joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Parse Server option emailVerifyTokenReuseIfValid: true generates new token on every email verification request (#8885)

Browse Source
This commit is contained in:
Manuel
2024-01-14 01:37:20 +01:00
committed by GitHub
parent 4aba66c620
commit 0023ce448a
3 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
spec/EmailVerificationToken.spec.js
View File

@@ -897,7 +897,7 @@ describe('Email Verification Token Expiration: ', () => {
const config = Config.get('test'); const config = Config.get('test');
const [userBeforeRequest] = await config.database.find('_User', { const [userBeforeRequest] = await config.database.find('_User', {
username: 'resends_verification_token', username: 'resends_verification_token',
}); }, {}, Auth.maintenance(config));
// store this user before we make our email request // store this user before we make our email request
expect(sendVerificationEmailCallCount).toBe(1); expect(sendVerificationEmailCallCount).toBe(1);
await new Promise(resolve => { await new Promise(resolve => {
@@ -923,14 +923,14 @@ describe('Email Verification Token Expiration: ', () => {
const [userAfterRequest] = await config.database.find('_User', { const [userAfterRequest] = await config.database.find('_User', {
username: 'resends_verification_token', username: 'resends_verification_token',
}); }, {}, Auth.maintenance(config));
// verify that our token & expiration has been changed for this new request // Verify that token & expiration haven't been changed for this new request
expect(typeof userAfterRequest).toBe('object'); expect(typeof userAfterRequest).toBe('object');
expect(userBeforeRequest._email_verify_token).toBeDefined();
expect(userBeforeRequest._email_verify_token).toEqual(userAfterRequest._email_verify_token); expect(userBeforeRequest._email_verify_token).toEqual(userAfterRequest._email_verify_token);
expect(userBeforeRequest._email_verify_token_expires_at).toEqual( expect(userBeforeRequest._email_verify_token_expires_at).toBeDefined();
userAfterRequest._email_verify_token_expires_at expect(userBeforeRequest._email_verify_token_expires_at).toEqual(userAfterRequest._email_verify_token_expires_at);
);
done(); done();
}); });

2
src/Controllers/UserController.js
View File

@@ -209,7 +209,7 @@ export class UserController extends AdaptableController {
_email_verify_token && _email_verify_token &&
new Date() < new Date(_email_verify_token_expires_at) new Date() < new Date(_email_verify_token_expires_at)
) { ) {
return Promise.resolve(); return Promise.resolve(true);
} }
const shouldSend = await this.setEmailVerifyToken(user, { const shouldSend = await this.setEmailVerifyToken(user, {
object: Parse.User.fromJSON(Object.assign({ className: '_User' }, user)), object: Parse.User.fromJSON(Object.assign({ className: '_User' }, user)),

2
src/Routers/UsersRouter.js
View File

@@ -476,7 +476,7 @@ export class UsersRouter extends ClassesRouter {
); );
} }
const results = await req.config.database.find('_User', { email: email }); const results = await req.config.database.find('_User', { email: email }, {}, Auth.maintenance(req.config));
if (!results.length || results.length < 1) { if (!results.length || results.length < 1) {
throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `No user found with email ${email}`); throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `No user found with email ${email}`);
} }