Feat: Refresh login token for the client initiating password change (#4214)

This commit is contained in:
Nelson Chan 2023-12-18 19:52:49 +08:00 committed by GitHub
parent 996ff28ed9
commit c9fe6b5d01
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 2 deletions

View File

@ -25,8 +25,14 @@ class User extends BeanModel {
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
async resetPassword(newPassword) { async resetPassword(newPassword) {
await User.resetPassword(this.id, newPassword); const hashedPassword = passwordHash.generate(newPassword);
this.password = newPassword;
await R.exec("UPDATE `user` SET password = ? WHERE id = ? ", [
hashedPassword,
this.id
]);
this.password = hashedPassword;
} }
/** /**

View File

@ -1270,6 +1270,7 @@ let needSetup = false;
callback({ callback({
ok: true, ok: true,
token: User.createJWT(user, server.jwtSecret),
msg: "successAuthChangePassword", msg: "successAuthChangePassword",
msgi18n: true, msgi18n: true,
}); });

View File

@ -177,6 +177,12 @@ export default {
this.password.currentPassword = ""; this.password.currentPassword = "";
this.password.newPassword = ""; this.password.newPassword = "";
this.password.repeatNewPassword = ""; this.password.repeatNewPassword = "";
// Update token of the current session
if (res.token) {
this.$root.storage().token = res.token;
this.$root.socket.token = res.token;
}
} }
}); });
} }