admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 01:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): Use JWT as reset password token (#6714)

Browse Source 
* use jwt to reset password

* increase expiration time to 1d

* drop user id query string

* refactor

* use service instead of package in tests

* sqlite migration

* postgres migration

* mysql migration

* remove unused properties

* remove userId from FE

* fix test for users.api

* move migration to the common folder

* move type assertion to the jwt.service

* Add jwt secret as a readonly property

* use signData instead of sign in user.controller

* remove base class

* remove base class

* add tests
This commit is contained in:
Ricardo Espinoza
2023-07-24 17:40:17 -04:00
committed by GitHub
parent c2511a829c
commit 89f44021b9
19 changed files with 209 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
packages/cli/src/controllers/users.controller.ts
View File

@@ -49,6 +49,7 @@ import { plainToInstance } from 'class-transformer';
import { License } from '@/License';
import { Container } from 'typedi';
import { RESPONSE_ERROR_MESSAGES } from '@/constants';
import type { JwtService } from '@/services/jwt.service';
@Authorized(['global', 'owner'])
@RestController('/users')
@@ -73,6 +74,8 @@ export class UsersController {
private mailer: UserManagementMailer;
private jwtService: JwtService;
private postHog?: PostHogClient;
constructor({
@@ -83,6 +86,7 @@ export class UsersController {
repositories,
activeWorkflowRunner,
mailer,
jwtService,
postHog,
}: {
config: Config;
@@ -95,6 +99,7 @@ export class UsersController {
>;
activeWorkflowRunner: ActiveWorkflowRunner;
mailer: UserManagementMailer;
jwtService: JwtService;
postHog?: PostHogClient;
}) {
this.config = config;
@@ -107,6 +112,7 @@ export class UsersController {
this.sharedWorkflowRepository = repositories.SharedWorkflow;
this.activeWorkflowRunner = activeWorkflowRunner;
this.mailer = mailer;
this.jwtService = jwtService;
this.postHog = postHog;
}
@@ -382,7 +388,17 @@ export class UsersController {
if (!user) {
throw new NotFoundError('User not found');
}
const link = await UserService.generatePasswordResetUrl(user);
const resetPasswordToken = this.jwtService.signData(
{ sub: user.id },
{
expiresIn: '1d',
},
);
const baseUrl = getInstanceBaseUrl();
const link = await UserService.generatePasswordResetUrl(baseUrl, resetPasswordToken);
return {
link,
};