From 5230cd11589d6dfc5c4c2a2e89709d43913f91ef Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Thu, 5 Dec 2019 21:25:01 +0100
Subject: [PATCH 01/10] add mysec prompt

---
 generators/app/index.js | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/generators/app/index.js b/generators/app/index.js
index 80e4101f..b331bd49 100644
--- a/generators/app/index.js
+++ b/generators/app/index.js
@@ -130,6 +130,16 @@ module.exports = class extends Generator {
     //   message: 'How would you like to build your app?',
     //   default: 'ant'
     // },
+    {
+      when: response => {
+        return response.apptype[1] === 'application'
+      },
+      type: 'confirm',
+      name: 'mysec',
+      message: 'should your app have a secure area?',
+      default: false,
+      store: true
+    },
 
     // Path related
     {

From 04355d4ca55efe3eb7bef8fe69eed05b7c7db476 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Thu, 5 Dec 2019 22:53:36 +0100
Subject: [PATCH 02/10] feat(mysec): add mysec app files

---
 generators/app/templates/app.xql              | 42 ++++++++++
 generators/app/templates/config.xqm           |  5 ++
 .../app/templates/mysec/admin/controller.xql  | 77 +++++++++++++++++
 .../app/templates/mysec/admin/index.html      | 17 ++++
 .../app/templates/mysec/admin/security.html   | 18 ++++
 .../mysec/templates/login-panel.html          | 38 +++++++++
 .../app/templates/mysec/templates/page.html   | 82 +++++++++++++++++++
 7 files changed, 279 insertions(+)
 create mode 100644 generators/app/templates/mysec/admin/controller.xql
 create mode 100644 generators/app/templates/mysec/admin/index.html
 create mode 100644 generators/app/templates/mysec/admin/security.html
 create mode 100644 generators/app/templates/mysec/templates/login-panel.html
 create mode 100644 generators/app/templates/mysec/templates/page.html

diff --git a/generators/app/templates/app.xql b/generators/app/templates/app.xql
index 626e6583..874e8f3d 100755
--- a/generators/app/templates/app.xql
+++ b/generators/app/templates/app.xql
@@ -28,3 +28,45 @@ declare
 function app:foo($node as node(), $model as map(*)) {
     <p>Dummy templating function.</p>
 };
+ <%_ if (mysec == true) { %>
+declare function app:test($node as node(), $model as map(*)) {
+    <p>Dummy template output generated by function app:test at {current-dateTime()}. The templating
+        function was triggered by the class attribute <code>class="app:test"</code>.</p>
+};
+
+declare function app:if-attribute-set($node as node(), $model as map(*), $attribute as xs:string) {
+    let $isSet :=
+        (exists($attribute) and request:get-attribute($attribute))
+    return
+        if ($isSet) then
+            templates:process($node/node(), $model)
+        else
+            ()
+};
+
+declare function app:if-attribute-unset($node as node(), $model as map(*), $attribute as xs:string) {
+    let $isSet :=
+        (exists($attribute) and request:get-attribute($attribute))
+    return
+        if (not($isSet)) then
+            templates:process($node/node(), $model)
+        else
+            ()
+};
+
+declare function app:username($node as node(), $model as map(*)) {
+    let $user:= request:get-attribute("org.exist-db.mysec.user")
+    let $name := if ($user) then sm:get-account-metadata($user, xs:anyURI('http://axschema.org/namePerson')) else 'Guest'
+    return if ($name) then $name else $user
+};
+
+declare
+    %templates:wrap
+function app:userinfo($node as node(), $model as map(*)) as map(*) {
+    let $user:= request:get-attribute("org.exist-db.mysec.user")
+    let $name := if ($user) then sm:get-account-metadata($user, xs:anyURI('http://axschema.org/namePerson')) else 'Guest'
+    let $group := if ($user) then sm:get-user-groups($user) else 'guest'
+    return
+        map { "user-id" : $user, "user-name" : $name, "user-groups" : $group}
+};
+<% } %>
diff --git a/generators/app/templates/config.xqm b/generators/app/templates/config.xqm
index 001fea7f..0cc22ba6 100755
--- a/generators/app/templates/config.xqm
+++ b/generators/app/templates/config.xqm
@@ -4,7 +4,12 @@ xquery version "3.1";
  : A set of helper functions to access the application context from
  : within a module.
  :)
+ (: TODO: module namespace seems preconfigured :)
+(: module namespace config="<%- defuri %>/<%- defcoll %>/<%- short %>/config"; :)
 
