joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add account unlock on password reset (#7146)

Browse Source 
* added account unlock on password reset

* added account policy option

* added changelog entry

* Added docs entry

* moved changelog entry to correct position

* improved tests to ensure requesting password reset email does not unlock account

* run prettier
This commit is contained in:
Manuel
2021-02-01 01:07:04 +01:00
committed by GitHub
parent 25fb576776
commit 08b2ea45b0
9 changed files with 171 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/Controllers/UserController.js
View File

@@ -4,6 +4,7 @@ import AdaptableController from './AdaptableController';
import MailAdapter from '../Adapters/Email/MailAdapter';
import rest from '../rest';
import Parse from 'parse/node';
import AccountLockout from '../AccountLockout';
var RestQuery = require('../RestQuery');
var Auth = require('../Auth');
@@ -258,7 +259,11 @@ export class UserController extends AdaptableController {
updatePassword(username, token, password) {
return this.checkResetTokenValidity(username, token)
.then(user => updateUserPassword(user.objectId, password, this.config))
.then(user => updateUserPassword(user, password, this.config))
.then(user => {
const accountLockoutPolicy = new AccountLockout(user, this.config);
return accountLockoutPolicy.unlockAccount();
})
.catch(error => {
if (error && error.message) {
// in case of Parse.Error, fail with the error message only
@@ -302,16 +307,16 @@ export class UserController extends AdaptableController {
}
// Mark this private
function updateUserPassword(userId, password, config) {
function updateUserPassword(user, password, config) {
return rest.update(
config,
Auth.master(config),
'_User',
{ objectId: userId },
{ objectId: user.objectId },
{
password: password,
}
);
).then(() => user);
}
function buildEmailLink(destination, username, token, config) {