTP_HOST, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD }
-
-export const neo4jConfigs = {
-  NEO4J_URI: process.env.NEO4J_URI || 'bolt://localhost:7687',
-  NEO4J_USERNAME: process.env.NEO4J_USERNAME || 'neo4j',
-  NEO4J_PASSWORD: process.env.NEO4J_PASSWORD || 'neo4j',
-}
-
-export const serverConfigs = {
-  GRAPHQL_PORT: process.env.GRAPHQL_PORT || 4000,
-  CLIENT_URI: process.env.CLIENT_URI || 'http://localhost:3000',
-  GRAPHQL_URI: process.env.GRAPHQL_URI || 'http://localhost:4000',
+export const smtpConfigs = {
+  SMTP_HOST,
+  SMTP_PORT,
+  SMTP_IGNORE_TLS,
+  SMTP_USERNAME,
+  SMTP_PASSWORD,
 }
+export const neo4jConfigs = { NEO4J_URI, NEO4J_USERNAME, NEO4J_PASSWORD }
+export const serverConfigs = { GRAPHQL_PORT, CLIENT_URI, GRAPHQL_URI }
 
 export const developmentConfigs = {
   DEBUG: process.env.NODE_ENV !== 'production' && process.env.DEBUG === 'true',
diff --git a/backend/src/schema/resolvers/passwordReset.js b/backend/src/schema/resolvers/passwordReset.js
index e822c4649..13789662b 100644
--- a/backend/src/schema/resolvers/passwordReset.js
+++ b/backend/src/schema/resolvers/passwordReset.js
@@ -5,13 +5,13 @@ import nodemailer from 'nodemailer'
 import { resetPasswordMail, wrongAccountMail } from './passwordReset/emailTemplates'
 
 const transporter = () => {
-  const { SMTP_HOST: host, SMTP_PORT: port, SMTP_USERNAME: user, SMTP_PASSWORD: pass } = CONFIG
   const configs = {
-    host,
-    port,
-    ignoreTLS: true,
+    host: CONFIG.SMTP_HOST,
+    port: CONFIG.SMTP_PORT,
+    ignoreTLS: CONFIG.SMTP_IGNORE_TLS,
     secure: false, // true for 465, false for other ports
   }
+  const { SMTP_USERNAME: user, SMTP_PASSWORD: pass } = CONFIG
   if (user && pass) {
     configs.auth = { user, pass }
   }
diff --git a/docker-compose.override.yml b/docker-compose.override.yml
index 9c82a8df5..016984d3b 100644
--- a/docker-compose.override.yml
+++ b/docker-compose.override.yml
@@ -27,9 +27,9 @@ services:
       - uploads:/nitro-backend/public/uploads
     command: yarn run dev
     environment:
-      - SEND_MAILS=true
       - SMTP_HOST=mailserver
       - SMTP_PORT=25
+      - SMTP_IGNORE_TLS=true
   neo4j:
     environment:
       - NEO4J_AUTH=none

From 8a77fcff150b3925c6ad03567ce9f2fd4fca0cae Mon Sep 17 00:00:00 2001
From: Matt Rider <mattwr18@gmail.com>
Date: Thu, 20 Jun 2019 11:57:52 -0300
Subject: [PATCH 76/89] Fix failing test, console.errors

---
 webapp/components/FilterMenu/FilterMenu.spec.js    | 2 ++
 webapp/components/PasswordReset/VerifyCode.spec.js | 6 +++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/webapp/components/FilterMenu/FilterMenu.spec.js b/webapp/components/FilterMenu/FilterMenu.spec.js
index 030ad20da..e345531d0 100644
--- a/webapp/components/FilterMenu/FilterMenu.spec.js
+++ b/webapp/components/FilterMenu/FilterMenu.spec.js
@@ -1,10 +1,12 @@
 import { mount, createLocalVue } from '@vue/test-utils'
 import FilterMenu from './FilterMenu.vue'
 import Styleguide from '@human-connection/styleguide'
+import VTooltip from 'v-tooltip'
 
 const localVue = createLocalVue()
 
 localVue.use(Styleguide)
+localVue.use(VTooltip)
 
 describe('FilterMenu.vue', () => {
   let wrapper
diff --git a/webapp/components/PasswordReset/VerifyCode.spec.js b/webapp/components/PasswordReset/VerifyCode.spec.js
index 062e7e8f7..22cdfd885 100644
--- a/webapp/components/PasswordReset/VerifyCode.spec.js
+++ b/webapp/components/PasswordReset/VerifyCode.spec.js
@@ -10,11 +10,15 @@ describe('VerifyCode ', () => {
   let wrapper
   let Wrapper
   let mocks
+  let propsData
 
   beforeEach(() => {
     mocks = {
       $t: jest.fn(),
     }
+    propsData = {
+      email: 'mail@example.org',
+    }
   })
 
   describe('mount', () => {
@@ -24,6 +28,7 @@ describe('VerifyCode ', () => {
       return mount(VerifyCode, {
         mocks,
         localVue,
+        propsData,
       })
     }
 
@@ -35,7 +40,6 @@ describe('VerifyCode ', () => {
     describe('after verification code given', () => {
       beforeEach(() => {
         wrapper = Wrapper()
-        wrapper.find('input#email').setValue('mail@example.org')
         wrapper.find('input#code').setValue('123456')
         wrapper.find('form').trigger('submit')
       })

From 7a5636fdc2eae78b23f2349ed31896ed2f5081af Mon Sep 17 00:00:00 2001
From: Matt Rider <mattwr18@gmail.com>
Date: Thu, 20 Jun 2019 12:07:16 -0300
Subject: [PATCH 77/89] Add enableDeletionValue to unlock deletion

- Thanks @Tirokk for pointing this out. How was this even working before?
---
 webapp/components/DeleteData/DeleteData.vue | 1 +
 1 file changed, 1 insertion(+)

diff --git a/webapp/components/DeleteData/DeleteData.vue b/webapp/components/DeleteData/DeleteData.vue
index cac548fa4..14b6bc9c3 100644
--- a/webapp/components/DeleteData/DeleteData.vue
+++ b/webapp/components/DeleteData/DeleteData.vue
@@ -83,6 +83,7 @@ export default {
       deleteContributions: false,
       deleteComments: false,
       deleteEnabled: false,
+      enableDeletionValue: null,
     }
   },
   computed: {

From 11bb5f37c36313da40c42f245f88d4ed4bb142c6 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 04:27:18 +0000
Subject: [PATCH 78/89] Bump date-fns from 2.0.0-alpha.34 to 2.0.0-alpha.35 in
 /backend

Bumps [date-fns](https://github.com/date-fns/date-fns) from 2.0.0-alpha.34 to 2.0.0-alpha.35.
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Changelog](https://github.com/date-fns/date-fns/blob/master/CHANGELOG.md)
- [Commits](https://github.com/date-fns/date-fns/compare/v2.0.0-alpha.34...v2.0.0-alpha.35)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index e51851fd2..d8ed873f6 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -52,7 +52,7 @@
     "cheerio": "~1.0.0-rc.3",
     "cors": "~2.8.5",
     "cross-env": "~5.2.0",
-    "date-fns": "2.0.0-alpha.34",
+    "date-fns": "2.0.0-alpha.35",
     "debug": "~4.1.1",
     "dotenv": "~8.0.0",
     "express": "~4.17.1",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 17510b6c0..ddd55d1a8 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -2584,10 +2584,10 @@ data-urls@^1.0.0:
     whatwg-mimetype "^2.2.0"
     whatwg-url "^7.0.0"
 