+ declare namespace templates="http://exist-db.org/xquery/templates";
+ declare namespace repo="http://exist-db.org/xquery/repo";
+ declare namespace expath="http://expath.org/ns/pkg";
 (:
     Determine the application root collection from the current module load path.
 :)
diff --git a/generators/app/templates/mysec/admin/controller.xql b/generators/app/templates/mysec/admin/controller.xql
new file mode 100644
index 00000000..e16d2b05
--- /dev/null
+++ b/generators/app/templates/mysec/admin/controller.xql
@@ -0,0 +1,77 @@
+xquery version "3.0";
+
+import module namespace login="http://exist-db.org/xquery/login" at "resource:org/exist/xquery/modules/persistentlogin/login.xql";
+import module namespace functx="http://www.functx.com";
+
+declare variable $exist:path external;
+declare variable $exist:resource external;
+declare variable $exist:controller external;
+declare variable $exist:prefix external;
+declare variable $exist:root external;
+
+declare variable $local:login_domain := "org.exist-db.mysec";
+declare variable $local:user := $local:login_domain || '.user';
+
+let $logout := request:get-parameter("logout", ())
+let $set-user := login:set-user($local:login_domain, (), false())
+return
+if ($exist:path eq '') then
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <redirect url="{request:get-uri()}/"/>
+    </dispatch>
+    
+else if (($exist:path eq "/") or ($logout)) then
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <redirect url="index.html"/>
+    </dispatch>
+    
+else if (ends-with($exist:resource, ".html")) then
+    if (request:get-attribute("org.exist-db.mysec.user")) then
+    (: the html page is run through view.xql to expand templates :)
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <view>
+            <forward url="{$exist:controller}/../modules/view.xql">
+                <set-attribute name="isAdmin" value="true"/>
+                <set-attribute name="$exist:prefix" value="{$exist:prefix}"/>
+                <set-attribute name="$exist:controller" value="{$exist:controller}"/>
+            </forward>
+        </view>
+		<error-handler>
+			<forward url="{$exist:controller}/../error-page.html" method="get"/>
+			<forward url="{$exist:controller}/../modules/view.xql"/>
+		</error-handler>
+    </dispatch>
+    else
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <!-- This forwards the entry to the content page blog.html -->
+        <forward url="{$exist:controller}/security.html"/>
+        <!-- This send the page through the templating process -->
+        <view>
+            <forward url="{$exist:controller}/../modules/view.xql">
+                <set-attribute name="$exist:prefix" value="{$exist:prefix}"/>
+                <set-attribute name="$exist:controller" value="{$exist:controller}"/>
+            </forward>
+        </view>
+        <error-handler>
+            <forward url="{$exist:controller}/../error-page.html" method="get"/>
+            <forward url="{$exist:controller}/../modules/view.xql"/>
+        </error-handler>
+    </dispatch>
+(: Resource paths starting with $shared are loaded from the shared-resources app :)
+else if (contains($exist:path, "/$shared/")) then
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <forward url="/shared-resources/{substring-after($exist:path, '/$shared/')}">
+            <set-header name="Cache-Control" value="max-age=3600, must-revalidate"/>
+        </forward>
+    </dispatch>
+else if (starts-with($exist:path, "/resources")) then
+    (: images, css are contained in the top /resources/ collection. :)
+    (: Relative path requests from sub-collections are redirected there :)
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <forward url="{$exist:controller}/../{$exist:path}"/>
+    </dispatch>
+else
+    (: everything else is passed through :)
+    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+        <cache-control cache="yes"/>
+    </dispatch>
diff --git a/generators/app/templates/mysec/admin/index.html b/generators/app/templates/mysec/admin/index.html
new file mode 100644
index 00000000..8d7ad4e7
--- /dev/null
+++ b/generators/app/templates/mysec/admin/index.html
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<div xmlns="http://www.w3.org/1999/xhtml" data-template="templates:surround" data-template-with="templates/page.html" data-template-at="content">
+    <div class="row">
+        <div class="col-md-8">
+            <div class="page-header">
+                <h1 data-template="config:app-title">Generated page</h1>
+            </div>
+            <div class="alert alert-success">
+                <p>The page template uses the <a href="http://twitter.github.com/bootstrap/">Bootstrap</a> CSS library for the page layout.</p>
+            </div>
+        </div>
+        <div class="col-md-4">
+            <h2>Application Info</h2>
+            <div data-template="config:app-info"/>
+        </div>
+    </div>
+</div>
\ No newline at end of file
diff --git a/generators/app/templates/mysec/admin/security.html b/generators/app/templates/mysec/admin/security.html
new file mode 100644
index 00000000..8d4c5c2d
--- /dev/null
+++ b/generators/app/templates/mysec/admin/security.html
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<div xmlns="http://www.w3.org/1999/xhtml" data-template="templates:surround" data-template-with="templates/page.html" data-template-at="content">
+    <div class="row">
+        <div class="col-md-8">
+            <div class="page-header">
+                <h1 data-template="config:app-title">Generated page</h1>
+            </div>
+            <div class="alert alert-danger">
+                <p>This is a protected page. You must be logged in as a user with the appropriate
+                    privileges.</p>
+            </div>
+        </div>
+        <div class="col-md-4">
+            <h2>Application Info</h2>
+            <div data-template="config:app-info"/>
+        </div>
+    </div>
+</div>
diff --git a/generators/app/templates/mysec/templates/login-panel.html b/generators/app/templates/mysec/templates/login-panel.html
new file mode 100644
index 00000000..12910bd3
--- /dev/null
+++ b/generators/app/templates/mysec/templates/login-panel.html
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<div xmlns="http://www.w3.org/1999/xhtml" class="modal fade" id="loginModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
+    <div class="modal-dialog">
+        <form method="POST" class="form-horizontal">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
+                    <h4 class="modal-title">Login</h4>
+                </div>
+                <div class="modal-body">
+                    <div class="control-group">
+                        <label class="control-label" for="user">User:</label>
+                        <div class="controls">
+                            <input type="text" name="user" required="required"/>
+                        </div>
+                    </div>
+                    <div class="control-group">
+                        <label class="control-label" for="password">Password:</label>
+                        <div class="controls">
+                            <input type="password" name="password"/>
+                        </div>
+                    </div>
+                    <div class="control-group">
+                        <div class="controls">
+                            <label class="checkbox">
+                                <input type="checkbox" name="duration" value="P14D"/> Remember me
+                                for 2 weeks </label>
+                        </div>
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <button class="btn btn-primary" type="submit">Login</button>
+                    <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
+                </div>
+            </div><!-- /.modal-content -->
+        </form>
+    </div><!-- /.modal-dialog -->
+</div>
diff --git a/generators/app/templates/mysec/templates/page.html b/generators/app/templates/mysec/templates/page.html
new file mode 100644
index 00000000..860a1331
--- /dev/null
+++ b/generators/app/templates/mysec/templates/page.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<html xmlns="http://www.w3.org/1999/xhtml">
+    <head>
+        <title data-template="config:app-title"><%- title %></title>
+        <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+        <meta data-template="config:app-meta"/>
+        <link rel="shortcut icon" href="$shared/resources/images/exist_icon_16x16.ico"/>
+        <link rel="stylesheet" type="text/css" href="$shared/resources/css/exist-2.2.css"/>
+        <link rel="stylesheet" type="text/css" href="resources/css/style.css"/>
+        <script type="text/javascript" src="$shared/resources/scripts/jquery/jquery-1.7.1.min.js"/>
+        <script type="text/javascript" src="$shared/resources/scripts/bootstrap-3.0.3.min.js"/>
+        <script type="text/javascript" src="$shared/resources/scripts/loadsource.js"/>
+    </head>
+    <body id="grey-top">
+        <div class="grey-bot">
+            <div class="container" id="main-container">
+                <div class="row">
+                    <div class="col-md-12" id="header">
+                        <a href="/" id="logo">eXistDB</a>
+                    </div>
+                </div>
+                <div class="row">
+                    <nav class="navbar navbar-default" role="navigation">
+                        <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navbar-collapse-1">
+                            <span class="sr-only">Toggle navigation</span>
+                            <span class="icon-bar"/>
+                            <span class="icon-bar"/>
+                            <span class="icon-bar"/>
+                        </button>
+                        <div class="navbar-collapse collapse" id="navbar-collapse-1">
+                            <ul class="nav navbar-nav">
+                                <li class="dropdown" id="about">
+                                    <a href="#" class="dropdown-toggle" data-toggle="dropdown">Home</a>
+                                    <ul class="dropdown-menu">
+                                        <li>
+                                            <a href="index.html">Home</a>
+                                        </li>
+                                    </ul>
+                                </li>
+                            </ul>
+                            // TODO #28
+                            <ul class="nav navbar-nav navbar-right">
+                                <li>
+                                    <a href="../">Hello  <span data-template="app:username"/>
+                                    </a>
+                                </li>
+                                <li>
+                                    <div data-template="app:if-attribute-set" data-template-attribute="org.exist-db.mysec.user">
+                                        <a href="index.html?logout=true" class="btn btn-default">×</a>
+                                    </div>
+                                    <div data-template="app:if-attribute-unset" data-template-attribute="org.exist-db.mysec.user">
+                                        <a data-toggle="modal" href="#loginModal" class="btn btn-default">Login</a>
+                                    </div>
+                                </li>
+                                <li>
+                                </li>
+                            </ul>
+                        </div>
+                    </nav>
+                </div>
+                <div id="content" class="row"/>
+            </div>
+        </div>
+        <a id="poweredby" href="http://exist-db.org"/>
+        <div id="footer">
+            <div class="container">
+                <ul>
+                    <li>
+                        <a href="http://exist-db.org">eXist-db.org</a>
+                    </li>
+                </ul>
+                <div id="copyright">
+                    <p>Copyright eXist-db Project 2013</p>
+                </div>
+            </div>
+        </div>
+        // TODO #28
+        <div data-template="templates:if-parameter-unset" data-template-param="org.exist-db.mysec.user">
+            <div data-template="templates:include" data-template-path="templates/login-panel.html"/>
+        </div>
+    </body>
+</html>

