From 4c7d8f9c70a70a1bfb0a6f9c62d396c9f204d311 Mon Sep 17 00:00:00 2001 From: joel Date: Mon, 9 Dec 2024 17:21:26 +0800 Subject: [PATCH 1/4] fix: update conditions for setting token --- internal/api/mail.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/api/mail.go b/internal/api/mail.go index b1492dffb5..a441264a3d 100644 --- a/internal/api/mail.go +++ b/internal/api/mail.go @@ -662,7 +662,7 @@ func (a *API) sendEmail(r *http.Request, tx *storage.Connection, u *models.User, SiteURL: externalURL.String(), TokenHash: tokenHashWithPrefix, } - if emailActionType == mail.EmailChangeVerification && config.Mailer.SecureEmailChangeEnabled && u.GetEmail() != "" { + if emailActionType == mail.EmailChangeVerification && config.Mailer.SecureEmailChangeEnabled { emailData.TokenNew = otpNew emailData.TokenHashNew = u.EmailChangeTokenCurrent } From efa0f2d86dc1f99eb695928d5bfd14d95c827d3a Mon Sep 17 00:00:00 2001 From: joel Date: Tue, 17 Dec 2024 20:55:59 +0800 Subject: [PATCH 2/4] fix: refactor checks --- internal/api/mail.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/internal/api/mail.go b/internal/api/mail.go index a441264a3d..f018b071d2 100644 --- a/internal/api/mail.go +++ b/internal/api/mail.go @@ -650,11 +650,6 @@ func (a *API) sendEmail(r *http.Request, tx *storage.Connection, u *models.User, } if config.Hook.SendEmail.Enabled { - // When secure email change is disabled, we place the token for the new email on emailData.Token - if emailActionType == mail.EmailChangeVerification && !config.Mailer.SecureEmailChangeEnabled && u.GetEmail() != "" { - otp = otpNew - } - emailData := mail.EmailData{ Token: otp, EmailActionType: emailActionType, @@ -662,9 +657,14 @@ func (a *API) sendEmail(r *http.Request, tx *storage.Connection, u *models.User, SiteURL: externalURL.String(), TokenHash: tokenHashWithPrefix, } - if emailActionType == mail.EmailChangeVerification && config.Mailer.SecureEmailChangeEnabled { - emailData.TokenNew = otpNew - emailData.TokenHashNew = u.EmailChangeTokenCurrent + if emailActionType == mail.EmailChangeVerification { + // When secure email change is disabled, we place the token for the new email on emailData.Token + if !config.Mailer.SecureEmailChangeEnabled { + emailData.Token = otpNew + } else { + emailData.TokenNew = otpNew + emailData.TokenHashNew = u.EmailChangeTokenCurrent + } } input := hooks.SendEmailInput{ User: u, From 409c9414d166231658e18606548258ea0ea4a4bb Mon Sep 17 00:00:00 2001 From: joel Date: Tue, 17 Dec 2024 21:09:42 +0800 Subject: [PATCH 3/4] fix: update the token inserted --- internal/api/mail.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/api/mail.go b/internal/api/mail.go index f018b071d2..7486ba6084 100644 --- a/internal/api/mail.go +++ b/internal/api/mail.go @@ -660,10 +660,11 @@ func (a *API) sendEmail(r *http.Request, tx *storage.Connection, u *models.User, if emailActionType == mail.EmailChangeVerification { // When secure email change is disabled, we place the token for the new email on emailData.Token if !config.Mailer.SecureEmailChangeEnabled { + // Token Hash should already be set above emailData.Token = otpNew } else { emailData.TokenNew = otpNew - emailData.TokenHashNew = u.EmailChangeTokenCurrent + emailData.TokenHashNew = tokenHashWithPrefix } } input := hooks.SendEmailInput{ From 71213f7f14f9ee1934efd9934f7514f4b2486707 Mon Sep 17 00:00:00 2001 From: joel Date: Tue, 17 Dec 2024 22:48:01 +0800 Subject: [PATCH 4/4] fix: revert to using EmailChangeTokenCurrent --- internal/api/mail.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/api/mail.go b/internal/api/mail.go index 7486ba6084..35c0c42532 100644 --- a/internal/api/mail.go +++ b/internal/api/mail.go @@ -664,7 +664,7 @@ func (a *API) sendEmail(r *http.Request, tx *storage.Connection, u *models.User, emailData.Token = otpNew } else { emailData.TokenNew = otpNew - emailData.TokenHashNew = tokenHashWithPrefix + emailData.TokenHashNew = u.EmailChangeTokenCurrent } } input := hooks.SendEmailInput{