-date-fns@2.0.0-alpha.34:
-  version "2.0.0-alpha.34"
-  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.34.tgz#5d3ae7ca0d08915ccfc87a20545250af4e9c3cae"
-  integrity sha512-yjSYUHASHvzOZl++cEms+Tw7oQOFA+7Z6/lL7L3lRO9j6pMfT48N6oEyvCGo/MVlH08XWmydgf8X9Y1eedf9sQ==
+date-fns@2.0.0-alpha.35:
+  version "2.0.0-alpha.35"
+  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.35.tgz#185813cdc51b05cc1468a95116494bb3f3440934"
+  integrity sha512-dAY1ujqRtyUsa9mVeupyMzUluWo1d7kAMwyXTQHFImKYSHKvxDw/dipiY6fdswQOs8CwpGoiKysGfaaRP5r3bA==
 
 debug@2.6.9, debug@^2.1.2, debug@^2.2.0, debug@^2.3.3, debug@^2.6.8, debug@^2.6.9:
   version "2.6.9"

From 3f8dc10fabce0f35cd7837fb331016ed01ef4e8f Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 04:28:28 +0000
Subject: [PATCH 79/89] Bump date-fns from 2.0.0-alpha.34 to 2.0.0-alpha.35 in
 /webapp

Bumps [date-fns](https://github.com/date-fns/date-fns) from 2.0.0-alpha.34 to 2.0.0-alpha.35.
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Changelog](https://github.com/date-fns/date-fns/blob/master/CHANGELOG.md)
- [Commits](https://github.com/date-fns/date-fns/compare/v2.0.0-alpha.34...v2.0.0-alpha.35)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index 0fdc9b31f..aeafeb3ff 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -59,7 +59,7 @@
     "apollo-client": "~2.6.3",
     "cookie-universal-nuxt": "~2.0.16",
     "cross-env": "~5.2.0",
-    "date-fns": "2.0.0-alpha.34",
+    "date-fns": "2.0.0-alpha.35",
     "express": "~4.17.1",
     "graphql": "~14.3.1",
     "jsonwebtoken": "~8.5.1",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index 5af08d403..c26035f8e 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -3754,10 +3754,10 @@ data-urls@^1.0.0:
     whatwg-mimetype "^2.2.0"
     whatwg-url "^7.0.0"
 
-date-fns@2.0.0-alpha.34:
-  version "2.0.0-alpha.34"
-  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.34.tgz#5d3ae7ca0d08915ccfc87a20545250af4e9c3cae"
-  integrity sha512-yjSYUHASHvzOZl++cEms+Tw7oQOFA+7Z6/lL7L3lRO9j6pMfT48N6oEyvCGo/MVlH08XWmydgf8X9Y1eedf9sQ==
+date-fns@2.0.0-alpha.35:
+  version "2.0.0-alpha.35"
+  resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.0.0-alpha.35.tgz#185813cdc51b05cc1468a95116494bb3f3440934"
+  integrity sha512-dAY1ujqRtyUsa9mVeupyMzUluWo1d7kAMwyXTQHFImKYSHKvxDw/dipiY6fdswQOs8CwpGoiKysGfaaRP5r3bA==
 
 date-now@^0.1.4:
   version "0.1.4"

From 4ed9b4c8ad58367c02884379f6e5fa8657cd747d Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 04:29:13 +0000
Subject: [PATCH 80/89] Bump apollo-server-testing from 2.6.3 to 2.6.4 in
 /backend

Bumps [apollo-server-testing](https://github.com/apollographql/apollo-server) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/apollographql/apollo-server/releases)
- [Changelog](https://github.com/apollographql/apollo-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-server/compare/apollo-server-testing@2.6.3...apollo-server-testing@2.6.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 68 ++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 64 insertions(+), 6 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index e51851fd2..801ede36a 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -87,7 +87,7 @@
     "@babel/plugin-proposal-throw-expressions": "^7.2.0",
     "@babel/preset-env": "~7.4.5",
     "@babel/register": "~7.4.4",
-    "apollo-server-testing": "~2.6.3",
+    "apollo-server-testing": "~2.6.4",
     "babel-core": "~7.0.0-0",
     "babel-eslint": "~10.0.2",
     "babel-jest": "~24.8.0",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 17510b6c0..e638ec8eb 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1354,6 +1354,18 @@ apollo-engine-reporting@1.3.1:
     async-retry "^1.2.1"
     graphql-extensions "0.7.2"
 
+apollo-engine-reporting@1.3.2:
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/apollo-engine-reporting/-/apollo-engine-reporting-1.3.2.tgz#b2569f79eb1a7a7380f49340db61465f449284fe"
+  integrity sha512-Q9XUZ3CTqddjCswlbn+OD2oYxZ5p4lCAnsWOGMfYnSmCXLagyNK28UFFQodjFOy73p6nlTAg9cwaJ9yMOBeeXA==
+  dependencies:
+    apollo-engine-reporting-protobuf "0.3.1"
+    apollo-graphql "^0.3.2"
+    apollo-server-core "2.6.4"
+    apollo-server-env "2.4.0"
+    async-retry "^1.2.1"
+    graphql-extensions "0.7.3"
+
 apollo-env@0.5.1:
   version "0.5.1"
   resolved "https://registry.yarnpkg.com/apollo-env/-/apollo-env-0.5.1.tgz#b9b0195c16feadf0fe9fd5563edb0b9b7d9e97d3"
@@ -1379,6 +1391,14 @@ apollo-graphql@^0.3.0:
     apollo-env "0.5.1"
     lodash.sortby "^4.7.0"
 
+apollo-graphql@^0.3.2:
+  version "0.3.2"
+  resolved "https://registry.yarnpkg.com/apollo-graphql/-/apollo-graphql-0.3.2.tgz#8881a87f1d5fcf80837b34dba90737e664eabe9a"
+  integrity sha512-YbzYGR14GV0023m//EU66vOzZ3i7c04V/SF8Qk+60vf1sOWyKgO6mxZJ4BKhw10qWUayirhSDxq3frYE+qSG0A==
+  dependencies:
+    apollo-env "0.5.1"
+    lodash.sortby "^4.7.0"
+
 apollo-link-context@~1.0.18:
   version "1.0.18"
   resolved "https://registry.yarnpkg.com/apollo-link-context/-/apollo-link-context-1.0.18.tgz#9e700e3314da8ded50057fee0a18af2bfcedbfc3"
@@ -1448,6 +1468,32 @@ apollo-server-core@2.6.3:
     subscriptions-transport-ws "^0.9.11"
     ws "^6.0.0"
 
+apollo-server-core@2.6.4:
+  version "2.6.4"
+  resolved "https://registry.yarnpkg.com/apollo-server-core/-/apollo-server-core-2.6.4.tgz#0372e3a28f221b9db83bdfbb0fd0b2960cd29bab"
+  integrity sha512-GBF+tQoJ/ysaY2CYMkuuAwJM1nk1yLJumrsBTFfcvalSzS64VdS5VN/zox1eRI+LHQQzHM18HYEAgDGa/EX+gw==
+  dependencies:
+    "@apollographql/apollo-tools" "^0.3.6"
+    "@apollographql/graphql-playground-html" "1.6.20"
+    "@types/ws" "^6.0.0"
+    apollo-cache-control "0.7.2"
+    apollo-datasource "0.5.0"
+    apollo-engine-reporting "1.3.2"
+    apollo-server-caching "0.4.0"
+    apollo-server-env "2.4.0"
+    apollo-server-errors "2.3.0"
+    apollo-server-plugin-base "0.5.3"
+    apollo-tracing "0.7.2"
+    fast-json-stable-stringify "^2.0.0"
+    graphql-extensions "0.7.3"
+    graphql-subscriptions "^1.0.0"
+    graphql-tag "^2.9.2"
+    graphql-tools "^4.0.0"
+    graphql-upload "^8.0.2"
+    sha.js "^2.4.11"
+    subscriptions-transport-ws "^0.9.11"
+    ws "^6.0.0"
+
 apollo-server-core@^1.3.6, apollo-server-core@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/apollo-server-core/-/apollo-server-core-1.4.0.tgz#4faff7f110bfdd6c3f47008302ae24140f94c592"
@@ -1514,12 +1560,17 @@ apollo-server-plugin-base@0.5.2:
   resolved "https://registry.yarnpkg.com/apollo-server-plugin-base/-/apollo-server-plugin-base-0.5.2.tgz#f97ba983f1e825fec49cba8ff6a23d00e1901819"
   integrity sha512-j81CpadRLhxikBYHMh91X4aTxfzFnmmebEiIR9rruS6dywWCxV2aLW87l9ocD1MiueNam0ysdwZkX4F3D4csNw==
 
