Forms in web applications are an essential interface for user input. However, form markup can quickly become tedious to write and maintain because of the need to handle form control naming and its numerous attributes.

* HTML 5
* **Routing** generate route methods, redirect, have these methods available in views and controllers 
* **Forms**
* **Assets**
* Links
* Markup Escape
* Numbers
* Custom Helpers

Implemented in a way that separates the behavior that we want to express (entities) from the persistence layer (repositories and database). This design helps keep the interface of our objects small and therefore keeps them fast and reusable.

As a developer I want to be able to specify when to sign or encrypt cookies for session store.

Acceptance Criteria:

• Sets a signed cookie, which prevents users from tampering with its value.
• Sets an encrypted cookie value before sending it to the client which prevent users from reading and tampering with its value.

As a developer I want to redirect to the correct resource path.

Acceptance Criteria:

• Location should contain the resource scope defined in routes.

As a Developer I want to deliver a mail message, by rendering one or more templates.

Acceptance Criteria:

• Send and receive email within the framework.
• Generate and edit an Mailer class and mailer view.
• Configure Action Mailer for my environment.
• Be able to test your Action Mailer classes.

Currently the example demo site is not working due to the changes that we have been making to the framework.

The ClientSocket also needs access to the request context (session, cookies, etc). This would be necessary for the authorization of a logged in user.

Acceptance criteria

• context properties defined and accessible in ClientSocket subclasses

Scopes are a way to group routes under a common path prefix and scoped set of plug middleware. We might want to do this for admin functionality, APIs, and especially for versioned APIs. Let's say we have user generated reviews on a site, and that those reviews first need to be approved by an admin. The semantics of these resources are quite different, and they might not share the same controller. Scopes enable us to segregate these routes.

When launching a new application, the log message shows version 0.1.4 but it should be running version 0.1.17

web_1      | I, [2017-07-16 15:18:00 +0000 #752]  INFO -- : [Amber 0.1.4] serving application "Blog web application." at http://0.0.0.0:3000

As a developer I want to add modules and methods to enrich views with a collection of useful features. i.e (csrf_tag, checkbox_field, etc)

Acceptance Criteria:

• Isolate and Abstract additional functionality into modules and make them available using include language keyword.
• Wrap views with presenters to abstract functionality

Cross-site request forgery is a type of attack in which a site tricks a user into making requests on another site, possibly adding, modifying or deleting data on that site without the user's knowledge or permission.

The first step to avoid this is to make sure all "destructive" actions (create, update and destroy) can only be accessed with non-GET requests. If you're following RESTful conventions you're already doing this. However, a malicious site can still send a non-GET request to your site quite easily, and that's where the request forgery protection comes in. As the name says, it protects from forged requests.

• Parameters are taken from the context env and passed as an argument to #call. They are similar to a Ruby Hash, but they offer an expanded set of features.

  • Look into
    • https://github.com/dry-rb/dry-logic/blob/master/lib/dry/logic/predicates.rb
    • https://github.com/neovintage/accord

• Whitelisting and Validations

• params do
  required(:name).filled(:str?)
  required(:email).filled(:str?, format?: /@/).confirmation
  required(:password).filled(:str?).confirmation
  required(:terms_of_service).filled(:bool?)
  required(:age).filled(:int?, included_in?: 18..99)
  optional(:avatar).filled(size?: 1..(MEGABYTE * 3))
  end

Hello,

In the configuration (https://amber-crystal.gitbooks.io/amber/content/getting-started/configuration.html) there is a default env variable for the port but not the host. It could be interesting to add one.

  port = ENV["PORT"] || 8080
  app.host = ENV["HOST"] || "0.0.0.0"

(note: shouln't it be a ENV[...]? ?)

The router supports other macros besides those for HTTP verbs like get, post, and put. The most important among them is resources, which expands out to eight clauses of the match/3 function.

GET /users UserController :index
GET /users/:id/edit UserController :edit
GET /users/new UserController :new
GET /users/:id UserController :show
POST /users UserController :create
PATCH /users/:id UserController :update
PUT /users/:id UserController :update
DELETE /users/:id UserController :delete

As a developer I would like to read how many Processes are running since Amber::Server is launching new processes, not threads.

https://github.com/Amber-Crystal/Amber/blob/master/src/amber.cr#L46

Acceptance Criteria:

• Variable is renamed from THREAD_COUNT to PROCESS_COUNT

It is necessary to be able to broadcast a message to all subscribers of a topic from outside of the context of a socket or channel, like from a controller action.

Acceptance criteria

• User can broadcast a message from a controller action (or anywhere else in the application)

The flash is a special part of the session which is cleared with each request. This means that values stored there will only be available in the next request, which is useful for passing error messages etc.

