'token' is now 'secret' for better consistency
This commit is contained in:
Eldad Fux
parent
72481d88e1
commit
9c97b96ab4
|
|
@ -1003,7 +1003,7 @@ $utopia->post('/v1/account/recovery')
|
|||
}
|
||||
|
||||
$url = Template::parseURL($url);
|
||||
$url['query'] = Template::mergeQuery(((isset($url['query'])) ? $url['query'] : ''), ['userId' => $profile->getUid(), 'token' => $secret]);
|
||||
$url['query'] = Template::mergeQuery(((isset($url['query'])) ? $url['query'] : ''), ['userId' => $profile->getUid(), 'secret' => $secret]);
|
||||
$url = Template::unParseURL($url);
|
||||
|
||||
$body = new Template(__DIR__.'/../../config/locales/templates/'.Locale::getText('auth.emails.recovery.body'));
|
||||
|
|
@ -1050,11 +1050,11 @@ $utopia->put('/v1/account/recovery')
|
|||
->label('abuse-limit', 10)
|
||||
->label('abuse-key', 'url:{url},userId:{param-userId}')
|
||||
->param('userId', '', function () { return new UID(); }, 'User account UID address.')
|
||||
->param('token', '', function () { return new Text(256); }, 'Valid reset token.')
|
||||
->param('secret', '', function () { return new Text(256); }, 'Valid reset token.')
|
||||
->param('password-a', '', function () { return new Password(); }, 'New password.')
|
||||
->param('password-b', '', function () {return new Password(); }, 'New password again.')
|
||||
->action(
|
||||
function ($userId, $token, $passwordA, $passwordB) use ($response, $projectDB, $audit) {
|
||||
function ($userId, $secret, $passwordA, $passwordB) use ($response, $projectDB, $audit) {
|
||||
if ($passwordA !== $passwordB) {
|
||||
throw new Exception('Passwords must match', 400);
|
||||
}
|
||||
|
|
@ -1072,7 +1072,7 @@ $utopia->put('/v1/account/recovery')
|
|||
throw new Exception('User not found', 404); // TODO maybe hide this
|
||||
}
|
||||
|
||||
$recovery = Auth::tokenVerify($profile->getAttribute('tokens', []), Auth::TOKEN_TYPE_RECOVERY, $token);
|
||||
$recovery = Auth::tokenVerify($profile->getAttribute('tokens', []), Auth::TOKEN_TYPE_RECOVERY, $secret);
|
||||
|
||||
if (!$recovery) {
|
||||
throw new Exception('Invalid recovery token', 401);
|
||||
|
|
@ -1150,7 +1150,7 @@ $utopia->put('/v1/account/recovery')
|
|||
}
|
||||
|
||||
$url = Template::parseURL($url);
|
||||
$url['query'] = Template::mergeQuery(((isset($url['query'])) ? $url['query'] : ''), ['userId' => $user->getUid(), 'token' => $verificationSecret]);
|
||||
$url['query'] = Template::mergeQuery(((isset($url['query'])) ? $url['query'] : ''), ['userId' => $user->getUid(), 'secret' => $verificationSecret]);
|
||||
$url = Template::unParseURL($url);
|
||||
|
||||
$body = new Template(__DIR__.'/../../config/locales/templates/'.Locale::getText('auth.emails.verification.body'));
|
||||
|
|
@ -1197,9 +1197,9 @@ $utopia->put('/v1/account/verification')
|
|||
->label('abuse-limit', 10)
|
||||
->label('abuse-key', 'url:{url},userId:{param-userId}')
|
||||
->param('userId', '', function () { return new UID(); }, 'User account UID address.')
|
||||
->param('token', '', function () { return new Text(256); }, 'Valid reset token.') ->param('password-b', '', function () {return new Password(); }, 'New password again.')
|
||||
->param('secret', '', function () { return new Text(256); }, 'Valid reset token.') ->param('password-b', '', function () {return new Password(); }, 'New password again.')