-apollo-server-testing@~2.6.3:
-  version "2.6.3"
-  resolved "https://registry.yarnpkg.com/apollo-server-testing/-/apollo-server-testing-2.6.3.tgz#a0199a5d42000e60ecf0dea44b851f5f581e280e"
-  integrity sha512-LTkegcGVSkM+pA0FINDSYVl3TiFYKZyfjlKrEr/LN6wLiL6gbRgy6LMtk2j+qli/bnTDqqQREX8OEqmV8FKUoQ==
+apollo-server-plugin-base@0.5.3:
+  version "0.5.3"
+  resolved "https://registry.yarnpkg.com/apollo-server-plugin-base/-/apollo-server-plugin-base-0.5.3.tgz#234c6330c412a2e83ff49305a0c2f991fb40a266"
+  integrity sha512-Ax043vQTzPgFeJk6m6hmPm9NMfogO3LlTKJfrWHuyZhPNeTLweHNK30vpdzzgPalcryyDMDfLYFzxuDm0W+rRQ==
+
+apollo-server-testing@~2.6.4:
+  version "2.6.4"
+  resolved "https://registry.yarnpkg.com/apollo-server-testing/-/apollo-server-testing-2.6.4.tgz#615dfaa6ea840b6ea3ce4fd2297b28402f2d5208"
+  integrity sha512-s9AeZnnndhz4WRBmgFM388BFKqD2H90L6ax0e6uNEmtZk3/iODqd16RbTNHbx+PkxFvZ8BQbX1/4rbvQn6r9CA==
   dependencies:
-    apollo-server-core "2.6.3"
+    apollo-server-core "2.6.4"
 
 apollo-server@~2.6.3:
   version "2.6.3"
@@ -3728,6 +3779,13 @@ graphql-extensions@0.7.2:
   dependencies:
     "@apollographql/apollo-tools" "^0.3.6"
 
+graphql-extensions@0.7.3:
+  version "0.7.3"
+  resolved "https://registry.yarnpkg.com/graphql-extensions/-/graphql-extensions-0.7.3.tgz#2ab7331c72ae657e4cbfa4ff004c400b19f56cdf"
+  integrity sha512-D+FZM0t5gFntJUizeRCurZuUqsyVP13CRejRX+cDJivyGkE6OMWYkCWlzHcbye79q+hYN1m6a3NhlrJRaD9D0w==
+  dependencies:
+    "@apollographql/apollo-tools" "^0.3.6"
+
 graphql-extensions@^0.0.x, graphql-extensions@~0.0.9:
   version "0.0.10"
   resolved "https://registry.yarnpkg.com/graphql-extensions/-/graphql-extensions-0.0.10.tgz#34bdb2546d43f6a5bc89ab23c295ec0466c6843d"

From 872562029d8e5bb920f2d826070da14fdfcdbcff Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 04:29:58 +0000
Subject: [PATCH 81/89] Bump eslint-plugin-jest from 22.6.4 to 22.7.0 in
 /backend

Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 22.6.4 to 22.7.0.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v22.6.4...v22.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index e51851fd2..d2a292e32 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -97,7 +97,7 @@
     "eslint-config-prettier": "~5.0.0",
     "eslint-config-standard": "~12.0.0",
     "eslint-plugin-import": "~2.17.3",
-    "eslint-plugin-jest": "~22.6.4",
+    "eslint-plugin-jest": "~22.7.0",
     "eslint-plugin-node": "~9.1.0",
     "eslint-plugin-prettier": "~3.1.0",
     "eslint-plugin-promise": "~4.1.1",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 17510b6c0..ec55dac68 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -3053,10 +3053,10 @@ eslint-plugin-import@~2.17.3:
     read-pkg-up "^2.0.0"
     resolve "^1.11.0"
 
-eslint-plugin-jest@~22.6.4:
-  version "22.6.4"
-  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.6.4.tgz#2895b047dd82f90f43a58a25cf136220a21c9104"
-  integrity sha512-36OqnZR/uMCDxXGmTsqU4RwllR0IiB/XF8GW3ODmhsjiITKuI0GpgultWFt193ipN3HARkaIcKowpE6HBvRHNg==
+eslint-plugin-jest@~22.7.0:
+  version "22.7.0"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.7.0.tgz#a1d325bccb024b04f5354c56fe790baba54a454c"
+  integrity sha512-0U9nBd9V6+GKpM/KvRDcmMuPsewSsdM7NxCozgJkVAh8IrwHmQ0aw44/eYuVkhT8Fcdhsz0zYiyPtKg147eXMQ==
 
 eslint-plugin-node@~9.1.0:
   version "9.1.0"

From 4f9127a9f99f510cd6ecebbefb58abd478e8ec53 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 09:53:10 +0000
Subject: [PATCH 82/89] Bump graphql-shield from 5.6.1 to 5.7.1 in /backend

Bumps [graphql-shield](https://github.com/maticzav/graphql-shield) from 5.6.1 to 5.7.1.
- [Release notes](https://github.com/maticzav/graphql-shield/releases)
- [Commits](https://github.com/maticzav/graphql-shield/compare/v5.6.1...v5.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 18 +++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index d2a292e32..acf6e88e0 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -61,7 +61,7 @@
     "graphql-custom-directives": "~0.2.14",
     "graphql-iso-date": "~3.6.1",
     "graphql-middleware": "~3.0.2",
-    "graphql-shield": "~5.6.1",
+    "graphql-shield": "~5.7.1",
     "graphql-tag": "~2.10.1",
     "graphql-yoga": "~1.18.0",
     "helmet": "~3.18.0",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index ec55dac68..f890d8b6c 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1110,10 +1110,10 @@
   resolved "https://registry.yarnpkg.com/@types/yargs/-/yargs-12.0.9.tgz#693e76a52f61a2f1e7fb48c0eef167b95ea4ffd0"
   integrity sha512-sCZy4SxP9rN2w30Hlmg5dtdRwgYQfYRiLo9usw8X9cxlf+H4FqM1xX7+sNH7NNKVdbXMJWqva7iyy+fxh/V7fA==
 
-"@types/yup@0.26.16":
-  version "0.26.16"
-  resolved "https://registry.yarnpkg.com/@types/yup/-/yup-0.26.16.tgz#75c428236207c48d9f8062dd1495cda8c5485a15"
-  integrity sha512-E2RNc7DSeQ+2EIJ1H3+yFjYu6YiyQBUJ7yNpIxomrYJ3oFizLZ5yDS3T1JTUNBC2OCRkgnhLS0smob5UuCHfNA==
+"@types/yup@0.26.17":
+  version "0.26.17"
+  resolved "https://registry.yarnpkg.com/@types/yup/-/yup-0.26.17.tgz#5cb7cfc211d8e985b21d88289542591c92cad9dc"
+  integrity sha512-MN7VHlPsZQ2MTBxLE2Gl+Qfg2WyKsoz+vIr8xN0OSZ4AvJDrrKBlxc8b59UXCCIG9tPn9XhxTXh3j/htHbzC2Q==
 
 "@types/zen-observable@^0.5.3":
   version "0.5.4"
@@ -3782,12 +3782,12 @@ graphql-request@~1.8.2:
   dependencies:
     cross-fetch "2.2.2"
 
-graphql-shield@~5.6.1:
-  version "5.6.1"
-  resolved "https://registry.yarnpkg.com/graphql-shield/-/graphql-shield-5.6.1.tgz#f4c9fb5ed329f823a738ad974b300d4a982691ca"
-  integrity sha512-Zrxrvx1Ep/nDdfQh/wN5PrH9JE4OEFdUmLzuyZSIGIAQWyXDk8FAl0cuNulnqI+zqrDzZ9TUj/zO3oV4hNKqCA==
+graphql-shield@~5.7.1:
+  version "5.7.1"
+  resolved "https://registry.yarnpkg.com/graphql-shield/-/graphql-shield-5.7.1.tgz#04095fb8148a463997f7c509d4aeb2a6abf79f98"
+  integrity sha512-UZ0K1uAqRAoGA1U2DsUu4vIZX2Vents4Xim99GFEUBTgvSDkejiE+k/Dywqfu76lJFEE8qu3vG5fhJN3SmnKbA==
   dependencies:
-    "@types/yup" "0.26.16"
+    "@types/yup" "0.26.17"
     lightercollective "^0.3.0"
     object-hash "^1.3.1"
     yup "^0.27.0"