From 522a6b7369aa70da90bdb47f2019f6dc45cbb913 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Mon, 9 Dec 2019 18:15:14 +0100
Subject: [PATCH 03/10] fix(mysec): main controller edits

---
 generators/app/templates/controller.xql       |  10 ++
 .../app/templates/mysec/admin/controller.xql  | 125 +++++++++---------
 2 files changed, 75 insertions(+), 60 deletions(-)

diff --git a/generators/app/templates/controller.xql b/generators/app/templates/controller.xql
index a09b12f2..0f608f89 100755
--- a/generators/app/templates/controller.xql
+++ b/generators/app/templates/controller.xql
@@ -12,12 +12,22 @@ xquery version "3.1";
  declare namespace rest = "http://exquery.org/ns/restxq";
  <% } %>
 
+<%_ if (mysec == true) { %>
+import module namespace login="http://exist-db.org/xquery/login" at "resource:org/exist/xquery/modules/persistentlogin/login.xql";
+<% } %>
+
 declare variable $exist:path external;
 declare variable $exist:resource external;
 declare variable $exist:controller external;
 declare variable $exist:prefix external;
 declare variable $exist:root external;
 
+<%_ if (mysec == true) { %>
+let $logout := request:get-parameter("logout", ())
+let $set-user := login:set-user($local:login_domain, (), false())
+return
+<% } %>
+
 if ($exist:path eq '') then
     <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
         <redirect url="{request:get-uri()}/"/>
diff --git a/generators/app/templates/mysec/admin/controller.xql b/generators/app/templates/mysec/admin/controller.xql
index e16d2b05..539e674c 100644
--- a/generators/app/templates/mysec/admin/controller.xql
+++ b/generators/app/templates/mysec/admin/controller.xql
@@ -1,7 +1,11 @@
 xquery version "3.0";
 
+(:~ The controller library contains URL routing functions.
+ :
+ : @see http://www.exist-db.org/exist/apps/doc/urlrewrite.xml
+ :)
+
 import module namespace login="http://exist-db.org/xquery/login" at "resource:org/exist/xquery/modules/persistentlogin/login.xql";
-import module namespace functx="http://www.functx.com";
 
