dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use TOKEN kind for mail password reset sessions (#1743)

Browse Source
This commit is contained in:
Clément OUDOT 2019-05-12 20:04:38 +02:00
parent 07de622e83
commit 682b193477
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm
View File

@ -28,7 +28,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_USERNOTFOUND
);
our $VERSION = '2.0.3';
our $VERSION = '2.0.4';
extends 'Lemonldap::NG::Portal::Main::Plugin',
'Lemonldap::NG::Portal::Lib::SMTP', 'Lemonldap::NG::Portal::Lib::_tokenRule';
@ -112,7 +112,8 @@ sub _reset {
$self->logger->debug("Token given for password reset: $mailToken");
# Check if token is valid
my $mailSession = $self->p->getApacheSession($mailToken);
my $mailSession =
$self->p->getApacheSession( $mailToken, kind => "TOKEN" );
unless ($mailSession) {
$self->userLogger->warn('Bad reset token');
return PE_BADMAILTOKEN;
@ -251,7 +252,8 @@ sub _reset {
$infos->{_pdata} = $req->pdata;
# create session
$mailSession = $self->p->getApacheSession( undef, info => $infos );
$mailSession =
$self->p->getApacheSession( undef, kind => "TOKEN", info => $infos );
$req->id( $mailSession->id );
}