From ba9092fa75b07d08499b174c3bc2d4e590dc57a7 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 09:53:14 +0000
Subject: [PATCH 83/89] Bump eslint-plugin-jest from 22.6.4 to 22.7.0 in
 /webapp

Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 22.6.4 to 22.7.0.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v22.6.4...v22.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 webapp/package.json | 2 +-
 webapp/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index 0fdc9b31f..7e9da0674 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -94,7 +94,7 @@
     "eslint-config-standard": "~12.0.0",
     "eslint-loader": "~2.1.2",
     "eslint-plugin-import": "~2.17.3",
-    "eslint-plugin-jest": "~22.6.4",
+    "eslint-plugin-jest": "~22.7.0",
     "eslint-plugin-node": "~9.1.0",
     "eslint-plugin-prettier": "~3.1.0",
     "eslint-plugin-promise": "~4.1.1",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index 5af08d403..9446d4829 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -4300,10 +4300,10 @@ eslint-plugin-import@~2.17.3:
     read-pkg-up "^2.0.0"
     resolve "^1.11.0"
 
-eslint-plugin-jest@~22.6.4:
-  version "22.6.4"
-  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.6.4.tgz#2895b047dd82f90f43a58a25cf136220a21c9104"
-  integrity sha512-36OqnZR/uMCDxXGmTsqU4RwllR0IiB/XF8GW3ODmhsjiITKuI0GpgultWFt193ipN3HARkaIcKowpE6HBvRHNg==
+eslint-plugin-jest@~22.7.0:
+  version "22.7.0"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.7.0.tgz#a1d325bccb024b04f5354c56fe790baba54a454c"
+  integrity sha512-0U9nBd9V6+GKpM/KvRDcmMuPsewSsdM7NxCozgJkVAh8IrwHmQ0aw44/eYuVkhT8Fcdhsz0zYiyPtKg147eXMQ==
 
 eslint-plugin-node@~9.1.0:
   version "9.1.0"

From e0e31d46fdbdd9f368e0714e175592d3b67ef8e1 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 21 Jun 2019 09:53:57 +0000
Subject: [PATCH 84/89] Bump apollo-server from 2.6.3 to 2.6.4 in /backend

Bumps [apollo-server](https://github.com/apollographql/apollo-server) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/apollographql/apollo-server/releases)
- [Changelog](https://github.com/apollographql/apollo-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-server/compare/apollo-server@2.6.3...apollo-server@2.6.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 73 +++++++-------------------------------------
 2 files changed, 12 insertions(+), 63 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index cb8725310..236691412 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -47,7 +47,7 @@
     "apollo-client": "~2.6.3",
     "apollo-link-context": "~1.0.18",
     "apollo-link-http": "~1.5.15",
-    "apollo-server": "~2.6.3",
+    "apollo-server": "~2.6.4",
     "bcryptjs": "~2.4.3",
     "cheerio": "~1.0.0-rc.3",
     "cors": "~2.8.5",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 07dd7c430..940b70e25 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -1342,18 +1342,6 @@ apollo-engine-reporting-protobuf@0.3.1:
   dependencies:
     protobufjs "^6.8.6"
 
-apollo-engine-reporting@1.3.1:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/apollo-engine-reporting/-/apollo-engine-reporting-1.3.1.tgz#f2c2c63f865871a57c15cdbb2a3bcd4b4af28115"
-  integrity sha512-e0Xp+0yite8DH/xm9fnJt42CxfWAcY6waiq3icCMAgO9T7saXzVOPpl84SkuA+hIJUBtfaKrTnC+7Jxi/I7OrQ==
-  dependencies:
-    apollo-engine-reporting-protobuf "0.3.1"
-    apollo-graphql "^0.3.0"
-    apollo-server-core "2.6.3"
-    apollo-server-env "2.4.0"
-    async-retry "^1.2.1"
-    graphql-extensions "0.7.2"
-
 apollo-engine-reporting@1.3.2:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/apollo-engine-reporting/-/apollo-engine-reporting-1.3.2.tgz#b2569f79eb1a7a7380f49340db61465f449284fe"
@@ -1383,14 +1371,6 @@ apollo-errors@^1.9.0:
     assert "^1.4.1"
     extendable-error "^0.1.5"
 
-apollo-graphql@^0.3.0:
-  version "0.3.1"
-  resolved "https://registry.yarnpkg.com/apollo-graphql/-/apollo-graphql-0.3.1.tgz#d13b80cc0cae3fe7066b81b80914c6f983fac8d7"
-  integrity sha512-tbhtzNAAhNI34v4XY9OlZGnH7U0sX4BP1cJrUfSiNzQnZRg1UbQYZ06riHSOHpi5RSndFcA9LDM5C1ZKKOUeBg==
-  dependencies:
-    apollo-env "0.5.1"
-    lodash.sortby "^4.7.0"
-
 apollo-graphql@^0.3.2:
   version "0.3.2"
   resolved "https://registry.yarnpkg.com/apollo-graphql/-/apollo-graphql-0.3.2.tgz#8881a87f1d5fcf80837b34dba90737e664eabe9a"
@@ -1442,32 +1422,6 @@ apollo-server-caching@0.4.0:
   dependencies:
     lru-cache "^5.0.0"
 
-apollo-server-core@2.6.3:
-  version "2.6.3"
-  resolved "https://registry.yarnpkg.com/apollo-server-core/-/apollo-server-core-2.6.3.tgz#786c8251c82cf29acb5cae9635a321f0644332ae"
-  integrity sha512-tfC0QO1NbJW3ShkB5pRCnUaYEkW2AwnswaTeedkfv//EO3yiC/9LeouCK5F22T8stQG+vGjvCqf0C8ldI/XsIA==
-  dependencies:
-    "@apollographql/apollo-tools" "^0.3.6"
-    "@apollographql/graphql-playground-html" "1.6.20"
-    "@types/ws" "^6.0.0"
-    apollo-cache-control "0.7.2"
-    apollo-datasource "0.5.0"
-    apollo-engine-reporting "1.3.1"
-    apollo-server-caching "0.4.0"
-    apollo-server-env "2.4.0"
-    apollo-server-errors "2.3.0"
-    apollo-server-plugin-base "0.5.2"
-    apollo-tracing "0.7.2"
-    fast-json-stable-stringify "^2.0.0"
-    graphql-extensions "0.7.2"
-    graphql-subscriptions "^1.0.0"
-    graphql-tag "^2.9.2"
-    graphql-tools "^4.0.0"
-    graphql-upload "^8.0.2"
-    sha.js "^2.4.11"
-    subscriptions-transport-ws "^0.9.11"
-    ws "^6.0.0"
-
 apollo-server-core@2.6.4:
   version "2.6.4"
   resolved "https://registry.yarnpkg.com/apollo-server-core/-/apollo-server-core-2.6.4.tgz#0372e3a28f221b9db83bdfbb0fd0b2960cd29bab"
@@ -1516,10 +1470,10 @@ apollo-server-errors@2.3.0:
   resolved "https://registry.yarnpkg.com/apollo-server-errors/-/apollo-server-errors-2.3.0.tgz#700622b66a16dffcad3b017e4796749814edc061"
   integrity sha512-rUvzwMo2ZQgzzPh2kcJyfbRSfVKRMhfIlhY7BzUfM4x6ZT0aijlgsf714Ll3Mbf5Fxii32kD0A/DmKsTecpccw==
 
