Feat: Refresh login token for the client initiating password change (#4214)

This commit is contained in:
Nelson Chan 2023-12-18 19:52:49 +08:00 committed by GitHub
parent 996ff28ed9
commit c9fe6b5d01
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 2 deletions

View file

@ -25,8 +25,14 @@ class User extends BeanModel {
* @returns {Promise<void>}
*/
async resetPassword(newPassword) {
await User.resetPassword(this.id, newPassword);
this.password = newPassword;
const hashedPassword = passwordHash.generate(newPassword);
await R.exec("UPDATE `user` SET password = ? WHERE id = ? ", [
hashedPassword,
this.id
]);
this.password = hashedPassword;
}
/**

View file

@ -1270,6 +1270,7 @@ let needSetup = false;
callback({
ok: true,
token: User.createJWT(user, server.jwtSecret),
msg: "successAuthChangePassword",
msgi18n: true,
});

View file

@ -177,6 +177,12 @@ export default {
this.password.currentPassword = "";
this.password.newPassword = "";
this.password.repeatNewPassword = "";
// Update token of the current session
if (res.token) {
this.$root.storage().token = res.token;
this.$root.socket.token = res.token;
}
}
});
}