From 0023ce448a5e9423337d0e1a25648bde1156bc95 Mon Sep 17 00:00:00 2001 From: Manuel <5673677+mtrezza@users.noreply.github.com> Date: Sun, 14 Jan 2024 01:37:20 +0100 Subject: [PATCH] fix: Parse Server option `emailVerifyTokenReuseIfValid: true` generates new token on every email verification request (#8885) --- spec/EmailVerificationToken.spec.js | 12 ++++++------ src/Controllers/UserController.js | 2 +- src/Routers/UsersRouter.js | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/spec/EmailVerificationToken.spec.js b/spec/EmailVerificationToken.spec.js index f4976207ec..82ca60d495 100644 --- a/spec/EmailVerificationToken.spec.js +++ b/spec/EmailVerificationToken.spec.js @@ -897,7 +897,7 @@ describe('Email Verification Token Expiration: ', () => { const config = Config.get('test'); const [userBeforeRequest] = await config.database.find('_User', { username: 'resends_verification_token', - }); + }, {}, Auth.maintenance(config)); // store this user before we make our email request expect(sendVerificationEmailCallCount).toBe(1); await new Promise(resolve => { @@ -923,14 +923,14 @@ describe('Email Verification Token Expiration: ', () => { const [userAfterRequest] = await config.database.find('_User', { username: 'resends_verification_token', - }); + }, {}, Auth.maintenance(config)); - // verify that our token & expiration has been changed for this new request + // Verify that token & expiration haven't been changed for this new request expect(typeof userAfterRequest).toBe('object'); + expect(userBeforeRequest._email_verify_token).toBeDefined(); expect(userBeforeRequest._email_verify_token).toEqual(userAfterRequest._email_verify_token); - expect(userBeforeRequest._email_verify_token_expires_at).toEqual( - userAfterRequest._email_verify_token_expires_at - ); + expect(userBeforeRequest._email_verify_token_expires_at).toBeDefined(); + expect(userBeforeRequest._email_verify_token_expires_at).toEqual(userAfterRequest._email_verify_token_expires_at); done(); }); diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js index 0f17402224..d2dcbcd1df 100644 --- a/src/Controllers/UserController.js +++ b/src/Controllers/UserController.js @@ -209,7 +209,7 @@ export class UserController extends AdaptableController { _email_verify_token && new Date() < new Date(_email_verify_token_expires_at) ) { - return Promise.resolve(); + return Promise.resolve(true); } const shouldSend = await this.setEmailVerifyToken(user, { object: Parse.User.fromJSON(Object.assign({ className: '_User' }, user)), diff --git a/src/Routers/UsersRouter.js b/src/Routers/UsersRouter.js index e3effd960b..e6f0c7db3a 100644 --- a/src/Routers/UsersRouter.js +++ b/src/Routers/UsersRouter.js @@ -476,7 +476,7 @@ export class UsersRouter extends ClassesRouter { ); } - const results = await req.config.database.find('_User', { email: email }); + const results = await req.config.database.find('_User', { email: email }, {}, Auth.maintenance(req.config)); if (!results.length || results.length < 1) { throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `No user found with email ${email}`); }