-apollo-server-express@2.6.3:
-  version "2.6.3"
-  resolved "https://registry.yarnpkg.com/apollo-server-express/-/apollo-server-express-2.6.3.tgz#62034c978f84207615c0430fb37ab006f71146fe"
-  integrity sha512-8ca+VpKArgNzFar0D3DesWnn0g9YDtFLhO56TQprHh2Spxu9WxTnYNjsYs2MCCNf+iV/uy7vTvEknErvnIcZaQ==
+apollo-server-express@2.6.4:
+  version "2.6.4"
+  resolved "https://registry.yarnpkg.com/apollo-server-express/-/apollo-server-express-2.6.4.tgz#fc1d661be73fc1880aa53a56e1abe3733d08eada"
+  integrity sha512-U6hiZxty/rait39V5d+QeueNHlwfl68WbYtsutDUVxnq2Jws2ZDrvIkaWWN6HQ77+nBy5gGVxycvWIyoHHfi+g==
   dependencies:
     "@apollographql/graphql-playground-html" "1.6.20"
     "@types/accepts" "^1.3.5"
@@ -1527,7 +1481,7 @@ apollo-server-express@2.6.3:
     "@types/cors" "^2.8.4"
     "@types/express" "4.17.0"
     accepts "^1.3.5"
-    apollo-server-core "2.6.3"
+    apollo-server-core "2.6.4"
     body-parser "^1.18.3"
     cors "^2.8.4"
     graphql-subscriptions "^1.0.0"
@@ -1555,11 +1509,6 @@ apollo-server-module-graphiql@^1.3.4, apollo-server-module-graphiql@^1.4.0:
   resolved "https://registry.yarnpkg.com/apollo-server-module-graphiql/-/apollo-server-module-graphiql-1.4.0.tgz#c559efa285578820709f1769bb85d3b3eed3d8ec"
   integrity sha512-GmkOcb5he2x5gat+TuiTvabnBf1m4jzdecal3XbXBh/Jg+kx4hcvO3TTDFQ9CuTprtzdcVyA11iqG7iOMOt7vA==
 
-apollo-server-plugin-base@0.5.2:
-  version "0.5.2"
-  resolved "https://registry.yarnpkg.com/apollo-server-plugin-base/-/apollo-server-plugin-base-0.5.2.tgz#f97ba983f1e825fec49cba8ff6a23d00e1901819"
-  integrity sha512-j81CpadRLhxikBYHMh91X4aTxfzFnmmebEiIR9rruS6dywWCxV2aLW87l9ocD1MiueNam0ysdwZkX4F3D4csNw==
-
 apollo-server-plugin-base@0.5.3:
   version "0.5.3"
   resolved "https://registry.yarnpkg.com/apollo-server-plugin-base/-/apollo-server-plugin-base-0.5.3.tgz#234c6330c412a2e83ff49305a0c2f991fb40a266"
@@ -1572,13 +1521,13 @@ apollo-server-testing@~2.6.4:
   dependencies:
     apollo-server-core "2.6.4"
 
-apollo-server@~2.6.3:
-  version "2.6.3"
-  resolved "https://registry.yarnpkg.com/apollo-server/-/apollo-server-2.6.3.tgz#71235325449c6d3881a5143975ca44c07a07d2d7"
-  integrity sha512-pTIXE5xEMAikKLTIBIqLNvimMETiZbzmiqDb6BGzIUicAz4Rxa1/+bDi1ZeJWrZQjE/TfBLd2Si3qam7dZGrjw==
+apollo-server@~2.6.4:
+  version "2.6.4"
+  resolved "https://registry.yarnpkg.com/apollo-server/-/apollo-server-2.6.4.tgz#34b3a50135e20b8df8c194a14e4636eb9c2898b2"
+  integrity sha512-f0TZOc969XNNlSm8sVsU34D8caQfPNwS0oqmWUxb8xXl88HlFzB+HBmOU6ZEKdpMCksTNDbqYo0jXiGJ0rL/0g==
   dependencies:
-    apollo-server-core "2.6.3"
-    apollo-server-express "2.6.3"
+    apollo-server-core "2.6.4"
+    apollo-server-express "2.6.4"
     express "^4.0.0"
     graphql-subscriptions "^1.0.0"
     graphql-tools "^4.0.0"

From 6e1d334671dc36f0d74c7fd589eb107681b65c0b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Fri, 21 Jun 2019 14:06:20 +0200
Subject: [PATCH 85/89] Add env to deployment

---
 deployment/human-connection/templates/secrets.template.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/deployment/human-connection/templates/secrets.template.yaml b/deployment/human-connection/templates/secrets.template.yaml
index 8f18dbf46..9f59b948a 100644
--- a/deployment/human-connection/templates/secrets.template.yaml
+++ b/deployment/human-connection/templates/secrets.template.yaml
@@ -5,6 +5,11 @@ data:
   MONGODB_PASSWORD: "TU9OR09EQl9QQVNTV09SRA=="
   PRIVATE_KEY_PASSPHRASE: "YTdkc2Y3OHNhZGc4N2FkODdzZmFnc2FkZzc4"
   MAPBOX_TOKEN: "cGsuZXlKMUlqb2lhSFZ0WVc0dFkyOXVibVZqZEdsdmJpSXNJbUVpT2lKamFqbDBjbkJ1Ykdvd2VUVmxNM1Z3WjJsek5UTnVkM1p0SW4wLktaOEtLOWw3MG9talhiRWtrYkhHc1EK"
+  SMTP_HOST:
+  SMTP_PORT: 587
+  SMTP_USERNAME:
+  SMTP_PASSWORD:
+  SMTP_IGNORE_TLS:
 metadata:
   name: human-connection
   namespace: human-connection

From 5018e60a1330c1bf2c78db5aed807d1e6438f7c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Fri, 21 Jun 2019 14:10:56 +0200
Subject: [PATCH 86/89] Renamed Tag to Hashtag in the Frontend
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Not in the database yet …
---
 webapp/components/ContributionForm/index.vue  |  6 +-
 webapp/components/Editor/index.vue            | 58 ++++++++++---------
 .../Editor/nodes/{Tag.js => Hashtag.js}       |  8 +--
 webapp/locales/de.json                        |  4 +-
 webapp/locales/en.json                        |  4 +-
 5 files changed, 41 insertions(+), 39 deletions(-)
 rename webapp/components/Editor/nodes/{Tag.js => Hashtag.js} (83%)

diff --git a/webapp/components/ContributionForm/index.vue b/webapp/components/ContributionForm/index.vue
index 3126fdc46..6c3c57640 100644
--- a/webapp/components/ContributionForm/index.vue
+++ b/webapp/components/ContributionForm/index.vue
@@ -6,7 +6,7 @@
         <no-ssr>
           <hc-editor
             :users="users"
-            :tags="tags"
+            :hashtags="hashtags"
             :value="form.content"
             @input="updateEditorContent"
           />
@@ -80,7 +80,7 @@ export default {
       disabled: false,
       slug: null,
       users: [],
-      tags: [],
+      hashtags: [],
     }
   },
   watch: {
@@ -179,7 +179,7 @@ export default {
         `
       },
       result(result) {
-        this.tags = result.data.Tag
+        this.hashtags = result.data.Tag
       },
     },
   },
diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index cbfaec854..538aac2fa 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -15,18 +15,20 @@
       <div v-else class="suggestion-list__item is-empty">
         {{ $t('editor.mention.noUsersFound') }}
       </div>
-      <template v-if="tagsFilterHasResults">
+      <template v-if="hashtagsFilterHasResults">
         <div
-          v-for="(tag, index) in filteredTags"
-          :key="tag.id"
+          v-for="(hashtag, index) in filteredHashtags"
+          :key="hashtag.id"
           class="suggestion-list__item"
           :class="{ 'is-selected': navigatedItemIndex === index }"
-          @click="selectItem(tag, 'tag')"
+          @click="selectItem(hashtag, 'hashtag')"
         >
-          #{{ tag.name }}
+          #{{ hashtag.name }}
         </div>
       </template>
-      <div v-else class="suggestion-list__item is-empty">{{ $t('editor.tag.noTagsFound') }}</div>
+      <div v-else class="suggestion-list__item is-empty">
+        {{ $t('editor.hashtag.noHashtagsFound') }}
+      </div>
     </div>
 
