mirror/ezbookkeeping
1
0
Fork 0
mirror of https://github.com/mayswind/ezbookkeeping.git synced 2026-05-14 06:57:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

not allow send password reset mail when email address is not verified

Browse Source
This commit is contained in:
MaysWind
2023-08-27 22:35:16 +08:00
parent c0bfe429ee
commit 616bfc6a2a
5 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/api/forget_passwords.go
+5
View File
@@ -46,6 +46,11 @@ func (a *ForgetPasswordsApi) UserForgetPasswordRequestHandler(c *core.Context) (
return nil, errs.ErrUserNotFound
}
if !user.EmailVerified {
log.WarnfWithRequestId(c, "[forget_passwords.UserForgetPasswordRequestHandler] user \"uid:%d\" has not verified email", user.Uid)
return nil, errs.ErrEmptyIsNotVerified
}
token, _, err := a.tokens.CreatePasswordResetToken(user, c)
if err != nil {
pkg/cli/user_data.go
+5
View File
@@ -177,6 +177,11 @@ func (l *UserDataCli) SendPasswordResetMail(c *cli.Context, username string) err
return err
}
if !user.EmailVerified {
log.BootWarnf("[user_data.SendPasswordResetMail] user \"uid:%d\" has not verified email", user.Uid)
return errs.ErrEmptyIsNotVerified
}
token, _, err := l.tokens.CreatePasswordResetToken(user, nil)
if err != nil {
pkg/errs/user.go
+1
View File
@@ -26,4 +26,5 @@ var (
ErrEmptyIsInvalid = NewNormalError(NormalSubcategoryUser, 17, http.StatusBadRequest, "email is invalid")
ErrEmailIsEmptyOrInvalid = NewNormalError(NormalSubcategoryUser, 18, http.StatusBadRequest, "email is empty or invalid")
ErrNewPasswordEqualsOldInvalid = NewNormalError(NormalSubcategoryUser, 19, http.StatusBadRequest, "new password equals old password")
ErrEmptyIsNotVerified = NewNormalError(NormalSubcategoryUser, 20, http.StatusBadRequest, "email is not verified")
)