From 589b614a53dd4b3b37ea255dff1cf105d8a50202 Mon Sep 17 00:00:00 2001 From: MaysWind Date: Sun, 10 Sep 2023 17:00:19 +0800 Subject: [PATCH] remove old email verify token before send new verify email when email changed --- pkg/api/users.go | 27 ++++++++++++++++----------- pkg/services/tokens.go | 6 +++--- 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/pkg/api/users.go b/pkg/api/users.go index eb441d5f..e70c4c7f 100644 --- a/pkg/api/users.go +++ b/pkg/api/users.go @@ -162,11 +162,10 @@ func (a *UsersApi) UserEmailVerifyHandler(c *core.Context) (interface{}, *errs.E return nil, errs.Or(err, errs.ErrOperationFailed) } - now := time.Now().Unix() - err = a.tokens.DeleteTokensByTypeBeforeTime(c, uid, core.USER_TOKEN_TYPE_EMAIL_VERIFY, now) + err = a.tokens.DeleteTokensByType(c, uid, core.USER_TOKEN_TYPE_EMAIL_VERIFY) if err == nil { - log.InfofWithRequestId(c, "[users.UserEmailVerifyHandler] revoke old email verify tokens before unix time \"%d\" for user \"uid:%d\"", now, user.Uid) + log.InfofWithRequestId(c, "[users.UserEmailVerifyHandler] revoke old email verify tokens for user \"uid:%d\"", user.Uid) } else { log.WarnfWithRequestId(c, "[users.UserEmailVerifyHandler] failed to revoke old email verify tokens for user \"uid:%d\", because %s", user.Uid, err.Error()) } @@ -359,18 +358,24 @@ func (a *UsersApi) UserUpdateProfileHandler(c *core.Context) (interface{}, *errs } if emailSetToUnverified && settings.Container.Current.EnableUserVerifyEmail && settings.Container.Current.EnableSMTP { - token, _, err := a.tokens.CreateEmailVerifyToken(c, user) + err = a.tokens.DeleteTokensByType(c, uid, core.USER_TOKEN_TYPE_EMAIL_VERIFY) if err != nil { - log.ErrorfWithRequestId(c, "[users.UserUpdateProfileHandler] failed to create email verify token for user \"uid:%d\", because %s", user.Uid, err.Error()) + log.ErrorfWithRequestId(c, "[users.UserUpdateProfileHandler] failed to revoke old email verify tokens for user \"uid:%d\", because %s", user.Uid, err.Error()) } else { - go func() { - err = a.users.SendVerifyEmail(user, token, c.GetClientLocale()) + token, _, err := a.tokens.CreateEmailVerifyToken(c, user) - if err != nil { - log.WarnfWithRequestId(c, "[users.UserUpdateProfileHandler] cannot send verify email to \"%s\", because %s", user.Email, err.Error()) - } - }() + if err != nil { + log.ErrorfWithRequestId(c, "[users.UserUpdateProfileHandler] failed to create email verify token for user \"uid:%d\", because %s", user.Uid, err.Error()) + } else { + go func() { + err = a.users.SendVerifyEmail(user, token, c.GetClientLocale()) + + if err != nil { + log.WarnfWithRequestId(c, "[users.UserUpdateProfileHandler] cannot send verify email to \"%s\", because %s", user.Email, err.Error()) + } + }() + } } } diff --git a/pkg/services/tokens.go b/pkg/services/tokens.go index ea25be64..ca402a28 100644 --- a/pkg/services/tokens.go +++ b/pkg/services/tokens.go @@ -170,14 +170,14 @@ func (s *TokenService) DeleteTokensBeforeTime(c *core.Context, uid int64, expire }) } -// DeleteTokensByTypeBeforeTime deletes tokens that is specified type and created before specific time -func (s *TokenService) DeleteTokensByTypeBeforeTime(c *core.Context, uid int64, tokenType core.TokenType, expireTime int64) error { +// DeleteTokensByType deletes specified type tokens +func (s *TokenService) DeleteTokensByType(c *core.Context, uid int64, tokenType core.TokenType) error { if uid <= 0 { return errs.ErrUserIdInvalid } return s.TokenDB(uid).DoTransaction(c, func(sess *xorm.Session) error { - _, err := sess.Where("uid=? AND token_type=? AND created_unix_time