     <editor-menu-bubble :editor="editor">
@@ -187,7 +189,7 @@ import {
   History,
 } from 'tiptap-extensions'
 import Mention from './nodes/Mention.js'
-import Tag from './nodes/Tag.js'
+import Hashtag from './nodes/Hashtag.js'
 import { mapGetters } from 'vuex'
 
 let throttleInputEvent
@@ -200,7 +202,7 @@ export default {
   },
   props: {
     users: { type: Array, default: () => [] },
-    tags: { type: Array, default: () => [] },
+    hashtags: { type: Array, default: () => [] },
     value: { type: String, default: '' },
     doc: { type: Object, default: () => {} },
   },
@@ -295,13 +297,13 @@ export default {
               return fuse.search(query)
             },
           }),
-          new Tag({
+          new Hashtag({
             items: () => {
-              return this.tags
+              return this.hashtags
             },
             onEnter: ({ items, query, range, command, virtualNode }) => {
               this.query = query
-              this.filteredTags = items
+              this.filteredHashtags = items
               this.suggestionRange = range
               this.renderPopup(virtualNode)
               // we save the command for inserting a selected mention
@@ -312,7 +314,7 @@ export default {
             // is called when a suggestion has changed
             onChange: ({ items, query, range, virtualNode }) => {
               this.query = query
-              this.filteredTags = items
+              this.filteredHashtags = items
               this.suggestionRange = range
               this.navigatedItemIndex = 0
               this.renderPopup(virtualNode)
@@ -321,7 +323,7 @@ export default {
             onExit: () => {
               // reset all saved values
               this.query = null
-              this.filteredTags = []
+              this.filteredHashtags = []
               this.suggestionRange = null
               this.navigatedItemIndex = 0
               this.destroyPopup()
@@ -330,24 +332,24 @@ export default {
             onKeyDown: ({ event }) => {
               // pressing up arrow
               if (event.keyCode === 38) {
-                this.upHandler(this.filteredTags)
+                this.upHandler(this.filteredHashtags)
                 return true
               }
               // pressing down arrow
               if (event.keyCode === 40) {
-                this.downHandler(this.filteredTags)
+                this.downHandler(this.filteredHashtags)
                 return true
               }
               // pressing enter
               if (event.keyCode === 13) {
-                this.enterHandler(this.filteredTags, 'tag')
+                this.enterHandler(this.filteredHashtags, 'hashtag')
                 return true
               }
               // pressing space
-              if (event.keyCode === 32) {
-                // this.enterHandler(this.filteredTags, 'tag')
-                return true
-              }
+              // if (event.keyCode === 32) {
+              //   // this.enterHandler(this.filteredHashtags, 'hashtag')
+              //   return true
+              // }
               return false
             },
             // is called when a suggestion has changed
@@ -376,7 +378,7 @@ export default {
       query: null,
       suggestionRange: null,
       filteredUsers: [],
-      filteredTags: [],
+      filteredHashtags: [],
       navigatedItemIndex: 0,
       insertMention: () => {},
       observer: null,
@@ -387,11 +389,11 @@ export default {
     usersFilterHasResults() {
       return this.filteredUsers.length > 0
     },
-    tagsFilterHasResults() {
-      return this.filteredTags.length > 0
+    hashtagsFilterHasResults() {
+      return this.filteredHashtags.length > 0
     },
     showSuggestions() {
-      return this.query || this.usersFilterHasResults || this.tagsFilterHasResults
+      return this.query || this.usersFilterHasResults || this.hashtagsFilterHasResults
     },
   },
   watch: {
@@ -446,8 +448,8 @@ export default {
           url: `/profile/${item.id}`,
           label: item.slug,
         },
-        tag: {
-          // TODO: Fill up with input tag in search field
+        hashtag: {
+          // TODO: Fill up with input hashtag in search field
           url: `/search/hashtag:${item.name}`,
           label: item.name,
         },
@@ -633,10 +635,10 @@ li > p {
   .mention-suggestion {
     color: $color-primary;
   }
-  .tag {
+  .hashtag {
     color: $color-primary;
   }
-  .tag-suggestion {
+  .hashtag-suggestion {
     color: $color-primary;
   }
   &__floating-menu {
diff --git a/webapp/components/Editor/nodes/Tag.js b/webapp/components/Editor/nodes/Hashtag.js
similarity index 83%
rename from webapp/components/Editor/nodes/Tag.js
rename to webapp/components/Editor/nodes/Hashtag.js
index e372eb21c..97f43bcd5 100644
--- a/webapp/components/Editor/nodes/Tag.js
+++ b/webapp/components/Editor/nodes/Hashtag.js
@@ -1,8 +1,8 @@
 import { Mention as TipTapMention } from 'tiptap-extensions'
 
-export default class Tag extends TipTapMention {
+export default class Hashtag extends TipTapMention {
   get name() {
-    return 'tag'
+    return 'hashtag'
   }
 
   get defaultOptions() {
@@ -12,8 +12,8 @@ export default class Tag extends TipTapMention {
         allowSpaces: false,
         startOfLine: false,
       },
-      mentionClass: 'tag',
-      suggestionClass: 'tag-suggestion',
+      mentionClass: 'hashtag',
+      suggestionClass: 'hashtag-suggestion',
     }
   }
 
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index cd9d86819..6896833ec 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -18,8 +18,8 @@
     "mention": {
       "noUsersFound": "Keine Benutzer gefunden"
     },
-    "tag": {
-      "noTagsFound": "Keine Hashtags gefunden"
+    "hashtag": {
+      "noHashtagsFound": "Keine Hashtags gefunden"
     }
   },
   "profile": {
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 47e649395..95f0688cb 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -18,8 +18,8 @@
     "mention": {
       "noUsersFound": "No users found"
     },
-    "tag": {
-      "noTagsFound": "No hashtags found"
+    "hashtag": {
+      "noHashtagsFound": "No hashtags found"
     }
   },
   "profile": {

From 3076f9f455ec470238a4d9d354fb8ef7b9a75688 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Fri, 21 Jun 2019 22:11:41 +0200
Subject: [PATCH 87/89] Get rid of console.errors in tests of FilterMenu

---
 webapp/components/FilterMenu/FilterMenu.spec.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/webapp/components/FilterMenu/FilterMenu.spec.js b/webapp/components/FilterMenu/FilterMenu.spec.js
index 030ad20da..e345531d0 100644
--- a/webapp/components/FilterMenu/FilterMenu.spec.js
+++ b/webapp/components/FilterMenu/FilterMenu.spec.js
@@ -1,10 +1,12 @@
 import { mount, createLocalVue } from '@vue/test-utils'
 import FilterMenu from './FilterMenu.vue'
 import Styleguide from '@human-connection/styleguide'
+import VTooltip from 'v-tooltip'
 
 const localVue = createLocalVue()
 
 localVue.use(Styleguide)
+localVue.use(VTooltip)
 
 describe('FilterMenu.vue', () => {
   let wrapper

From 1f0f8c9e396ef0619bd9ffa5e63741d088dff21b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Mon, 24 Jun 2019 09:25:36 +0200
Subject: [PATCH 88/89] Set Hashtag also by press space and creates then a new
 one