 declare variable $exist:path external;
 declare variable $exist:resource external;
@@ -15,63 +19,64 @@ declare variable $local:user := $local:login_domain || '.user';
 let $logout := request:get-parameter("logout", ())
 let $set-user := login:set-user($local:login_domain, (), false())
 return
-if ($exist:path eq '') then
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <redirect url="{request:get-uri()}/"/>
-    </dispatch>
-    
-else if (($exist:path eq "/") or ($logout)) then
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <redirect url="index.html"/>
-    </dispatch>
-    
-else if (ends-with($exist:resource, ".html")) then
-    if (request:get-attribute("org.exist-db.mysec.user")) then
+  if ($exist:path eq '') then
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <redirect url="{request:get-uri()}/"/>
+      </dispatch>
+  else if (($exist:path eq "/") or ($logout)) then
+    (: forward root path to index.xql :)
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <redirect url="index.html"/>
+      </dispatch>
+
+  else if (ends-with($exist:resource, ".html")) then
     (: the html page is run through view.xql to expand templates :)
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <view>
-            <forward url="{$exist:controller}/../modules/view.xql">
-                <set-attribute name="isAdmin" value="true"/>
-                <set-attribute name="$exist:prefix" value="{$exist:prefix}"/>
-                <set-attribute name="$exist:controller" value="{$exist:controller}"/>
-            </forward>
-        </view>
-		<error-handler>
-			<forward url="{$exist:controller}/../error-page.html" method="get"/>
-			<forward url="{$exist:controller}/../modules/view.xql"/>
-		</error-handler>
-    </dispatch>
-    else
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <!-- This forwards the entry to the content page blog.html -->
-        <forward url="{$exist:controller}/security.html"/>
-        <!-- This send the page through the templating process -->
-        <view>
-            <forward url="{$exist:controller}/../modules/view.xql">
-                <set-attribute name="$exist:prefix" value="{$exist:prefix}"/>
-                <set-attribute name="$exist:controller" value="{$exist:controller}"/>
-            </forward>
-        </view>
-        <error-handler>
-            <forward url="{$exist:controller}/../error-page.html" method="get"/>
-            <forward url="{$exist:controller}/../modules/view.xql"/>
-        </error-handler>
-    </dispatch>
-(: Resource paths starting with $shared are loaded from the shared-resources app :)
-else if (contains($exist:path, "/$shared/")) then
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <forward url="/shared-resources/{substring-after($exist:path, '/$shared/')}">
-            <set-header name="Cache-Control" value="max-age=3600, must-revalidate"/>
-        </forward>
-    </dispatch>
-else if (starts-with($exist:path, "/resources")) then
-    (: images, css are contained in the top /resources/ collection. :)
-    (: Relative path requests from sub-collections are redirected there :)
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <forward url="{$exist:controller}/../{$exist:path}"/>
-    </dispatch>
-else
-    (: everything else is passed through :)
-    <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
-        <cache-control cache="yes"/>
-    </dispatch>
+      if (request:get-attribute("org.exist-db.mysec.user")) then
+      (: secured area checks user status :)
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <view>
+              <forward url="{$exist:controller}/../modules/view.xql">
+                  <set-attribute name="isAdmin" value="true"/>
+                  <set-attribute name="$exist:prefix" value="{$exist:prefix}"/>
+                  <set-attribute name="$exist:controller" value="{$exist:controller}"/>
+              </forward>
+          </view>
+  		<error-handler>
+  			<forward url="{$exist:controller}/../error-page.html" method="get"/>
+  			<forward url="{$exist:controller}/../modules/view.xql"/>
+  		</error-handler>
+      </dispatch>
+      else
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <!-- This forwards the entry to the content page blog.html -->
+          <forward url="{$exist:controller}/security.html"/>
+          <!-- This send the page through the templating process -->
+          <view>
+              <forward url="{$exist:controller}/../modules/view.xql">
+                  <set-attribute name="$exist:prefix" value="{$exist:prefix}"/>
+                  <set-attribute name="$exist:controller" value="{$exist:controller}"/>
+              </forward>
+          </view>
+          <error-handler>
+              <forward url="{$exist:controller}/../error-page.html" method="get"/>
+              <forward url="{$exist:controller}/../modules/view.xql"/>
+          </error-handler>
+      </dispatch>
+  (: Resource paths starting with $shared are loaded from the shared-resources app :)
+  else if (contains($exist:path, "/$shared/")) then
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <forward url="/shared-resources/{substring-after($exist:path, '/$shared/')}">
+              <set-header name="Cache-Control" value="max-age=3600, must-revalidate"/>
+          </forward>
+      </dispatch>
+  else if (starts-with($exist:path, "/resources")) then
+      (: images, css are contained in the top /resources/ collection. :)
+      (: Relative path requests from sub-collections are redirected there :)
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <forward url="{$exist:controller}/../{$exist:path}"/>
+      </dispatch>
+  else
+      (: everything else is passed through :)
+      <dispatch xmlns="http://exist.sourceforge.net/NS/exist">
+          <cache-control cache="yes"/>
+      </dispatch>

From 4d3e4ea5c0cf550693b7e6de5c924374a3af7f80 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Mon, 9 Dec 2019 21:07:12 +0100
Subject: [PATCH 04/10] fix(index) hook up app and controller processing

---
 generators/app/index.js                 | 6 ++++--
 generators/app/templates/app.xql        | 2 +-
 generators/app/templates/controller.xql | 8 ++++----
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/generators/app/index.js b/generators/app/index.js
index b331bd49..2c09f2be 100644
--- a/generators/app/index.js
+++ b/generators/app/index.js
@@ -559,7 +559,8 @@ module.exports = class extends Generator {
       this.fs.copyTpl(
         this.templatePath('controller.xql'),
         this.destinationPath('controller.xql'), {
-          apptype: this.props.apptype[0]
+          apptype: this.props.apptype[0],
+          mysec: this.props.mysec
         })
 
       this.fs.copyTpl(
@@ -581,7 +582,8 @@ module.exports = class extends Generator {
           version: this.props.version,
           author: this.props.author,
           website: this.props.website,
-          title: this.props.title
+          title: this.props.title,
+          mysec: this.props.mysec
         })
       this.fs.copyTpl(
         this.templatePath('config.xqm'),
diff --git a/generators/app/templates/app.xql b/generators/app/templates/app.xql
index 874e8f3d..64681230 100755
--- a/generators/app/templates/app.xql
+++ b/generators/app/templates/app.xql
@@ -28,7 +28,7 @@ declare
 function app:foo($node as node(), $model as map(*)) {
     <p>Dummy templating function.</p>
 };
- <%_ if (mysec == true) { %>
+ <%_ if (mysec) { %>
 declare function app:test($node as node(), $model as map(*)) {
     <p>Dummy template output generated by function app:test at {current-dateTime()}. The templating
         function was triggered by the class attribute <code>class="app:test"</code>.</p>
diff --git a/generators/app/templates/controller.xql b/generators/app/templates/controller.xql
index 0f608f89..d13fdf60 100755
--- a/generators/app/templates/controller.xql
+++ b/generators/app/templates/controller.xql
@@ -10,11 +10,11 @@ xquery version "3.1";
  declare namespace control = "http://exist-db.org/apps/dashboard/controller";
  declare namespace output = "http://exquery.org/ns/rest/annotation/output";
  declare namespace rest = "http://exquery.org/ns/restxq";
- <% } %>
+ <% } -%>
 
-<%_ if (mysec == true) { %>
+<%_ if (mysec) { %>
 import module namespace login="http://exist-db.org/xquery/login" at "resource:org/exist/xquery/modules/persistentlogin/login.xql";
-<% } %>
+<% } -%>
 
 declare variable $exist:path external;
 declare variable $exist:resource external;
@@ -22,7 +22,7 @@ declare variable $exist:controller external;
 declare variable $exist:prefix external;
 declare variable $exist:root external;
 
-<%_ if (mysec == true) { %>
+<%_ if (mysec) { %>
 let $logout := request:get-parameter("logout", ())
 let $set-user := login:set-user($local:login_domain, (), false())
 return

From e4671b16d5936e4343a3eb43260c2c618d2970c2 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Mon, 9 Dec 2019 23:58:15 +0100
Subject: [PATCH 05/10] fix(index): more hookups

