fix(core): Use JWT as reset password token (#6714)

* use jwt to reset password * increase expiration time to 1d * drop user id query string * refactor * use service instead of package in tests * sqlite migration * postgres migration * mysql migration * remove unused properties * remove userId from FE * fix test for users.api * move migration to the common folder * move type assertion to the jwt.service * Add jwt secret as a readonly property * use signData instead of sign in user.controller * remove base class * remove base class * add tests
2025-12-17 01:56:46 +00:00 · 2023-07-24 17:40:17 -04:00
parent c2511a829c
commit 89f44021b9
19 changed files with 209 additions and 146 deletions
--- a/packages/cli/src/Server.ts
+++ b/packages/cli/src/Server.ts
@@ -169,6 +169,7 @@ import { SourceControlService } from '@/environments/sourceControl/sourceControl
 import { SourceControlController } from '@/environments/sourceControl/sourceControl.controller.ee';
 import { ExecutionRepository } from '@db/repositories';
 import type { ExecutionEntity } from '@db/entities/ExecutionEntity';
+import { JwtService } from './services/jwt.service';

 const exec = promisify(callbackExec);

@@ -463,6 +464,7 @@ export class Server extends AbstractServer {
 		const internalHooks = Container.get(InternalHooks);
 		const mailer = Container.get(UserManagementMailer);
 		const postHog = this.postHog;
+		const jwtService = Container.get(JwtService);

 		const controllers: object[] = [
 			new EventBusController(),
@@ -477,6 +479,7 @@ export class Server extends AbstractServer {
 				mailer,
 				repositories,
 				logger,
+				jwtService,
 			}),
 			new TagsController({ config, repositories, externalHooks }),
 			new TranslationController(config, this.credentialTypes),
@@ -489,6 +492,7 @@ export class Server extends AbstractServer {
 				activeWorkflowRunner,
 				logger,
 				postHog,
+				jwtService,
 			}),
 			Container.get(SamlController),
 			Container.get(SourceControlController),