Changed Tag permissionMiddleware from isAdmin to allow.
---
 .../src/middleware/permissionsMiddleware.js   |  4 +-
 webapp/components/Editor/index.vue            | 95 +++++++++++--------
 2 files changed, 57 insertions(+), 42 deletions(-)

diff --git a/backend/src/middleware/permissionsMiddleware.js b/backend/src/middleware/permissionsMiddleware.js
index dbcde849c..0ba11d0c4 100644
--- a/backend/src/middleware/permissionsMiddleware.js
+++ b/backend/src/middleware/permissionsMiddleware.js
@@ -105,8 +105,8 @@ const permissions = shield(
     Query: {
       '*': deny,
       findPosts: allow,
-      Category: isAdmin,
-      Tag: isAdmin,
+      Category: allow,
+      Tag: allow,
       Report: isModerator,
       Notification: isAdmin,
       statistics: allow,
diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index 538aac2fa..c47afb2a8 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -1,33 +1,37 @@
 <template>
   <div class="editor">
     <div v-show="showSuggestions" ref="suggestions" class="suggestion-list">
-      <template v-if="usersFilterHasResults">
-        <div
-          v-for="(user, index) in filteredUsers"
-          :key="user.id"
-          class="suggestion-list__item"
-          :class="{ 'is-selected': navigatedItemIndex === index }"
-          @click="selectItem(user, 'mention')"
-        >
-          @{{ user.slug }}
+      <div v-if="isMention">
+        <template v-if="usersFilterHasResults">
+          <div
+            v-for="(user, index) in filteredUsers"
+            :key="user.id"
+            class="suggestion-list__item"
+            :class="{ 'is-selected': navigatedItemIndex === index }"
+            @click="selectItem(user, mentionSuggestionType)"
+          >
+            @{{ user.slug }}
+          </div>
+        </template>
+        <div v-else class="suggestion-list__item is-empty">
+          {{ $t('editor.mention.noUsersFound') }}
         </div>
-      </template>
-      <div v-else class="suggestion-list__item is-empty">
-        {{ $t('editor.mention.noUsersFound') }}
       </div>
-      <template v-if="hashtagsFilterHasResults">
-        <div
-          v-for="(hashtag, index) in filteredHashtags"
-          :key="hashtag.id"
-          class="suggestion-list__item"
-          :class="{ 'is-selected': navigatedItemIndex === index }"
-          @click="selectItem(hashtag, 'hashtag')"
-        >
-          #{{ hashtag.name }}
+      <div v-if="isHashtag">
+        <template v-if="hashtagsFilterHasResults">
+          <div
+            v-for="(hashtag, index) in filteredHashtags"
+            :key="hashtag.id"
+            class="suggestion-list__item"
+            :class="{ 'is-selected': navigatedItemIndex === index }"
+            @click="selectItem(hashtag, hashtagSuggestionType)"
+          >
+            #{{ hashtag.name }}
+          </div>
+        </template>
+        <div v-else class="suggestion-list__item is-empty">
+          {{ $t('editor.hashtag.noHashtagsFound') }}
         </div>
-      </template>
-      <div v-else class="suggestion-list__item is-empty">
-        {{ $t('editor.hashtag.noHashtagsFound') }}
       </div>
     </div>
 
@@ -234,6 +238,7 @@ export default {
           new History(),
           new Mention({
             items: () => {
+              this.suggestionType = this.mentionSuggestionType
               return this.users
             },
             onEnter: ({ items, query, range, command, virtualNode }) => {
@@ -257,6 +262,7 @@ export default {
             // is called when a suggestion is cancelled
             onExit: () => {
               // reset all saved values
+              this.suggestionType = ''
               this.query = null
               this.filteredUsers = []
               this.suggestionRange = null
@@ -277,7 +283,7 @@ export default {
               }
               // pressing enter
               if (event.keyCode === 13) {
-                this.enterHandler(this.filteredUsers, 'mention')
+                this.enterHandler(this.filteredUsers, this.mentionSuggestionType)
                 return true
               }
               return false
@@ -299,6 +305,7 @@ export default {
           }),
           new Hashtag({
             items: () => {
+              this.suggestionType = this.hashtagSuggestionType
               return this.hashtags
             },
             onEnter: ({ items, query, range, command, virtualNode }) => {
@@ -322,6 +329,7 @@ export default {
             // is called when a suggestion is cancelled
             onExit: () => {
               // reset all saved values
+              this.suggestionType = ''
               this.query = null
               this.filteredHashtags = []
               this.suggestionRange = null
@@ -340,16 +348,11 @@ export default {
                 this.downHandler(this.filteredHashtags)
                 return true
               }
-              // pressing enter
-              if (event.keyCode === 13) {
-                this.enterHandler(this.filteredHashtags, 'hashtag')
+              // pressing enter or pressing space
+              if (event.keyCode === 13 || event.keyCode === 32) {
+                this.enterHandler(this.filteredHashtags, this.hashtagSuggestionType)
                 return true
               }
-              // pressing space
-              // if (event.keyCode === 32) {
-              //   // this.enterHandler(this.filteredHashtags, 'hashtag')
-              //   return true
-              // }
               return false
             },
             // is called when a suggestion has changed
@@ -375,6 +378,9 @@ export default {
       }),
       linkUrl: null,
       linkMenuIsActive: false,
+      mentionSuggestionType: 'mention',
+      hashtagSuggestionType: 'hashtag',
+      suggestionType: '',
       query: null,
       suggestionRange: null,
       filteredUsers: [],
@@ -395,6 +401,12 @@ export default {
     showSuggestions() {
       return this.query || this.usersFilterHasResults || this.hashtagsFilterHasResults
     },
+    isMention() {
+      return this.suggestionType === this.mentionSuggestionType
+    },
+    isHashtag() {
+      return this.suggestionType === this.hashtagSuggestionType
+    },
   },
   watch: {
     value: {
@@ -426,22 +438,25 @@ export default {
     // if it's the first item, navigate to the last one
     upHandler(filteredArray) {
       this.navigatedItemIndex =
-        (this.navigatedItemIndex + this.filteredArray.length - 1) % this.filteredArray.length
+        (this.navigatedItemIndex + filteredArray.length - 1) % filteredArray.length
     },
     // navigate to the next item
     // if it's the last item, navigate to the first one
     downHandler(filteredArray) {
-      this.navigatedItemIndex = (this.navigatedItemIndex + 1) % this.filteredArray.length
+      this.navigatedItemIndex = (this.navigatedItemIndex + 1) % filteredArray.length
     },
-    enterHandler(filteredArray, type) {
-      const item = this.filteredArray[this.navigatedItemIndex]
+    // For hashtags handles pressing of space as enter.
+    enterHandler(filteredArray, suggestionType) {
+      const item = filteredArray[this.navigatedItemIndex]
       if (item) {
-        this.selectItem(item, type)
+        this.selectItem(item, suggestionType)
+      } else if (suggestionType === this.hashtagSuggestionType && this.query !== '') {
+        this.selectItem({ name: this.query }, this.hashtagSuggestionType)
       }
     },
     // we have to replace our suggestion text with a mention
     // so it's important to pass also the position of your suggestion text
-    selectItem(item, type) {
+    selectItem(item, suggestionType) {
       const typeAttrs = {
         mention: {
           // TODO: use router here
@@ -456,7 +471,7 @@ export default {
       }
       this.insertMention({
         range: this.suggestionRange,
-        attrs: typeAttrs[type],
+        attrs: typeAttrs[suggestionType],
       })
       this.editor.focus()
     },

From 8c2c73132257e01eff6bbff936d6e14d613b5361 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Mon, 24 Jun 2019 12:10:26 +0200
Subject: [PATCH 89/89] Backfactored as close as possible to original of
 Mention.js

