From 8f0a396dd07937fb7ccfb345d1acbac86eb5d9bb Mon Sep 17 00:00:00 2001 From: Nicolai Ort Date: Sun, 7 Feb 2021 13:37:01 +0100 Subject: [PATCH] Bugfix for @lfk/frontend/#43 --- src/config.ts | 2 +- src/controllers/AuthController.ts | 3 ++- src/mailer.ts | 4 ++-- src/models/actions/create/CreateResetToken.ts | 4 ++-- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/config.ts b/src/config.ts index 2e52f56..8dbffca 100644 --- a/src/config.ts +++ b/src/config.ts @@ -11,7 +11,7 @@ export const config = { postalcode_validation_countrycode: getPostalCodeLocale(), version: process.env.VERSION || require('../package.json').version, seedTestData: getDataSeeding(), - app_url: process.env.APP_URL || "http://localhost:4010", + app_url: process.env.APP_URL || "http://localhost:8080", mail_server: process.env.MAIL_SERVER, mail_port: Number(process.env.MAIL_PORT) || 25, mail_user: process.env.MAIL_USER, diff --git a/src/controllers/AuthController.ts b/src/controllers/AuthController.ts index 3545422..29511a3 100644 --- a/src/controllers/AuthController.ts +++ b/src/controllers/AuthController.ts @@ -31,6 +31,7 @@ export class AuthController { @OpenAPI({ description: 'Login with your username/email and password.
You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' }) async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) { let auth; + console.log(createAuth) try { auth = await createAuth.toAuth(); response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true }); @@ -93,7 +94,7 @@ export class AuthController { @ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 }) @OpenAPI({ description: "Request a password reset token.
This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." }) async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) { - const reset_token: String = await passwordReset.toResetToken(); + const reset_token: string = await passwordReset.toResetToken(); await this.mailer.sendResetMail(passwordReset.email, reset_token); return new ResponseEmpty(); } diff --git a/src/mailer.ts b/src/mailer.ts index d52e540..d1f31c2 100644 --- a/src/mailer.ts +++ b/src/mailer.ts @@ -38,8 +38,8 @@ export class Mailer { * @param to_address The address the mail will be sent to. Should always get pulled from a user object. * @param token The requested password reset token - will be combined with the app_url to generate a password reset link. */ - public async sendResetMail(to_address: string, token: String) { - const reset_link = `${config.app_url}/reset/${token}` + public async sendResetMail(to_address: string, token: string) { + const reset_link = `${config.app_url}/reset/${(Buffer.from(token)).toString("base64")}` const body_html = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`); const body_txt = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`); diff --git a/src/models/actions/create/CreateResetToken.ts b/src/models/actions/create/CreateResetToken.ts index 8194fe4..35f71ef 100644 --- a/src/models/actions/create/CreateResetToken.ts +++ b/src/models/actions/create/CreateResetToken.ts @@ -23,7 +23,7 @@ export class CreateResetToken { /** * Create a password reset token based on this. */ - public async toResetToken(): Promise { + public async toResetToken(): Promise { if (!this.email) { throw new UserEmailNeededError(); } @@ -37,7 +37,7 @@ export class CreateResetToken { await getConnectionManager().get().getRepository(User).save(found_user); //Create the reset token - let reset_token = JwtCreator.createReset(found_user); + let reset_token: string = JwtCreator.createReset(found_user); return reset_token; }