Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: password reset to invalidate all existing reset tokens for that uid

Browse Source
This commit is contained in:
Julian Lam
2020-10-13 11:48:32 -04:00
parent ba2e1c4c7e
commit 30b3fedca4
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/user/profile.js
View File

@@ -325,6 +325,7 @@ module.exports = function (User) {
password: hashedPassword,
rss_token: utils.generateUUID(),
}),
User.reset.cleanByUid(data.uid),
User.reset.updateExpiry(data.uid),
User.auth.revokeAllSessions(data.uid),
]);