From c9fe6b5d0166f66a9837f489aa453fb128ce53db Mon Sep 17 00:00:00 2001 From: Nelson Chan <3271800+chakflying@users.noreply.github.com> Date: Mon, 18 Dec 2023 19:52:49 +0800 Subject: [PATCH] Feat: Refresh login token for the client initiating password change (#4214) --- server/model/user.js | 10 ++++++++-- server/server.js | 1 + src/components/settings/Security.vue | 6 ++++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/server/model/user.js b/server/model/user.js index 2dd3c51ed..329402ff5 100644 --- a/server/model/user.js +++ b/server/model/user.js @@ -25,8 +25,14 @@ class User extends BeanModel { * @returns {Promise} */ async resetPassword(newPassword) { - await User.resetPassword(this.id, newPassword); - this.password = newPassword; + const hashedPassword = passwordHash.generate(newPassword); + + await R.exec("UPDATE `user` SET password = ? WHERE id = ? ", [ + hashedPassword, + this.id + ]); + + this.password = hashedPassword; } /** diff --git a/server/server.js b/server/server.js index 0dad13705..95fd8b15d 100644 --- a/server/server.js +++ b/server/server.js @@ -1270,6 +1270,7 @@ let needSetup = false; callback({ ok: true, + token: User.createJWT(user, server.jwtSecret), msg: "successAuthChangePassword", msgi18n: true, }); diff --git a/src/components/settings/Security.vue b/src/components/settings/Security.vue index cd6e7dfee..5d8aed85b 100644 --- a/src/components/settings/Security.vue +++ b/src/components/settings/Security.vue @@ -177,6 +177,12 @@ export default { this.password.currentPassword = ""; this.password.newPassword = ""; this.password.repeatNewPassword = ""; + + // Update token of the current session + if (res.token) { + this.$root.storage().token = res.token; + this.$root.socket.token = res.token; + } } }); }