github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-07 20:31:06 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #3883 from overleaf/bg-expire-tokens

Browse source 
expire tokens from mongo

GitOrigin-RevId: 5666fd40d04e122f2bc2a22bff24c0723e1e9a73
This commit is contained in:
Brian Gough 2021-04-07 14:12:48 +01:00 committed by Copybot
parent 0aba0300d1
commit 11b4d91d9e
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
services/web/app/src/Features/User/UserEmailsConfirmationHandler.js
View file

@ -7,7 +7,8 @@ const UserUpdater = require('./UserUpdater')
const UserGetter = require('./UserGetter') const UserGetter = require('./UserGetter')
const { promisify } = require('util') const { promisify } = require('util')
const ONE_YEAR_IN_S = 365 * 24 * 60 * 60 // Reject email confirmation tokens after 90 days
const TOKEN_EXPIRY_IN_S = 90 * 24 * 60 * 60
function sendConfirmationEmail(userId, email, emailTemplate, callback) { function sendConfirmationEmail(userId, email, emailTemplate, callback) {
if (arguments.length === 3) { if (arguments.length === 3) {
@ -29,7 +30,7 @@ function sendConfirmationEmail(userId, email, emailTemplate, callback) {
OneTimeTokenHandler.getNewToken( OneTimeTokenHandler.getNewToken(
'email_confirmation', 'email_confirmation',
data, data,
{ expiresIn: ONE_YEAR_IN_S }, { expiresIn: TOKEN_EXPIRY_IN_S },
function(err, token) { function(err, token) {
if (err) { if (err) {
return callback(err) return callback(err)

2
services/web/test/unit/src/User/UserEmailsConfirmationHandlerTests.js
View file

@ -70,7 +70,7 @@ describe('UserEmailsConfirmationHandler', function() {
.calledWith( .calledWith(
'email_confirmation', 'email_confirmation',
{ user_id: this.user_id, email: this.email }, { user_id: this.user_id, email: this.email },
{ expiresIn: 365 * 24 * 60 * 60 } { expiresIn: 90 * 24 * 60 * 60 }
) )
.should.equal(true) .should.equal(true)
}) })