yverry
/
api
forked from vikunja/vikunja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make sure a password reset token can be used only once

This commit is contained in:
kolaente 2020-12-30 21:51:45 +01:00
parent 787044628f
commit ac23536c36
Signed by untrusted user: konrad
GPG Key ID: F40E70337AB24C9B
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/user/user_password_reset.go
View File

@ -63,7 +63,9 @@ func ResetPassword(s *xorm.Session, reset *PasswordReset) (err error) {
}
// Save it
user.PasswordResetToken = ""
_, err = s.
Cols("password", "password_reset_token").
Where("id = ?", user.ID).
Update(&user)
if err != nil {