Be able to manage Dev, Test and Prod environment settings.

Change static handler to cache static assets or perhaps even compile them in. Currently static asset delivery is orders of magnitude slower than slang/ecr rendering.

The user should have the ability to publish (and subscribe) all messages to a pub/sub service like Redis (or postgres). This will allow for sockets on multiple servers scaled in parallel to still communicate with each other.

Acceptance Criteria:

• Socket messages should be published to a pubsub service
• Amber servers should subscribe to pubsub service, and broadcast messages to sockets

Hello,

I add a problem when generating a controller with a name that comes before "application_controller.cr".
The default loader could be like

class ApplicationController < Amber::Controller::Base
  LAYOUT = "application.slang"
end

require "./**"

and in the init could be

require "amber"
require "./controllers/application_controller"
# ...

What do you think ?

In crystal 0.23 adds a new argument to the static handler called directory_listing, currently, this argument is not being instantiated in the existing handler causing it to break Amber static sites.

Acceptance Criteria

• - Add and initialize directory listing
• - Default directory listing to false
• - Add specs.

As a Developer I want to serve static files.

Acceptance Criteria:

• [] Define static pipeline to render static files.
• [] Be able to serve an html file with static content

As a Developer I want to abstract all strings and other locale specific bits (such as date or currency formats) out of the application

Acceptance Criteria:

• Ensure you have support for i18n.
• Setup where to find locale dictionaries.
• Setup how to set, preserve and switch locales.

The current Cookies implementation is not parsing the Set-Cookie header. See https://github.com/Amber-Crystal/amber/blob/master/src/amber/router/cookies.cr#L43

Basically we should be implementing/adding this https://github.com/crystal-lang/crystal/blob/3c3d3e2b830e81de0aa39b7af0cd6f82f759c410/src/http/cookie.cr#L150

Acceptance Criteria

• Have the fill_from_headers load cookies from Set-Cookies

We refer to HTTP caching as the set of techniques for HTTP 1.1 and implemented by browser vendors in order to make faster interactions with the server. There are a few headers that, if sent, will enable these HTTP caching mechanisms.

The html, json, text and xml helpers simplify setting the response headers.

Tasks:

• Create a new module in the controllers folder that ports over the following helpers from Kemalyst: https://github.com/kemalyst/kemalyst/blob/master/src/kemalyst/controller.cr#L49-L92
• Change the macros to def's.
• Include the module in the controller base class.

Acceptance Criteria:

• The ability to use templates to render text, xml, html, json
• The proper content-type and response code is set

The application must have a session for each user in which you can store small amounts of data that will be persisted between requests. The session is only available in the controller and the view and can use one of a number of different storage mechanisms

Web-sockets are based on a simple idea - sending and receiving messages. Senders broadcast messages about topics. Receivers subscribe to topics so that they can get those messages. Senders and receivers can switch roles on the same topic at any time.

The current route definition get "/", :hello, :index, :api is a little unreadable with 3 symbols in a row, and is not immediately obvious what each symbol does.

Using the full class name, in my opinion, makes the route more readable and obvious what the route is doing:
get "/", HelloController, :index, :api

"heartbeat" prevents stale connections from being kept on the server. Also notifies connected clients if the server becomes unreachable.

Acceptance Criteria:

server

• Server should send periodic ping frames should be sent out by the server.
• Clients that quit responding to pings (with pong) frame, should be removed from the connections list
• Exceptions when sending messages should be caught, and inactive connections removed

client

• Clients should send periodic ping frames.
• Clients should try to reconnect if the server stops responding to pings

As a developer I would like to know all the available routes define in my application

Acceptance Criteria:

• Have a hash with the routes resources and the route class.

The fellows over at Nanobox are willing to add support for Crystal (and by extension Amber), but need some votes for it and could use some relevant information on how to configure it and so forth. They've asked for some links and input, please chime in:
https://trello.com/c/belEWLqo/60-crystal

If I create resourceful routes like:

resources "posts", PostController, [:index, :show]

It errors on compile because all the other actions don't exist in my controller. This happens because the if in the following code happens at run time but the macro that creates the route happens at compile time.

    macro resources(path, controller, actions = [:index, :edit, :new, :show, :create, :update, :put, :delete])
      get "{{path.id}}", {{controller}}, :index if {{actions}}.includes?(:index)
      get "{{path.id}}/:id/edit", {{controller}}, :edit  if {{actions}}.includes?(:edit)
      get "{{path.id}}/new", {{controller}}, :new if {{actions}}.includes?(:new)
      get "{{path.id}}/:id", {{controller}}, :show if {{actions}}.includes?(:show)
      post "{{path.id}}", {{controller}}, :create if {{actions}}.includes?(:create)
      patch "{{path.id}}/:id", {{controller}}, :update if {{actions}}.includes?(:update)
      put "{{path.id}}/:id", {{controller}}, :update if {{actions}}.includes?(:update)
      delete "{{path.id}}/:id", {{controller}}, :delete if {{actions}}.includes?(:delete)
    end

The fix would probably be to check if actions include the right thing at compile time in the macro before creating the route. Like this:

{% if actions.includes?(:index) %}
get "{{path.id}}", {{controller}}, :index
{% end %}

I can send a PR on this unless there's a specific reason the code is written that way.