---
 webapp/components/Editor/index.vue | 115 ++++++++++++-----------------
 1 file changed, 48 insertions(+), 67 deletions(-)

diff --git a/webapp/components/Editor/index.vue b/webapp/components/Editor/index.vue
index c47afb2a8..0376d22c9 100644
--- a/webapp/components/Editor/index.vue
+++ b/webapp/components/Editor/index.vue
@@ -1,37 +1,21 @@
 <template>
   <div class="editor">
     <div v-show="showSuggestions" ref="suggestions" class="suggestion-list">
-      <div v-if="isMention">
-        <template v-if="usersFilterHasResults">
-          <div
-            v-for="(user, index) in filteredUsers"
-            :key="user.id"
-            class="suggestion-list__item"
-            :class="{ 'is-selected': navigatedItemIndex === index }"
-            @click="selectItem(user, mentionSuggestionType)"
-          >
-            @{{ user.slug }}
-          </div>
-        </template>
-        <div v-else class="suggestion-list__item is-empty">
-          {{ $t('editor.mention.noUsersFound') }}
-        </div>
-      </div>
-      <div v-if="isHashtag">
-        <template v-if="hashtagsFilterHasResults">
-          <div
-            v-for="(hashtag, index) in filteredHashtags"
-            :key="hashtag.id"
-            class="suggestion-list__item"
-            :class="{ 'is-selected': navigatedItemIndex === index }"
-            @click="selectItem(hashtag, hashtagSuggestionType)"
-          >
-            #{{ hashtag.name }}
-          </div>
-        </template>
-        <div v-else class="suggestion-list__item is-empty">
-          {{ $t('editor.hashtag.noHashtagsFound') }}
+      <template v-if="hasResults">
+        <div
+          v-for="(item, index) in filteredItems"
+          :key="item.id"
+          class="suggestion-list__item"
+          :class="{ 'is-selected': navigatedItemIndex === index }"
+          @click="selectItem(item)"
+        >
+          <div v-if="isMention">@{{ item.slug }}</div>
+          <div v-if="isHashtag">#{{ item.name }}</div>
         </div>
+      </template>
+      <div v-else class="suggestion-list__item is-empty">
+        <div v-if="isMention">{{ $t('editor.mention.noUsersFound') }}</div>
+        <div v-if="isHashtag">{{ $t('editor.hashtag.noHashtagsFound') }}</div>
       </div>
     </div>
 
@@ -243,18 +227,18 @@ export default {
             },
             onEnter: ({ items, query, range, command, virtualNode }) => {
               this.query = query
-              this.filteredUsers = items
+              this.filteredItems = items
               this.suggestionRange = range
               this.renderPopup(virtualNode)
               // we save the command for inserting a selected mention
               // this allows us to call it inside of our custom popup
               // via keyboard navigation and on click
-              this.insertMention = command
+              this.insertMentionOrHashtag = command
             },
             // is called when a suggestion has changed
             onChange: ({ items, query, range, virtualNode }) => {
               this.query = query
-              this.filteredUsers = items
+              this.filteredItems = items
               this.suggestionRange = range
               this.navigatedItemIndex = 0
               this.renderPopup(virtualNode)
@@ -262,9 +246,9 @@ export default {
             // is called when a suggestion is cancelled
             onExit: () => {
               // reset all saved values
-              this.suggestionType = ''
+              this.suggestionType = this.nullSuggestionType
               this.query = null
-              this.filteredUsers = []
+              this.filteredItems = []
               this.suggestionRange = null
               this.navigatedItemIndex = 0
               this.destroyPopup()
@@ -273,17 +257,17 @@ export default {
             onKeyDown: ({ event }) => {
               // pressing up arrow
               if (event.keyCode === 38) {
-                this.upHandler(this.filteredUsers)
+                this.upHandler()
                 return true
               }
               // pressing down arrow
               if (event.keyCode === 40) {
-                this.downHandler(this.filteredUsers)
+                this.downHandler()
                 return true
               }
               // pressing enter
               if (event.keyCode === 13) {
-                this.enterHandler(this.filteredUsers, this.mentionSuggestionType)
+                this.enterHandler(this.mentionSuggestionType)
                 return true
               }
               return false
@@ -310,18 +294,18 @@ export default {
             },
             onEnter: ({ items, query, range, command, virtualNode }) => {
               this.query = query
-              this.filteredHashtags = items
+              this.filteredItems = items
               this.suggestionRange = range
               this.renderPopup(virtualNode)
               // we save the command for inserting a selected mention
               // this allows us to call it inside of our custom popup
               // via keyboard navigation and on click
-              this.insertMention = command
+              this.insertMentionOrHashtag = command
             },
             // is called when a suggestion has changed
             onChange: ({ items, query, range, virtualNode }) => {
               this.query = query
-              this.filteredHashtags = items
+              this.filteredItems = items
               this.suggestionRange = range
               this.navigatedItemIndex = 0
               this.renderPopup(virtualNode)
@@ -329,9 +313,9 @@ export default {
             // is called when a suggestion is cancelled
             onExit: () => {
               // reset all saved values
-              this.suggestionType = ''
+              this.suggestionType = this.nullSuggestionType
               this.query = null
-              this.filteredHashtags = []
+              this.filteredItems = []
               this.suggestionRange = null
               this.navigatedItemIndex = 0
               this.destroyPopup()
@@ -340,17 +324,17 @@ export default {
             onKeyDown: ({ event }) => {
               // pressing up arrow
               if (event.keyCode === 38) {
-                this.upHandler(this.filteredHashtags)
+                this.upHandler()
                 return true
               }
               // pressing down arrow
               if (event.keyCode === 40) {
-                this.downHandler(this.filteredHashtags)
+                this.downHandler()
                 return true
               }
               // pressing enter or pressing space
               if (event.keyCode === 13 || event.keyCode === 32) {
-                this.enterHandler(this.filteredHashtags, this.hashtagSuggestionType)
+                this.enterHandler(this.hashtagSuggestionType)
                 return true
               }
               return false
@@ -378,28 +362,25 @@ export default {
       }),
       linkUrl: null,
       linkMenuIsActive: false,
+      nullSuggestionType: '',
       mentionSuggestionType: 'mention',
       hashtagSuggestionType: 'hashtag',
-      suggestionType: '',
+      suggestionType: this.nullSuggestionType,
       query: null,
       suggestionRange: null,
-      filteredUsers: [],
-      filteredHashtags: [],
+      filteredItems: [],
       navigatedItemIndex: 0,
-      insertMention: () => {},
+      insertMentionOrHashtag: () => {},
       observer: null,
     }
   },
   computed: {
     ...mapGetters({ placeholder: 'editor/placeholder' }),
-    usersFilterHasResults() {
-      return this.filteredUsers.length > 0
-    },
-    hashtagsFilterHasResults() {
-      return this.filteredHashtags.length > 0
+    hasResults() {
+      return this.filteredItems.length
     },
     showSuggestions() {
-      return this.query || this.usersFilterHasResults || this.hashtagsFilterHasResults
+      return this.query || this.hasResults
     },
     isMention() {
       return this.suggestionType === this.mentionSuggestionType
@@ -436,27 +417,27 @@ export default {
   methods: {
     // navigate to the previous item
     // if it's the first item, navigate to the last one
-    upHandler(filteredArray) {
+    upHandler() {
       this.navigatedItemIndex =
-        (this.navigatedItemIndex + filteredArray.length - 1) % filteredArray.length
+        (this.navigatedItemIndex + this.filteredItems.length - 1) % this.filteredItems.length
     },
     // navigate to the next item
     // if it's the last item, navigate to the first one
-    downHandler(filteredArray) {
-      this.navigatedItemIndex = (this.navigatedItemIndex + 1) % filteredArray.length
+    downHandler() {
+      this.navigatedItemIndex = (this.navigatedItemIndex + 1) % this.filteredItems.length
     },
     // For hashtags handles pressing of space as enter.
-    enterHandler(filteredArray, suggestionType) {
-      const item = filteredArray[this.navigatedItemIndex]
+    enterHandler() {
+      const item = this.filteredItems[this.navigatedItemIndex]
       if (item) {
-        this.selectItem(item, suggestionType)
-      } else if (suggestionType === this.hashtagSuggestionType && this.query !== '') {
+        this.selectItem(item)
+      } else if (this.suggestionType === this.hashtagSuggestionType && this.query !== '') {
         this.selectItem({ name: this.query }, this.hashtagSuggestionType)
       }
     },
     // we have to replace our suggestion text with a mention
     // so it's important to pass also the position of your suggestion text
-    selectItem(item, suggestionType) {
+    selectItem(item) {
       const typeAttrs = {
         mention: {
           // TODO: use router here
@@ -469,9 +450,9 @@ export default {
           label: item.name,
         },
       }
-      this.insertMention({
+      this.insertMentionOrHashtag({
         range: this.suggestionRange,
-        attrs: typeAttrs[suggestionType],
+        attrs: typeAttrs[this.suggestionType],
       })
       this.editor.focus()
     },