---
 generators/app/index.js                       | 17 +++-
 generators/app/templates/app.xql              |  2 +-
 .../app/templates/exist-design/page.html      | 23 ++++++
 .../app/templates/exist-plain/page.html       | 27 +++++-
 .../app/templates/mysec/templates/page.html   | 82 -------------------
 5 files changed, 64 insertions(+), 87 deletions(-)
 delete mode 100644 generators/app/templates/mysec/templates/page.html

diff --git a/generators/app/index.js b/generators/app/index.js
index 2c09f2be..08c8f9ee 100644
--- a/generators/app/index.js
+++ b/generators/app/index.js
@@ -508,6 +508,17 @@ module.exports = class extends Generator {
           apptype: this.props.apptype[0]
         })
     }
+    // msyec
+    if (this.props.mysec) {
+      this.fs.copy(
+        this.templatePath('mysec/admin/**'),
+        this.destinationPath('admin/')
+      )
+      this.fs.copy(
+        this.templatePath('mysec/templates/**'),
+        this.destinationPath('templates/')
+      )
+    }
     // distinct contents (flexible)
     switch (this.props.apptype[0]) {
       case 'exist-design':
@@ -628,14 +639,16 @@ module.exports = class extends Generator {
           this.fs.copyTpl(
             this.templatePath('exist-design/page.html'),
             this.destinationPath('templates/page.html'), {
-              title: this.props.title
+              title: this.props.title,
+              mysec: this.props.mysec
             })
           break
         case 'plain':
           this.fs.copyTpl(
             this.templatePath('exist-plain/page.html'),
             this.destinationPath('templates/page.html'), {
-              title: this.props.title
+              title: this.props.title,
+              mysec: this.props.mysec
             })
           break
         default:
diff --git a/generators/app/templates/app.xql b/generators/app/templates/app.xql
index 64681230..492400ae 100755
--- a/generators/app/templates/app.xql
+++ b/generators/app/templates/app.xql
@@ -28,7 +28,7 @@ declare
 function app:foo($node as node(), $model as map(*)) {
     <p>Dummy templating function.</p>
 };
- <%_ if (mysec) { %>
+<%_ if (mysec) { %>
 declare function app:test($node as node(), $model as map(*)) {
     <p>Dummy template output generated by function app:test at {current-dateTime()}. The templating
         function was triggered by the class attribute <code>class="app:test"</code>.</p>
diff --git a/generators/app/templates/exist-design/page.html b/generators/app/templates/exist-design/page.html
index e06eeaa6..90560958 100755
--- a/generators/app/templates/exist-design/page.html
+++ b/generators/app/templates/exist-design/page.html
@@ -38,6 +38,24 @@
                                     </ul>
                                 </li>
                             </ul>
+                            <%_ if (mysec) { %>
+                            <ul class="nav navbar-nav navbar-right">
+                                <li>
+                                    <a href="../">Hello  <span data-template="app:username"/>
+                                    </a>
+                                </li>
+                                <li>
+                                    <div data-template="app:if-attribute-set" data-template-attribute="org.exist-db.mysec.user">
+                                        <a href="index.html?logout=true" class="btn btn-default">×</a>
+                                    </div>
+                                    <div data-template="app:if-attribute-unset" data-template-attribute="org.exist-db.mysec.user">
+                                        <a data-toggle="modal" href="#loginModal" class="btn btn-default">Login</a>
+                                    </div>
+                                </li>
+                                <li>
+                                </li>
+                            </ul>
+                            <% } -%>
                         </div>
                     </nav>
                 </div>
@@ -57,5 +75,10 @@
                 </div>
             </div>
         </div>
+        <%_ if (mysec) { %>
+        <div data-template="templates:if-parameter-unset" data-template-param="org.exist-db.mysec.user">
+            <div data-template="templates:include" data-template-path="templates/login-panel.html"/>
+        </div>
+        <% } -%>
     </body>
 </html>
diff --git a/generators/app/templates/exist-plain/page.html b/generators/app/templates/exist-plain/page.html
index 90ffee62..89055527 100755
--- a/generators/app/templates/exist-plain/page.html
+++ b/generators/app/templates/exist-plain/page.html
@@ -9,7 +9,7 @@
         <link rel="stylesheet" type="text/css" href="resources/css/style.css"/>
         <script type="text/javascript" src="$shared/resources/scripts/jquery/jquery-1.7.1.min.js"/>
         <script type="text/javascript" src="$shared/resources/scripts/bootstrap-3.0.3.min.js"/>
-        <script type="text/javascript" src="$shared/resources/scripts/loadsource.js"/>        
+        <script type="text/javascript" src="$shared/resources/scripts/loadsource.js"/>
     </head>
     <body id="body">
         <nav class="navbar navbar-default" role="navigation">
@@ -31,6 +31,24 @@
                                 <a href="index.html">Home</a>
                             </li>
                         </ul>
+                        <%_ if (mysec) { %>
+                        <ul class="nav navbar-nav navbar-right">
+                            <li>
+                                <a href="../">Hello  <span data-template="app:username"/>
+                                </a>
+                            </li>
+                            <li>
+                                <div data-template="app:if-attribute-set" data-template-attribute="org.exist-db.mysec.user">
+                                    <a href="index.html?logout=true" class="btn btn-default">×</a>
+                                </div>
+                                <div data-template="app:if-attribute-unset" data-template-attribute="org.exist-db.mysec.user">
+                                    <a data-toggle="modal" href="#loginModal" class="btn btn-default">Login</a>
+                                </div>
+                            </li>
+                            <li>
+                            </li>
+                        </ul>
+                        <% } -%>
                     </li>
                 </ul>
             </div>
@@ -41,5 +59,10 @@
                 <img src="$shared/resources/images/powered-by.svg" alt="Powered by eXist-db"/>
             </a>
         </footer>
+        <%_ if (mysec) { %>
+        <div data-template="templates:if-parameter-unset" data-template-param="org.exist-db.mysec.user">
+            <div data-template="templates:include" data-template-path="templates/login-panel.html"/>
+        </div>
+        <% } -%>
     </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/generators/app/templates/mysec/templates/page.html b/generators/app/templates/mysec/templates/page.html
deleted file mode 100644
index 860a1331..00000000
--- a/generators/app/templates/mysec/templates/page.html
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<html xmlns="http://www.w3.org/1999/xhtml">
-    <head>
-        <title data-template="config:app-title"><%- title %></title>
-        <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
-        <meta data-template="config:app-meta"/>
-        <link rel="shortcut icon" href="$shared/resources/images/exist_icon_16x16.ico"/>
-        <link rel="stylesheet" type="text/css" href="$shared/resources/css/exist-2.2.css"/>
-        <link rel="stylesheet" type="text/css" href="resources/css/style.css"/>
-        <script type="text/javascript" src="$shared/resources/scripts/jquery/jquery-1.7.1.min.js"/>
-        <script type="text/javascript" src="$shared/resources/scripts/bootstrap-3.0.3.min.js"/>
-        <script type="text/javascript" src="$shared/resources/scripts/loadsource.js"/>
-    </head>
-    <body id="grey-top">
-        <div class="grey-bot">
-            <div class="container" id="main-container">
-                <div class="row">
-                    <div class="col-md-12" id="header">
-                        <a href="/" id="logo">eXistDB</a>
-                    </div>
-                </div>
-                <div class="row">
-                    <nav class="navbar navbar-default" role="navigation">
-                        <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navbar-collapse-1">
-                            <span class="sr-only">Toggle navigation</span>
-                            <span class="icon-bar"/>
-                            <span class="icon-bar"/>
-                            <span class="icon-bar"/>
-                        </button>
-                        <div class="navbar-collapse collapse" id="navbar-collapse-1">
-                            <ul class="nav navbar-nav">
-                                <li class="dropdown" id="about">
-                                    <a href="#" class="dropdown-toggle" data-toggle="dropdown">Home</a>
-                                    <ul class="dropdown-menu">
-                                        <li>
-                                            <a href="index.html">Home</a>
-                                        </li>
-                                    </ul>
-                                </li>
-                            </ul>
-                            // TODO #28
-                            <ul class="nav navbar-nav navbar-right">
-                                <li>
-                                    <a href="../">Hello  <span data-template="app:username"/>
-                                    </a>
-                                </li>
-                                <li>
-                                    <div data-template="app:if-attribute-set" data-template-attribute="org.exist-db.mysec.user">
-                                        <a href="index.html?logout=true" class="btn btn-default">×</a>
-                                    </div>
-                                    <div data-template="app:if-attribute-unset" data-template-attribute="org.exist-db.mysec.user">
-                                        <a data-toggle="modal" href="#loginModal" class="btn btn-default">Login</a>
-                                    </div>
-                                </li>
-                                <li>
-                                </li>
-                            </ul>
-                        </div>
-                    </nav>
-                </div>
-                <div id="content" class="row"/>
-            </div>
-        </div>
-        <a id="poweredby" href="http://exist-db.org"/>
-        <div id="footer">
-            <div class="container">
-                <ul>
-                    <li>
-                        <a href="http://exist-db.org">eXist-db.org</a>
-                    </li>
-                </ul>
-                <div id="copyright">
-                    <p>Copyright eXist-db Project 2013</p>
-                </div>
-            </div>
-        </div>
-        // TODO #28
-        <div data-template="templates:if-parameter-unset" data-template-param="org.exist-db.mysec.user">
-            <div data-template="templates:include" data-template-path="templates/login-panel.html"/>
-        </div>
-    </body>
-</html>

