Store password reset token after email successfully sent (fixes #3757)

password-reset-after-email
Felix Ableitner 2024-03-01 15:40:42 +01:00
parent 328a48c9f5
commit c2c2b53bb9
1 changed files with 7 additions and 5 deletions

View File

@ -422,17 +422,19 @@ pub async fn send_password_reset_email(
// Generate a random token
let token = uuid::Uuid::new_v4().to_string();
// Insert the row
let local_user_id = user.local_user.id;
PasswordResetRequest::create_token(pool, local_user_id, token.clone()).await?;
let email = &user.local_user.email.clone().expect("email");
let lang = get_interface_language(user);
let subject = &lang.password_reset_subject(&user.person.name);
let protocol_and_hostname = settings.get_protocol_and_hostname();
let reset_link = format!("{}/password_change/{}", protocol_and_hostname, &token);
let body = &lang.password_reset_body(reset_link, &user.person.name);
send_email(subject, email, &user.person.name, body, settings).await
send_email(subject, email, &user.person.name, body, settings).await?;
// Insert the row after successful send, to avoid using daily reset limit while
// email sending is broken.
let local_user_id = user.local_user.id;
PasswordResetRequest::create_token(pool, local_user_id, token.clone()).await?;
Ok(())
}
/// Send a verification email