Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-18 20:59:44 +02:00
Code Issues Releases Activity

feat: Improve security of access tokens (#279)

Browse source 
Closes #275
This commit is contained in:
SimonTagne 2022-08-09 18:03:21 +02:00 committed by GitHub
parent 77ac2cf1b1
commit 2b4c2b0f49
40 changed files with 273 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

11
server/api/controllers/users/update-password.js
View file

@ -60,12 +60,21 @@ module.exports = {
}
const values = _.pick(inputs, ['password']);
user = await sails.helpers.users.updateOne(user, values, this.req);
user = await sails.helpers.users.updateOne(user, values, currentUser, this.req);
if (!user) {
throw Errors.USER_NOT_FOUND;
}
if (user.id === currentUser.id) {
const accessToken = sails.helpers.utils.createToken(user.id, user.passwordUpdatedAt);
return {
accessToken,
item: user,
};
}
return {
item: user,
};