Fixed account email verification.

meshmail.js

@@ -204,7 +204,7 @@ module.exports.CreateMeshMail = function (parent) {
     };
 
     // Send account check mail
-    obj.sendAccountCheckMail = function (domain, username, email, language, loginkey) {
+    obj.sendAccountCheckMail = function (domain, username, userid, email, language, loginkey) {
         obj.checkEmail(email, function (checked) {
             if (checked) {
                 parent.debug('email', "Sending email verification to " + email);
@@ -223,7 +223,7 @@ module.exports.CreateMeshMail = function (parent) {
                 // Set all the options.
                 var options = { username: username, email: email, servername: domain.title ? domain.title : 'MeshCentral' };
                 if (loginkey != null) { options.urlargs1 = '?key=' + loginkey; options.urlargs2 = '&key=' + loginkey; } else { options.urlargs1 = ''; options.urlargs2 = ''; }
-                options.cookie = obj.parent.encodeCookie({ u: domain.id + '/' + username.toLowerCase(), e: email, a: 1 }, obj.mailCookieEncryptionKey);
+                options.cookie = obj.parent.encodeCookie({ u: userid, e: email, a: 1 }, obj.mailCookieEncryptionKey);
 
                 // Send the email
                 obj.pendingMails.push({ to: email, from: parent.config.smtp.from, subject: mailReplacements(template.htmlSubject, domain, options), text: mailReplacements(template.txt, domain, options), html: mailReplacements(template.html, domain, options) });

meshuser.js

@@ -1565,7 +1565,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
                                 if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' changed email from ' + oldemail + ' to ' + user.email); }
 
                                 // Send the verification email
-                                if (parent.parent.mailserver != null) { parent.parent.mailserver.sendAccountCheckMail(domain, user.name, user.email, parent.getLanguageCodes(req)); }
+                                if (parent.parent.mailserver != null) { parent.parent.mailserver.sendAccountCheckMail(domain, user.name, user._id, user.email, parent.getLanguageCodes(req)); }
                             }
                         });
                     }
@@ -1585,7 +1585,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
 
                     if ((parent.parent.mailserver != null) && (obj.user.email.toLowerCase() == command.email)) {
                         // Send the verification email
-                        parent.parent.mailserver.sendAccountCheckMail(domain, user.name, user.email, parent.getLanguageCodes(req));
+                        parent.parent.mailserver.sendAccountCheckMail(domain, user.name, user._id, user.email, parent.getLanguageCodes(req));
                     }
                     break;
                 }

webserver.js

@@ -1245,7 +1245,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                                     obj.db.SetUser(user);
 
                                     // Send the verification email
-                                    if ((obj.parent.mailserver != null) && (domain.auth != 'sspi') && (domain.auth != 'ldap') && (obj.common.validateEmail(user.email, 1, 256) == true)) { obj.parent.mailserver.sendAccountCheckMail(domain, user.name, user.email, obj.getLanguageCodes(req), req.query.key); }
+                                    if ((obj.parent.mailserver != null) && (domain.auth != 'sspi') && (domain.auth != 'ldap') && (obj.common.validateEmail(user.email, 1, 256) == true)) { obj.parent.mailserver.sendAccountCheckMail(domain, user.name, user._id, user.email, obj.getLanguageCodes(req), req.query.key); }
                                 }, 0);
                                 var event = { etype: 'user', userid: user._id, username: user.name, account: obj.CloneSafeUser(user), action: 'accountcreate', msg: 'Account created, email is ' + req.body.email, domain: domain.id };
                                 if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to create the user. Another event will come.
@@ -1547,7 +1547,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                     }
 
                     // Send the verification email
-                    obj.parent.mailserver.sendAccountCheckMail(domain, user.name, user.email, obj.getLanguageCodes(req), req.query.key);
+                    obj.parent.mailserver.sendAccountCheckMail(domain, user.name, user._id, user.email, obj.getLanguageCodes(req), req.query.key);
 
                     // Send the response
                     req.session.messageid = 2; // Email sent.