Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'hotfix/forgot-password-duplicate' into 'release'

Browse Source 
Handling duplicate email in forgotPassword flow.

Now if the user requests for the reset password token multiple times, we will override the previous token and save the new token against that user.

See merge request theappsmith/internal-tools-server!122
This commit is contained in:
Arpit Mohan 2019-12-19 07:41:40 +00:00
commit 5ba754b430
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
app/server/appsmith-server/src/main/java/com/appsmith/server/services/UserServiceImpl.java
View File

@ -170,15 +170,22 @@ public class UserServiceImpl extends BaseService<UserRepository, User, String> i
*/
@Override
public Mono<Boolean> forgotPasswordTokenGenerate(String email) {
PasswordResetToken passwordResetToken = new PasswordResetToken();
passwordResetToken.setEmail(email);
// Create a random token to be sent out.
String token = UUID.randomUUID().toString();
log.debug("Password reset Token: {} for email: {}", token, email);
passwordResetToken.setTokenHash(passwordEncoder.encode(token));
return passwordResetTokenRepository
.save(passwordResetToken)
Mono<PasswordResetToken> passwordResetTokenMono = passwordResetTokenRepository.findByEmail(email)
.switchIfEmpty(Mono.defer(() -> {
PasswordResetToken passwordResetToken = new PasswordResetToken();
passwordResetToken.setEmail(email);
return Mono.just(passwordResetToken);
}))
.map(resetToken -> {
resetToken.setTokenHash(passwordEncoder.encode(token));
return resetToken;
});
return passwordResetTokenMono
.map(resetToken -> passwordResetTokenRepository.save(resetToken))
.map(obj -> {
emailSender.sendMail(email, "Appsmith Password Reset", "Token: " + token);
return Mono.empty();