|
||||
->action(
|
||||
function ($userId, $token) use ($response, $user, $projectDB, $audit) {
|
||||
function ($userId, $secret) use ($response, $user, $projectDB, $audit) {
|
||||
$profile = $projectDB->getCollection([ // Get user by email address
|
||||
'limit' => 1,
|
||||
'first' => true,
|
||||
|
|
@ -1213,7 +1213,7 @@ $utopia->put('/v1/account/verification')
|
|||
throw new Exception('User not found', 404); // TODO maybe hide this
|
||||
}
|
||||
|
||||
$verification = Auth::tokenVerify($profile->getAttribute('tokens', []), Auth::TOKEN_TYPE_VERIFICATION, $token);
|
||||
$verification = Auth::tokenVerify($profile->getAttribute('tokens', []), Auth::TOKEN_TYPE_VERIFICATION, $secret);
|
||||
|
||||
if (!$verification) {
|
||||
throw new Exception('Invalid verification token', 401);
|
||||
|
|
|
|||
|
|
@ -836,7 +836,7 @@ trait AccountBase
|
|||
$this->assertEquals($name, $lastEmail['to'][0]['name']);
|
||||
$this->assertEquals('Password Reset', $lastEmail['subject']);
|
||||
|
||||
$recovery = substr($lastEmail['text'], strpos($lastEmail['text'], '&token=', 0) + 7, 256);
|
||||
$recovery = substr($lastEmail['text'], strpos($lastEmail['text'], '&secret=', 0) + 8, 256);
|
||||
|
||||
/**
|
||||
* Test for FAILURE
|
||||
|
|
@ -897,7 +897,7 @@ trait AccountBase
|
|||
'x-appwrite-project' => $this->getProject()['$uid'],
|
||||
]), [
|
||||
'userId' => $uid,
|
||||
'token' => $recovery,
|
||||
'secret' => $recovery,
|
||||
'password-a' => $newPassowrd,
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
@ -913,7 +913,7 @@ trait AccountBase
|
|||
'x-appwrite-project' => $this->getProject()['$uid'],
|
||||
]), [
|
||||
'userId' => 'ewewe',
|
||||
'token' => $recovery,
|
||||
'secret' => $recovery,
|
||||
'password-a' => $newPassowrd,
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
@ -926,7 +926,7 @@ trait AccountBase
|
|||
'x-appwrite-project' => $this->getProject()['$uid'],
|
||||
]), [
|
||||
'userId' => $uid,
|
||||
'token' => 'sdasdasdasd',
|
||||
'secret' => 'sdasdasdasd',
|
||||
'password-a' => $newPassowrd,
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
@ -939,7 +939,7 @@ trait AccountBase
|
|||
'x-appwrite-project' => $this->getProject()['$uid'],
|
||||
]), [
|
||||
'userId' => $uid,
|
||||
'token' => $recovery,
|
||||
'secret' => $recovery,
|
||||
'password-a' => $newPassowrd.'x',
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -815,7 +815,7 @@ class AccountTest extends Base
|
|||
$this->assertEquals($name, $lastEmail['to'][0]['name']);
|
||||
$this->assertEquals('Password Reset', $lastEmail['subject']);
|
||||
|
||||
$recovery = substr($lastEmail['text'], strpos($lastEmail['text'], '&token=', 0) + 7, 256);
|
||||
$recovery = substr($lastEmail['text'], strpos($lastEmail['text'], '&userId=', 0) + 8, 256);
|
||||
|
||||
/**
|
||||
* Test for FAILURE
|
||||
|
|
@ -876,7 +876,7 @@ class AccountTest extends Base
|
|||
'x-appwrite-project' => 'console',
|
||||
], [
|
||||
'userId' => $uid,
|
||||
'token' => $recovery,
|
||||
'secret' => $recovery,
|
||||
'password-a' => $newPassowrd,
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
@ -892,7 +892,7 @@ class AccountTest extends Base
|
|||
'x-appwrite-project' => 'console',
|
||||
], [
|
||||
'userId' => 'ewewe',
|
||||
'token' => $recovery,
|
||||
'secret' => $recovery,
|
||||
'password-a' => $newPassowrd,
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
@ -905,7 +905,7 @@ class AccountTest extends Base
|
|||
'x-appwrite-project' => 'console',
|
||||
], [
|
||||
'userId' => $uid,
|
||||
'token' => 'sdasdasdasd',
|
||||
'secret' => 'sdasdasdasd',
|
||||
'password-a' => $newPassowrd,
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
@ -918,7 +918,7 @@ class AccountTest extends Base
|
|||
'x-appwrite-project' => 'console',
|
||||
], [
|
||||
'userId' => $uid,
|
||||
'token' => $recovery,
|
||||
'secret' => $recovery,
|
||||
'password-a' => $newPassowrd.'x',
|
||||
'password-b' => $newPassowrd,
|
||||
]);
|
||||
|
|
|
|||
Loading…
Reference in a new issue