From 72ebf9cc819618f78626bed2e8a6fb8fcf2c7bf1 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Tue, 10 Dec 2019 00:05:15 +0100
Subject: [PATCH 06/10] test(mysec): first pass unit test

---
 generators/app/index.js         | 10 ++---
 test/generated-pkg/app-mysec.js | 75 +++++++++++++++++++++++++++++++++
 2 files changed, 78 insertions(+), 7 deletions(-)
 create mode 100644 test/generated-pkg/app-mysec.js

diff --git a/generators/app/index.js b/generators/app/index.js
index 08c8f9ee..4bf18b60 100644
--- a/generators/app/index.js
+++ b/generators/app/index.js
@@ -508,15 +508,11 @@ module.exports = class extends Generator {
           apptype: this.props.apptype[0]
         })
     }
-    // msyec
+    // secure area (mysec)
     if (this.props.mysec) {
       this.fs.copy(
-        this.templatePath('mysec/admin/**'),
-        this.destinationPath('admin/')
-      )
-      this.fs.copy(
-        this.templatePath('mysec/templates/**'),
-        this.destinationPath('templates/')
+        this.templatePath('mysec/**'),
+        this.destinationPath('')
       )
     }
     // distinct contents (flexible)
diff --git a/test/generated-pkg/app-mysec.js b/test/generated-pkg/app-mysec.js
new file mode 100644
index 00000000..41672f36
--- /dev/null
+++ b/test/generated-pkg/app-mysec.js
@@ -0,0 +1,75 @@
+'use strict'
+const path = require('path')
+const assert = require('yeoman-assert')
+const helpers = require('yeoman-test')
+const fs = require('fs-extra')
+
+describe('eXide style …', function () {
+  before(function () {
+    this.timeout(10000)
+    return helpers.run(path.join(__dirname, '../../generators/app'))
+      .withPrompts({
+        title: 'foo',
+        author: 'tester',
+        email: 'te@st.er',
+        apptype: ['exist-design', 'application'],
+        mysec: true,
+        pre: true,
+        post: false,
+        github: false,
+        setperm: false,
+        atom: false
+      })
+      .then(function (done) {
+        return assert.noFile('readme.md')
+        done()
+      })
+  })
+
+  describe('secure exist design has …', function () {
+    it('default files', function (done) {
+      assert.file(['admin/controller.xql', 'templates/login-panel.html', 'pre-install.xql', 'modules/test-suite.xql'])
+      done()
+    })
+
+    it('expanded title on index.html', function (done) {
+      assert.fileContent('templates/page.html', 'foo')
+      done()
+    })
+
+    it('expanded title in repo.xml', function (done) {
+      assert.fileContent('repo.xml', /<target>foo<\/target>/)
+      done()
+    })
+  })
+
+  describe('markup files are well-formed', function () {
+    return require('../util/app').checkWellFormed()
+  })
+
+  // !! this should stay in yo's generator test only !!
+  // Different editors use different settings
+  describe('xml looks good', function () {
+    return require('../util/gulp-ews').prettyDataEWS()
+  })
+
+  describe('app meta-data', function () {
+    return require('../util/consistency').isConsistent()
+  })
+
+  describe('test_suite has …', function () {
+    return require('../util/meta-test').metaTest()
+  })
+
+  // Checking Xquery files requires updates to xqlint
+  // it('linted XQuery', function () {
+  //   let xq = fs.readFileSync('modules/app.xql')
+  //   let xql = new xmldoc.XmlDocument(xq).toString()
+  //   expect(doc).xml.to.be.valid()
+  // })
+
+  after('teardown', function (done) {
+    fs.emptyDirSync(process.cwd())
+    done()
+  })
+})

