Merge pull request 'Bugfix for @lfk/frontend/#43' (#138) from bugfix/118-encode_jwt_in_mail into dev

Reviewed-on: #138

CHANGELOG.md

@@ -4,10 +4,12 @@ All notable changes to this project will be documented in this file. Dates are d
 
 #### [v0.4.2](https://git.odit.services/lfk/backend/compare/v0.4.1...v0.4.2)
 
-- 📖New license file version [CI SKIP] [skip ci] [`74791df`](https://git.odit.services/lfk/backend/commit/74791df68b40355e1d1a1f7f5ae4f64422571dc9)
+- Merge pull request 'Alpha Release 0.4.2' (#137) from dev into main [`390b36d`](https://git.odit.services/lfk/backend/commit/390b36dfd46cf8829126581bd62dd3d4ce8558fa)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3b718f3`](https://git.odit.services/lfk/backend/commit/3b718f3ce58f12007b6068e5db00a00dbe1c5398)
 - 🧾New changelog file version [CI SKIP] [skip ci] [`f7a0ec7`](https://git.odit.services/lfk/backend/commit/f7a0ec7174521b1863a4bc58c7ff2b86cafdee66)
 - 🚀Bumped version to v0.4.2 [`321b20b`](https://git.odit.services/lfk/backend/commit/321b20b073b6debd605a92544779d0dfc0449f10)
 - Merge pull request 'Imprint&Privacy Links feature/135-imprint_and_privacy' (#136) from feature/135-imprint_and_privacy into dev [`110a847`](https://git.odit.services/lfk/backend/commit/110a84783e023407cbcf81506deb7cc204db9659)
+- 📖New license file version [CI SKIP] [skip ci] [`74791df`](https://git.odit.services/lfk/backend/commit/74791df68b40355e1d1a1f7f5ae4f64422571dc9)
 - 🧾New changelog file version [CI SKIP] [skip ci] [`8425043`](https://git.odit.services/lfk/backend/commit/84250430996920ada15af23b68756daba8f99257)
 - Added new url env vars to config [`bcad691`](https://git.odit.services/lfk/backend/commit/bcad691045d00c9630bedb0936c123610b655946)
 - fixed license-exporter call [`74b982a`](https://git.odit.services/lfk/backend/commit/74b982afba3ec82a038c4748420920732fe32a51)

src/config.ts

@@ -11,7 +11,7 @@ export const config = {
     postalcode_validation_countrycode: getPostalCodeLocale(),
     version: process.env.VERSION || require('../package.json').version,
     seedTestData: getDataSeeding(),
-    app_url: process.env.APP_URL || "http://localhost:4010",
+    app_url: process.env.APP_URL || "http://localhost:8080",
     mail_server: process.env.MAIL_SERVER,
     mail_port: Number(process.env.MAIL_PORT) || 25,
     mail_user: process.env.MAIL_USER,

src/controllers/AuthController.ts

@@ -31,6 +31,7 @@ export class AuthController {
 	@OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' })
 	async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) {
 		let auth;
+		console.log(createAuth)
 		try {
 			auth = await createAuth.toAuth();
 			response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
@@ -93,7 +94,7 @@ export class AuthController {
 	@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
 	@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
 	async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) {
-		const reset_token: String = await passwordReset.toResetToken();
+		const reset_token: string = await passwordReset.toResetToken();
 		await this.mailer.sendResetMail(passwordReset.email, reset_token);
 		return new ResponseEmpty();
 	}

src/mailer.ts

@@ -38,8 +38,8 @@ export class Mailer {
      * @param to_address The address the mail will be sent to. Should always get pulled from a user object.
      * @param token The requested password reset token - will be combined with the app_url to generate a password reset link.
      */
-    public async sendResetMail(to_address: string, token: String) {
-        const reset_link = `${config.app_url}/reset/${token}`
+    public async sendResetMail(to_address: string, token: string) {
+        const reset_link = `${config.app_url}/reset/${(Buffer.from(token)).toString("base64")}`
         const body_html = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
         const body_txt = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
 

src/models/actions/create/CreateResetToken.ts

@@ -23,7 +23,7 @@ export class CreateResetToken {
     /**
      * Create a password reset token based on this.
      */
-    public async toResetToken(): Promise<any> {
+    public async toResetToken(): Promise<string> {
         if (!this.email) {
             throw new UserEmailNeededError();
         }
@@ -37,7 +37,7 @@ export class CreateResetToken {
         await getConnectionManager().get().getRepository(User).save(found_user);
 
         //Create the reset token
-        let reset_token = JwtCreator.createReset(found_user);
+        let reset_token: string = JwtCreator.createReset(found_user);
 
         return reset_token;
     }