Merge pull request #9257 from weseek/fix/155634-155799-cannot-send-not-exists-email-address

fix: forgot-password API

apps/app/resource/locales/en_US/notifications/notActiveUser.ejs

@@ -1,13 +0,0 @@
-Password Reset
-
-Hi, <%- email %>
-
-A request has been received to change the password from <%- appTitle %>.
-However, this email is not registerd. Please try again with different email.
-
-If you did not request a password reset, you can safely ignore this email.
-
--------------------------------------------------------------------------
-
-GROWI: <%- appTitle %>
-URL: <%- url %>

apps/app/resource/locales/fr_FR/notifications/notActiveUser.ejs

@@ -1,13 +0,0 @@
-Réinitialisation du mot de passe
-
-Bonjour, <%- email %>
-
-Une demande de réinitialisation de mot de passe a été demandée depuis <%- appTitle %>.
-Cette adresse courriel n'est pas enregistré. Réessayez avec une adresse courriel différente.
-
-Si vous n'avez pas demandé de réinitialisation de mot de passe, ignorez ce courriel.
-
--------------------------------------------------------------------------
-
-GROWI: <%- appTitle %>
-URL: <%- url %>

apps/app/resource/locales/ja_JP/notifications/notActiveUser.ejs

@@ -1,13 +0,0 @@
-パスワードリセット
-
-こんにちは、 <%- email %>
-
-<%- appTitle %> からパスワード再設定のリクエストがありましたが、このemailは登録されておりません。
-他のemailアドレスで再度お試しください。
-
-もしこのリクエストに心当たりがない場合は、このメールを無視してください。
-
--------------------------------------------------------------------------
-
-GROWI: <%- appTitle %>
-URL: <%- url %>

apps/app/resource/locales/zh_CN/notifications/notActiveUser.ejs

@@ -1,13 +0,0 @@
-重设密码
-
-嗨，<%-电子邮件%>
-
-已收到来自 <%-appTitle%> 的更改密码请求。
-但是，此电子邮件未注册。请使用其他电子邮件重试。
-
-如果您没有要求重置密码，则可以放心地忽略此电子邮件。
-
--------------------------------------------------------------------------
-
-GROWI: <%- appTitle %>
-URL: <%- url %>

apps/app/src/pages/forgot-password.page.tsx

@@ -4,6 +4,7 @@ import type { NextPage, GetServerSideProps, GetServerSidePropsContext } from 'ne
 import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
 import dynamic from 'next/dynamic';
 
+import { RawLayout } from '~/components/Layout/RawLayout';
 import type { CrowiRequest } from '~/interfaces/crowi-request';
 import { useIsMailerSetup } from '~/stores-universal/context';
 
@@ -20,19 +21,21 @@ const ForgotPasswordPage: NextPage<Props> = (props: Props) => {
   useIsMailerSetup(props.isMailerSetup);
 
   return (
-    <div className="main">
-      <div className="container-lg">
-        <div className="container">
-          <div className="row justify-content-md-center">
-            <div className="col-md-6 mt-5">
-              <div className="text-center">
-                <PasswordResetRequestForm />
+    <RawLayout>
+      <div className="main">
+        <div className="container-lg">
+          <div className="container">
+            <div className="row justify-content-md-center">
+              <div className="col-md-6 mt-5">
+                <div className="text-center">
+                  <PasswordResetRequestForm />
+                </div>
               </div>
             </div>
           </div>
         </div>
       </div>
-    </div>
+    </RawLayout>
   );
 };
 

apps/app/src/pages/reset-password.page.tsx

@@ -5,6 +5,8 @@ import { useTranslation } from 'next-i18next';
 import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
 import dynamic from 'next/dynamic';
 
+import { RawLayout } from '~/components/Layout/RawLayout';
+
 import type { CommonProps } from './utils/commons';
 import { getNextI18NextConfig, getServerSideCommonProps } from './utils/commons';
 
@@ -19,23 +21,25 @@ const ForgotPasswordPage: NextPage<Props> = (props: Props) => {
   const { t } = useTranslation();
 
   return (
-    <div className="main">
-      <div className="container-lg">
-        <div className="container">
-          <div className="row justify-content-md-center">
-            <div className="col-md-6 mt-5">
-              <div className="text-center">
-                <h1><span className="material-symbols-outlined large">lock_open</span></h1>
-                <h2 className="text-center">{ t('forgot_password.reset_password') }</h2>
-                <h5>{ props.email }</h5>
-                <p className="mt-4">{ t('forgot_password.password_reset_excecution_desc') }</p>
-                <PasswordResetExecutionForm />
+    <RawLayout>
+      <div className="main">
+        <div className="container-lg">
+          <div className="container">
+            <div className="row justify-content-md-center">
+              <div className="col-md-6 mt-5">
+                <div className="text-center">
+                  <h1><span className="material-symbols-outlined large">lock_open</span></h1>
+                  <h2 className="text-center">{ t('forgot_password.reset_password') }</h2>
+                  <h5>{ props.email }</h5>
+                  <p className="mt-4">{ t('forgot_password.password_reset_excecution_desc') }</p>
+                  <PasswordResetExecutionForm />
+                </div>
               </div>
             </div>
           </div>
         </div>
       </div>
-    </div>
+    </RawLayout>
   );
 };
 

apps/app/src/server/routes/apiv3/forgot-password.js

@@ -79,7 +79,8 @@ module.exports = (crowi) => {
 
       // when the user is not found or active
       if (user == null || user.status !== 2) {
-        await sendPasswordResetEmail('notActiveUser', locale, email, appUrl);
+        // Do not send emails to non GROWI user
+        // For security reason, do not use error messages like "Email does not exist"
         return res.apiv3();
       }