صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
wiki
/
weseek__growi
mirrorاز https://github.com/weseek/growi
2
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
فهرست منبع

Merge pull request #4075 from weseek/imprv/gw6850-using-link-with-one-time-token

be able to access password reset execution form with one-time-URL
cao 4 سال پیش
والد
0c82220093 a298ce3f72
کامیت
44515d426d
2فایلهای تغییر یافته به همراه14 افزوده شده و 12 حذف شده
مشاهده تقسیم شده نمایش آمار تفاوت ها
  1. 12 10
      src/server/routes/forgot-password.js
  2. 2 2
      src/server/routes/index.js

+ 12 - 10
src/server/routes/forgot-password.js
مشاهده فایل 

@@ -3,7 +3,7 @@ const ApiResponse = require('../util/apiResponse');
 
 
 module.exports = function(crowi, app) {
 
   const PasswordResetOrder = crowi.model('PasswordResetOrder');
 
-  const { /* appService, */ mailService, configManager } = crowi;
 
+  const { appService, mailService, configManager } = crowi;
 
   const path = require('path');
 
   const actions = {};
 
   const api = {};
 
@@ -18,17 +18,16 @@ module.exports = function(crowi, app) {
 
   };
 
 
 
-  async function sendPasswordResetEmail(email, i18n) {
 
+  async function sendPasswordResetEmail(email, url, i18n) {
 
     return mailService.send({
 
       to: email,
 
       subject: 'Password Reset',
 
       template: path.join(crowi.localeDir, `${i18n}/notifications/passwordReset.txt`),
 
-      // TODO: need to set appropriate values by GW-6828
 
-      // vars: {
 
-      //   appTitle: appService.getAppTitle(),
 
-      //   email: 'hoge@gmail.com',
 
-      //   url: 'https://www.google.com/',
 
-      // },
 
+      vars: {
 
+        appTitle: appService.getAppTitle(),
 
+        email,
 
+        url,
 
+      },
 
     });
 
   }
 
 
@@ -36,10 +35,13 @@ module.exports = function(crowi, app) {
 
     const { email } = req.body;
 
     const grobalLang = configManager.getConfig('crowi', 'app:globalLang');
 
     const i18n = req.language || grobalLang;
 
+    const appUrl = appService.getSiteUrl();
 
 
     try {
 
-      await PasswordResetOrder.createPasswordResetOrder(email);
 
-      await sendPasswordResetEmail(email, i18n);
 
+      const passwordResetOrderData = await PasswordResetOrder.createPasswordResetOrder(email);
 
+      const url = new URL(`/forgot-password/token?${passwordResetOrderData.token}`, appUrl);
 
+      const oneTimeUrl = url.href;
 
+      await sendPasswordResetEmail(email, oneTimeUrl, i18n);
 
       return res.json(ApiResponse.success());
 
     }
 
     catch (err) {

+ 2 - 2
src/server/routes/index.js
مشاهده فایل 

@@ -178,8 +178,8 @@ module.exports = function(crowi, app) {
 
 
   app.get('/forgot-password', forgotPassword.forgotPassword);
 
   app.post('/_api/forgot-password', forgotPassword.api.post);
 
-  // TODO: apply oneTimeToken to the link by GW−6856
 
-  app.get('/forgot-password/hogeToken', forgotPassword.resetPassword);
 
+  // TODO: inserting middleware by GW-6926
 
+  app.get('/forgot-password/:token', forgotPassword.resetPassword);
 
 
   app.get('/share/:linkId', page.showSharedPage);