Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-29 01:56:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: logging password resets and errors into event log

Browse Source 
closes #7343, also adds tests for password reset socket calls
This commit is contained in:
Julian Lam
2019-02-08 10:50:15 -05:00
parent 65df67117d
commit 0c09b7402d
3 changed files with 80 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/socket.io/user.js
View File

@@ -1,7 +1,6 @@
'use strict';
var async = require('async');
var winston = require('winston');
var user = require('../user');
var topics = require('../topics');
@@ -102,17 +101,17 @@ SocketUser.reset.send = function (socket, email, callback) {
}
user.reset.send(email, function (err) {
if (err) {
switch (err.message) {
case '[[error:invalid-email]]':
winston.warn('[user/reset] Invalid email attempt: ' + email + ' by IP ' + socket.ip + (socket.uid ? ' (uid: ' + socket.uid + ')' : ''));
err = null;
break;
events.log({
type: 'password-reset',
text: err ? err.message : '[[success:success]]',
ip: socket.ip,
uid: socket.uid,
email: email,
});
case '[[error:reset-rate-limited]]':
err = null;
break;
}
const internalErrors = ['[[error:invalid-email]]', '[[error:reset-rate-limited]]'];
if (err && internalErrors.includes(err.message)) {
err = null;
}
setTimeout(callback.bind(err), 2500);