Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: #11589, regression where a user could not confirm their email if requireEmailAddress was enabled

Browse Source
This commit is contained in:
Julian Lam
2023-05-11 11:34:24 -04:00
parent 77212c4219
commit 686ecea123
2 changed files with 29 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/controllers/index.js
View File

@@ -222,6 +222,14 @@ Controllers.registerInterstitial = async function (req, res, next) {
Controllers.confirmEmail = async (req, res, next) => { Controllers.confirmEmail = async (req, res, next) => {
try { try {
await user.email.confirmByCode(req.params.code, req.session.id); await user.email.confirmByCode(req.params.code, req.session.id);
if (req.session.registration) {
// After confirmation, no need to send user back to email change form
delete req.session.registration.updateEmail;
}
res.render('confirm', {
title: '[[pages:confirm]]',
});
} catch (e) { } catch (e) {
if (e.message === '[[error:invalid-data]]') { if (e.message === '[[error:invalid-data]]') {
return next(); return next();
@@ -229,10 +237,6 @@ Controllers.confirmEmail = async (req, res, next) => {
throw e; throw e;
} }
res.render('confirm', {
title: '[[pages:confirm]]',
});
}; };
Controllers.robots = function (req, res) { Controllers.robots = function (req, res) {

38
src/middleware/user.js
View File

@@ -239,30 +239,34 @@ module.exports = function (middleware) {
*/ */
const path = req.path.startsWith('/api/') ? req.path.replace('/api', '') : req.path; const path = req.path.startsWith('/api/') ? req.path.replace('/api', '') : req.path;
if (!req.session.hasOwnProperty('registration')) { if (req.uid && !(path.endsWith('/edit/email') || path.startsWith('/confirm/'))) {
if (req.uid && !path.endsWith('/edit/email')) { const [confirmed, isAdmin] = await Promise.all([
const [confirmed, isAdmin] = await Promise.all([ user.getUserField(req.uid, 'email:confirmed'),
user.getUserField(req.uid, 'email:confirmed'), user.isAdministrator(req.uid),
user.isAdministrator(req.uid), ]);
]); if (meta.config.requireEmailAddress && !confirmed && !isAdmin) {
if (meta.config.requireEmailAddress && !confirmed && !isAdmin) { req.session.registration = {
controllers.helpers.redirect(res, '/me/edit/email'); ...req.session.registration,
} uid: req.uid,
updateEmail: true,
};
} }
}
if (!req.session.hasOwnProperty('registration')) {
return setImmediate(next); return setImmediate(next);
} }
const { allowed } = await plugins.hooks.fire('filter:middleware.registrationComplete', { const { allowed } = await plugins.hooks.fire('filter:middleware.registrationComplete', {
allowed: ['/register/complete'], allowed: ['/register/complete', '/confirm/'],
}); });
if (!allowed.includes(path)) { if (allowed.includes(path) || allowed.some(p => path.startsWith(p))) {
// Append user data if present return setImmediate(next);
req.session.registration.uid = req.session.registration.uid || req.uid;
controllers.helpers.redirect(res, '/register/complete');
} else {
setImmediate(next);
} }
// Append user data if present
req.session.registration.uid = req.session.registration.uid || req.uid;
controllers.helpers.redirect(res, '/register/complete');
}; };
}; };