From ef3ec49ed052ee57f7684d64887641e627f8ca3e Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Tue, 10 Dec 2019 13:25:39 +0100
Subject: [PATCH 07/10] cleanup(codacy): js style improvements

---
 generators/app/templates/tests/integration/dashboard_spec.js | 1 +
 generators/app/templates/tests/integration/homepage_spec.js  | 1 +
 test/generated-pkg/app-eXide-default.js                      | 1 -
 test/generated-pkg/app-eXide-plain.js                        | 1 -
 test/generated-pkg/app-empty.js                              | 1 -
 test/generated-pkg/app-lib.js                                | 1 -
 test/generated-pkg/app-mysec.js                              | 1 -
 test/generated-pkg/app-polymer-app.js                        | 1 -
 test/generated-pkg/app-polymer-element.js                    | 1 -
 test/util/consistency.js                                     | 1 -
 test/util/meta-test.js                                       | 3 ---
 11 files changed, 2 insertions(+), 11 deletions(-)

diff --git a/generators/app/templates/tests/integration/dashboard_spec.js b/generators/app/templates/tests/integration/dashboard_spec.js
index 59611181..3fe00ecf 100644
--- a/generators/app/templates/tests/integration/dashboard_spec.js
+++ b/generators/app/templates/tests/integration/dashboard_spec.js
@@ -1,3 +1,4 @@
+/* global cy */
 describe('The dashboard', function () {
   it('should load with app link', function () {
     // Go to Dashboad
diff --git a/generators/app/templates/tests/integration/homepage_spec.js b/generators/app/templates/tests/integration/homepage_spec.js
index c5efcd6e..4feea55e 100644
--- a/generators/app/templates/tests/integration/homepage_spec.js
+++ b/generators/app/templates/tests/integration/homepage_spec.js
@@ -1,3 +1,4 @@
+/* global cy */
 describe('The Homepage', function () {
   it('should load ', function () {
     cy.visit('/exist//<%- defcoll %>/<%- short %>/index.html')
diff --git a/test/generated-pkg/app-eXide-default.js b/test/generated-pkg/app-eXide-default.js
index ef1a81f6..f15e49b9 100644
--- a/test/generated-pkg/app-eXide-default.js
+++ b/test/generated-pkg/app-eXide-default.js
@@ -21,7 +21,6 @@ describe('eXide style …', function () {
       })
       .then(function (done) {
         return assert.noFile('readme.md')
-        done()
       })
   })
 
diff --git a/test/generated-pkg/app-eXide-plain.js b/test/generated-pkg/app-eXide-plain.js
index cb8d3f9b..83d8f798 100644
--- a/test/generated-pkg/app-eXide-plain.js
+++ b/test/generated-pkg/app-eXide-plain.js
@@ -21,7 +21,6 @@ describe('eXide plain app', function () {
       })
       .then(function (done) {
         return assert.noFile(['resources/images/bold.gif', 'pre-install.xql'])
-        done()
       })
   })
 
diff --git a/test/generated-pkg/app-empty.js b/test/generated-pkg/app-empty.js
index 16ac234e..38244b81 100644
--- a/test/generated-pkg/app-empty.js
+++ b/test/generated-pkg/app-empty.js
@@ -21,7 +21,6 @@ describe('empty package', function () {
       })
       .then(function (done) {
         return assert.noFile(['modules/app.xql', 'templates/page.html'])
-        done()
       })
   })
 
diff --git a/test/generated-pkg/app-lib.js b/test/generated-pkg/app-lib.js
index ecd74363..7471c601 100644
--- a/test/generated-pkg/app-lib.js
+++ b/test/generated-pkg/app-lib.js
@@ -21,7 +21,6 @@ describe('library package', function () {
       })
       .then(function (done) {
         return assert.noFile(['modules/app.xql', 'templates/page.html', 'reports/screenshots/.gitkeep', 'controller.xql'])
-        done()
       })
   })
 
diff --git a/test/generated-pkg/app-mysec.js b/test/generated-pkg/app-mysec.js
index 41672f36..f315fdc5 100644
--- a/test/generated-pkg/app-mysec.js
+++ b/test/generated-pkg/app-mysec.js
@@ -22,7 +22,6 @@ describe('eXide style …', function () {
       })
       .then(function (done) {
         return assert.noFile('readme.md')
-        done()
       })
   })
 
diff --git a/test/generated-pkg/app-polymer-app.js b/test/generated-pkg/app-polymer-app.js
index 1691015d..bbff5848 100644
--- a/test/generated-pkg/app-polymer-app.js
+++ b/test/generated-pkg/app-polymer-app.js
@@ -23,7 +23,6 @@ describe('polymer element', function () {
       })
       .then(function (done) {
         return assert.noFile(['templates/page.html', 'error-page.html', 'test/index.html'])
-        done()
       })
   })
 
diff --git a/test/generated-pkg/app-polymer-element.js b/test/generated-pkg/app-polymer-element.js
index b641be25..9593f822 100644
--- a/test/generated-pkg/app-polymer-element.js
+++ b/test/generated-pkg/app-polymer-element.js
@@ -26,7 +26,6 @@ describe('polymer element', function () {
       })
       .then(function (done) {
         return assert.noFile(['templates/page.html', 'error-page.html'])
-        done()
       })
   })
 
diff --git a/test/util/consistency.js b/test/util/consistency.js
index 7b4c5246..d6ab09df 100644
--- a/test/util/consistency.js
+++ b/test/util/consistency.js
@@ -3,7 +3,6 @@ exports.isConsistent = function () {
   const chaiXml = require('chai-xml')
   const expect = require('chai').expect
   const fs = require('fs-extra')
-  const glob = require('glob')
   const xmldoc = require('xmldoc')
   const assert = require('yeoman-assert')
 
diff --git a/test/util/meta-test.js b/test/util/meta-test.js
index 9936870d..90d4805b 100644
--- a/test/util/meta-test.js
+++ b/test/util/meta-test.js
@@ -1,8 +1,5 @@
 exports.metaTest = function () {
-  const path = require('path')
   const assert = require('yeoman-assert')
-  const helpers = require('yeoman-test')
-  const fs = require('fs-extra')
 
   it('unit-tests', function (done) {
     assert.file(['test/mocha/app.js', 'test/mocha/xqSuite.js'])

