fix(core): Decrease reset password token expire time #7598
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mutdmour
previously approved these changes
Nov 3, 2023
| @@ -120,7 +120,7 @@ export class PasswordResetController { | |||
| const resetPasswordToken = this.jwtService.signData( | |||
| { sub: id }, | |||
| { | |||
| expiresIn: '1d', | |||
| expiresIn: '20m', | |||
There was a problem hiding this comment.
love it.. so simple.. can you double check that the email does not say anything about a day expiry?
There was a problem hiding this comment.
Nice catch! It actually said 2 hours. I amended the change to the same commit as this was so tiny change. Also rebased to master. @mutdmour can you have another look?
4 flaky tests on run #2713 ↗︎
Details:
|
|||||||||||||||||||||||||||
| Test | Artifacts | |
|---|---|---|
| NDV > resolves expression with default item when input node is not parent, while still pairing items |
Output
Screenshots
Video
|
|
28-resource-mapper.cy.ts • 1 flaky test
| Test | Artifacts | |
|---|---|---|
| Resource Mapper > should correctly delete all fields |
Output
Screenshots
Video
|
|
Review all test suite changes for PR #7598 ↗︎
|
✅ All Cypress E2E specs passed |
n8n-assistant
bot
added
core
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #7598 +/- ##
==========================================
- Coverage 33.86% 33.86% -0.01%
==========================================
Files 3409 3409
Lines 208712 208712
Branches 22579 22573 -6
==========================================
- Hits 70684 70673 -11
- Misses 136873 136884 +11
Partials 1155 1155
☔ View full report in Codecov by Sentry. |
tomi
changed the title
tomi
force-pushed
the
ado-1323-decrease-reset-password-token-expiration-time
branch
from
4337d66 to
2447ecb
Compare
mutdmour
approved these changes
Nov 3, 2023
|
✅ All Cypress E2E specs passed |
tomi
deleted the
ado-1323-decrease-reset-password-token-expiration-time
branch
krynble
pushed a commit
that referenced
this pull request
Nov 7, 2023
Decrease the expiration time from 1 day to 20 minutes Github issue / Community forum post (link here to close automatically):
Merged
krynble
added a commit
that referenced
this pull request
Nov 7, 2023
## [1.15.2](https://github.com/n8n-io/n8n/compare/[email protected]@1.15.2) (2023-11-07) ### Bug Fixes * **core:** Decrease reset password token expire time ([#7598](#7598)) ([44664d2](44664d2)) * **editor:** Allow overriding theme from query params ([#7591](#7591)) ([1362585](1362585)) * **editor:** Fix issue that frontend breaks with unkown nodes ([#7596](#7596)) ([dd7b7d1](dd7b7d1)) * **editor:** Hide not supported node options ([#7597](#7597)) ([658cacc](658cacc)) * **editor:** Remove unknown credentials on pasting workflow ([#7582](#7582)) ([0768271](0768271)) * **editor:** Reset canvas zoom before workspace reset in node view ([#7625](#7625)) ([44460f9](44460f9)) * **editor:** Zoom in/out on canvas the same amount on scroll/gesture ([#7602](#7602)) ([be6fbf2](be6fbf2)) Co-authored-by: krynble <[email protected]>
|
Got released with |
Merged
ivov
added a commit
that referenced
this pull request
Nov 8, 2023
# [1.16.0](https://github.com/n8n-io/n8n/compare/[email protected]@1.16.0) (2023-11-08) ### Bug Fixes * **core:** Comply with custom default for workflow saving settings ([#7634](#7634)) ([48c068f](48c068f)) * **core:** Decrease reset password token expire time ([#7598](#7598)) ([2aa7f63](2aa7f63)) * **core:** Ensure `init` before checking leader or follower in multi-main scenario ([#7621](#7621)) ([a994ba5](a994ba5)) * **core:** Ensure pruning starts only after migrations have completed ([#7626](#7626)) ([f748de9](f748de9)) * **core:** Fix accessor error when running partial execution ([#7618](#7618)) ([26361df](26361df)), closes [#6229](#6229) * **core:** Make password-reset urls valid only for single-use ([#7622](#7622)) ([6031424](6031424)) * **Crypto Node:** Fix issue with value not appearing for Sign action ([#7619](#7619)) ([5df583f](5df583f)) * **editor:** Allow overriding theme from query params ([#7591](#7591)) ([2854a0c](2854a0c)) * **editor:** Fix issue that frontend breaks with unkown nodes ([#7596](#7596)) ([db56a9e](db56a9e)) * **editor:** Fix local storage flags defaulting to undefined string ([#7603](#7603)) ([151e60f](151e60f)) * **editor:** Fix workflow history prune time limit (getting hours instead of days) ([#7644](#7644)) ([3d5a485](3d5a485)) * **editor:** Hide not supported node options ([#7597](#7597)) ([b532a7b](b532a7b)) * **editor:** Remove unknown credentials on pasting workflow ([#7582](#7582)) ([d633753](d633753)) * **editor:** Reset canvas zoom before workspace reset in node view ([#7625](#7625)) ([78b84af](78b84af)) * **editor:** Zoom in/out on canvas the same amount on scroll/gesture ([#7602](#7602)) ([c92402a](c92402a)) * **Facebook Lead Ads Trigger Node:** Fix issue with missing scope for business management ([#7616](#7616)) ([32b85ba](32b85ba)) ### Features * **core:** Add the node version to telemetry in node_graph_string ([#7449](#7449)) ([59dc36a](59dc36a)) * **core:** Coordinate workflow activation in multiple main scenario in internal API ([#7566](#7566)) ([c857e42](c857e42)) * **core:** Initial support for two-way communication over websockets ([#7570](#7570)) ([ac87701](ac87701)) * **core:** Log executed migrations with info level ([#7586](#7586)) ([7dac9ab](7dac9ab)) * **core:** Rate limit forgot password endpoint ([#7604](#7604)) ([5790e25](5790e25)) * **LinkedIn Node:** Add support for Article thumbnails ([#7489](#7489)) ([e6d3d1a](e6d3d1a)) * **NocoDB Node:** Add new data apis and workspace support ([#7329](#7329)) ([da2d2a8](da2d2a8)) Co-authored-by: ivov <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Decrease the expiration time from 1 day to 20 minutes
Github issue / Community forum post (link here to close automatically):