The idea behind hot reloading is to keep the app running and to inject new versions of the files that you edited at runtime. This way, you don't lose any of your state which is especially useful if you are tweaking the UI.

Prerequisites

• Put an X between the brackets on this line if you have done all of the following:
  • Reproduced the problem
  • Checked that your issue isn't already filed: https://github.com/Amber-Crystal/amber/issues
  • Checked that there is not already a Crystal Shard that provides the described functionality: http://crystalshards.xyz/

Description

App compiles and runs perfectly fine on OS X El Capitan 10.11.4

Yet on Linux (tried Debian 8 and Linux Mint) I get:

Error in lib/amber/src/amber/router/pipe/static.cr:15: this 'initialize' doesn't initialize instance variable '@directory_listing' of HTTP::StaticFileHandler,
                  with Amber::Pipe::Static < HTTP::StaticFileHandler, rendering it nilable

I tried but I can't solve this error. Is this a Crystal compiler bug?

Steps to Reproduce

1. Write an Amber app
2. Compile and run it on OS X with 0.23.0
3. Try compiling it on Debian 8 64-bit with latest Crystal

Expected behavior: App should compile and run like on OS X.

Actual behavior: amber w, amber r, and crystal run src/myapp.cr won't work.

Reproduces how often: 100%

Versions

Amber CMD (ambercr.io) - v0.1.15

Darwin Jonathans-MacBook-Pro-2.local 15.6.0 Darwin Kernel Version 15.6.0: Mon Aug 29 20:21:34 PDT 2016; root:xnu-3248.60.11~1/RELEASE_X86_64 x86_64

Linux mixflame 4.9.15-x86_64-linode81 #1 SMP Fri Mar 17 09:47:36 EDT 2017 x86_64 GNU/Linux

Crystal 0.23.0 [3c3d3e2] (2017-06-28) LLVM 3.8.1

Your application can store small amounts of data on the client - called cookies - that will be persisted across requests and even sessions.

This line in config/application.cr

app.env = (ENV["AMBER_ENV"] ||= "development").colorize(:yellow).to_s

should be changed to

app.env = (ENV["AMBER_ENV"] ||= "development").to_s

otherwise Amber.server.instance will contain, for example "\e[33mproduction\e[0m" as the app.env instead of "production"

Thanks 🍕 💎

(On Crystal 0.22.0 and amber:master)

In the README.md example, this line did not work for me:
get "/", :hello, :world, :api
I had to make this change to make it compile:
get "/", :HelloController, :world, :api

Views are objects that's responsible for rendering a template. Views also provide functions which takes raw data and make it easier for templates to consume. If you are familiar with decorators or the facade pattern, this is similar.

As a developer I want to be able to instantiate a flash variable when using the redirect_to method.

Controller Filters are reusable modules that lives within the controller layer and the sole purpose is to validate and transform request/response data. Filters are useful for validating controller action, transforming controller actions the difference between a Pipe and a Filter is that a filter acts on a specific context such as the request, response, session, headers etc., while a Pipe action on the connection lifecycle.

When running a stress test against the example hello world app I got it to crash when trying to hit /index.html

wrk -d 20 -t 4 -c 1015 http://0.0.0.0:4000/index.html

Params: =index.html
accept: Too many open files (Errno)
0x10defddc5: *CallStack::new:CallStack at ??
0x10df00a6e: *raise<Errno>:NoReturn at ??
0x10dfbb065: *Amber::Server#start:Nil at ??
0x10defbfa2: __crystal_main at ??
0x10df24bdb: main at ??

I'm thinking it could be an open file descriptor issue or something else, but I'll look into see if its a crystal-lang bug or something that we can tackle.
Possibly related - crystal-lang/crystal#780

Pipes Is a series composable transformations thru out the connection lifecycle. We interact with pipes at every step of the connection lifecycle, and the core Amber components like Endpoints, Routers, and Controllers are all just Pipes internally. The basic idea of a Pipe is to unify the concept of a "connection" that we operate on. This differs from other HTTP middleware layers such as Rack, where the request and response are separated in the middleware stack.

Generators for action, routes, html views, json views, models, migrations,
start and end server
run tests