From ad1edcf2fc33c11a94a3c510817ada6a20e203e5 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Tue, 10 Dec 2019 14:12:02 +0100
Subject: [PATCH 08/10] ignore(md): linting

---
 README.md                                       | 1 -
 generators/app/templates/github/contributing.md | 3 +--
 generators/app/templates/github/readme.md       | 1 -
 3 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/README.md b/README.md
index d9fd2f64..317fa93d 100644
--- a/README.md
+++ b/README.md
@@ -63,7 +63,6 @@ If you want to contribute another template or option, please take a look at the
 
 MIT © [Duncan Paterson](https://github.com/duncdrum)
 
-
 [npm-image]: https://badge.fury.io/js/%40existdb%2Fgenerator-exist.svg
 [npm-url]: https://www.npmjs.com/package/@existdb/generator-exist
 [travis-image]: https://travis-ci.com/eXist-db/generator-exist.svg?token=qpLmm7SAUYJsXY8vZsRs&branch=master
diff --git a/generators/app/templates/github/contributing.md b/generators/app/templates/github/contributing.md
index f4ef3efd..404e49e2 100644
--- a/generators/app/templates/github/contributing.md
+++ b/generators/app/templates/github/contributing.md
@@ -1,6 +1,6 @@
 # Contributing
 
-:balloon: First off, thank you for considering contributing to <%- title %>. :balloon: 
+:balloon: First off, thank you for considering contributing to <%- title %>. :balloon:
 
 All pull-requests are welcome. File a bug report, fix a typo, improve the documentation, or add a new feature. All are helpful, and make <%- title %> better.
 
@@ -13,7 +13,6 @@ Please have a quick look at these guidelines to help both you and the developers
 
 If this is your first time contributing to a project you might want to take a look [here](https://egghead.io/courses/how-to-contribute-to-an-open-source-project-on-github).
 
-
 ## Getting started
 1.  Create your own fork of the code.
 2.  Do the changes in your fork.
diff --git a/generators/app/templates/github/readme.md b/generators/app/templates/github/readme.md
index bc3ecf22..7cdcf19b 100644
--- a/generators/app/templates/github/readme.md
+++ b/generators/app/templates/github/readme.md
@@ -106,7 +106,6 @@ You can take a look at the [Contribution guidelines for this project](.github/CO
 
 <%- license %> © [<%- author %>](<%- website %>)
 
-
 [license-img]: https://img.shields.io/badge/license-<%- badge %>-blue.svg
 [license-url]: <%- badgelink %>
 [release-img]: https://img.shields.io/badge/release-<%- version %>-green.svg

From a6b81e4176bc61e67c0a95c6a9baa30953ac8cef Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Tue, 10 Dec 2019 14:38:28 +0100
Subject: [PATCH 09/10] test(mysec): more specific test conditions

---
 test/generated-pkg/app-mysec.js | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/test/generated-pkg/app-mysec.js b/test/generated-pkg/app-mysec.js
index f315fdc5..762cf230 100644
--- a/test/generated-pkg/app-mysec.js
+++ b/test/generated-pkg/app-mysec.js
@@ -26,13 +26,13 @@ describe('eXide style …', function () {
   })
 
   describe('secure exist design has …', function () {
-    it('default files', function (done) {
+    it('default files and restricted area', function (done) {
       assert.file(['admin/controller.xql', 'templates/login-panel.html', 'pre-install.xql', 'modules/test-suite.xql'])
       done()
     })
 
-    it('expanded title on index.html', function (done) {
-      assert.fileContent('templates/page.html', 'foo')
+    it('login section on index.html', function (done) {
+      assert.fileContent('templates/page.html', 'org.exist-db.mysec.user')
       done()
     })
 
@@ -60,13 +60,6 @@ describe('eXide style …', function () {
     return require('../util/meta-test').metaTest()
   })
 
-  // Checking Xquery files requires updates to xqlint
-  // it('linted XQuery', function () {
-  //   let xq = fs.readFileSync('modules/app.xql')
-  //   let xql = new xmldoc.XmlDocument(xq).toString()
-  //   expect(doc).xml.to.be.valid()
-  // })
-
   after('teardown', function (done) {
     fs.emptyDirSync(process.cwd())
     done()

From d72979f810bb91f0f58d4f9c8070b5cf825702d8 Mon Sep 17 00:00:00 2001
From: duncdrum <d.paterson@me.com>
Date: Tue, 10 Dec 2019 15:31:10 +0100
Subject: [PATCH 10/10] fix(mysec): include droped variables

---
 generators/app/templates/config.xqm     | 10 +++++-----
 generators/app/templates/controller.xql |  3 +++
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/generators/app/templates/config.xqm b/generators/app/templates/config.xqm
index 0cc22ba6..1b13342a 100755
--- a/generators/app/templates/config.xqm
+++ b/generators/app/templates/config.xqm
@@ -4,12 +4,12 @@ xquery version "3.1";
  : A set of helper functions to access the application context from
  : within a module.
  :)
- (: TODO: module namespace seems preconfigured :)
-(: module namespace config="<%- defuri %>/<%- defcoll %>/<%- short %>/config"; :)
 
- declare namespace templates="http://exist-db.org/xquery/templates";
- declare namespace repo="http://exist-db.org/xquery/repo";
- declare namespace expath="http://expath.org/ns/pkg";
+module namespace config="<%- defuri %>/<%- defcoll %>/<%- short %>/config";
+
+declare namespace templates="http://exist-db.org/xquery/templates";
+declare namespace repo="http://exist-db.org/xquery/repo";
+declare namespace expath="http://expath.org/ns/pkg";
 (:
     Determine the application root collection from the current module load path.
 :)
diff --git a/generators/app/templates/controller.xql b/generators/app/templates/controller.xql
index d13fdf60..39ca3ce5 100755
--- a/generators/app/templates/controller.xql
+++ b/generators/app/templates/controller.xql
@@ -23,6 +23,9 @@ declare variable $exist:prefix external;
 declare variable $exist:root external;
 
 <%_ if (mysec) { %>
+declare variable $local:login_domain := "org.exist-db.mysec";
+declare variable $local:user := $local:login_domain || '.user';
+
 let $logout := request:get-parameter("logout", ())
 let $set-user := login:set-user($local:login_domain, (), false())
 return