handle confirmed email better

This commit is contained in:
Wyatt Johnson
2018-05-03 17:50:53 -06:00
parent fa66f07db6
commit 949925586f
4 changed files with 41 additions and 1 deletions
@@ -0,0 +1,34 @@
import update from 'immutability-helper';
import get from 'lodash/get';
export default {
mutations: {
UpdateEmailAddress: () => ({
updateQueries: {
CoralEmbedStream_Profile: previousData => {
// Find the local profile (if they have one).
const localIndex = get(previousData, 'me.profiles', []).indexOf(
({ provider }) => provider === 'local'
);
if (localIndex < 0) {
return previousData;
}
// Mutate the confirmedAt, because we changed the email address, they
// can't possibly be confirmed now as well.
return update(previousData, {
me: {
profiles: {
[localIndex]: {
confirmedAt: {
$set: null,
},
},
},
},
});
},
},
}),
},
};
@@ -1,6 +1,7 @@
import ChangePassword from './containers/ChangePassword';
import Profile from './containers/Profile';
import translations from './translations.yml';
import graphql from './graphql';
export default {
translations,
@@ -8,4 +9,5 @@ export default {
profileHeader: [Profile],
profileSettings: [ChangePassword],
},
...graphql,
};
@@ -43,6 +43,7 @@ async function updateUserEmailAddress(ctx, email, confirmPassword) {
},
{
$set: { 'profiles.$.id': email },
$unset: { 'profiles.$.metadata.confirmed_at': 1 },
}
);
+4 -1
View File
@@ -32,6 +32,7 @@ const i18n = require('./i18n');
const Wordlist = require('./wordlist');
const DomainList = require('./domain_list');
const Limit = require('./limit');
const { get } = require('lodash');
const EMAIL_CONFIRM_JWT_SUBJECT = 'email_confirm';
const PASSWORD_RESET_JWT_SUBJECT = 'password_reset';
@@ -965,7 +966,9 @@ class Users {
throw new ErrNotFound();
}
if (profile.metadata && profile.metadata.confirmed_at !== null) {
// Check to see if the profile has already been confirmed.
const confirmedAt = get(profile, 'metadata.confirmed_at', null);
if (confirmedAt && confirmedAt < Date.now()) {
throw new ErrEmailAlreadyVerified();
}