mirror of
https://github.com/twentyhq/twenty.git
synced 2024-12-03 07:14:38 +03:00
c69d665114
## Bug Description We are facing a bug in case recaptcha is enabled. To reproduce: - Create your recaptcha: https://www.google.com/recaptcha/about/ - update your server .env with the following variables: ``` CAPTCHA_SECRET_KEY=REPLACE_ME CAPTCHA_SITE_KEY=REPLACE_ME CAPTCHA_DRIVER=google-recaptcha ``` - Go to the login page, enter an existing user email and hit 'Reset your password'. - Add a console.log in emailPasswordResetLink in auth.resolver.ts to get the token that would be sent by email if you don't have the mailer setup - Browse: /reset-password/{passwordToken} - Update the password: <img width="1446" alt="image" src="https://github.com/user-attachments/assets/dd5b077f-293e-451a-8630-22d24ac66c42"> - See that the token is invalid You should see two calls in your developer network tab. A successful one to update the password and another to log you in. This 2nd call (Challenge) does not have the captcha token provided. It should be ## Fix - Refreshing the token on page load - providing it to the Challenge graphql call |
||
|---|---|---|
| .. | ||
| __stories__ | ||
| config | ||
| effect-components | ||
| generated | ||
| generated-metadata | ||
| hooks | ||
| loading | ||
| modules | ||
| pages | ||
| testing | ||
| types | ||
| utils | ||
| App.tsx | ||
| emotion.d.ts | ||
| index.css | ||
| index.tsx | ||
| nx-react.d.ts | ||
| vite-env.d.ts | ||