toeverything/AFFiNE
1
1
Fork 0
mirror of https://github.com/toeverything/AFFiNE.git synced 2024-09-19 23:47:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix(server): token set with id instead of email (#4883)

Browse Source
This commit is contained in:
liuyi 2023-11-09 16:23:03 +08:00 committed by GitHub
parent 12a2ccf1a5
commit 248fb1fa69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/backend/server/src/modules/auth/resolver.ts
View File

@ -136,12 +136,12 @@ export class AuthResolver {
@Args('newPassword') newPassword: string
) {
// we only create user account after user sign in with email link
const email = await this.session.get(token);
if (!email || email !== user.email || !user.emailVerified) {
const id = await this.session.get(token);
if (!id || id !== user.id || !user.emailVerified) {
throw new ForbiddenException('Invalid token');
}
await this.auth.changePassword(email, newPassword);
await this.auth.changePassword(user.email, newPassword);
await this.session.delete(token);
return user;