diff options
| author | Corey Hulen <corey@hulen.com> | 2016-11-14 10:48:33 -0800 |
|---|---|---|
| committer | Harrison Healey <harrisonmhealey@gmail.com> | 2016-11-14 13:48:33 -0500 |
| commit | e39a50e4d6ba93b457141cd3ed640a9448421ba4 (patch) | |
| tree | 8ea5176673a725ea5a41361218112d021a05b5ba /api | |
| parent | 814d2fc88d000c61b4430fa00cbadeb9674091c5 (diff) | |
| download | chat-e39a50e4d6ba93b457141cd3ed640a9448421ba4.tar.gz chat-e39a50e4d6ba93b457141cd3ed640a9448421ba4.tar.bz2 chat-e39a50e4d6ba93b457141cd3ed640a9448421ba4.zip | |
Fixing problem with email verification link (#4547)
Diffstat (limited to 'api')
| -rw-r--r-- | api/user.go | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/api/user.go b/api/user.go index e78b5be03..9c24609ce 100644 --- a/api/user.go +++ b/api/user.go @@ -376,7 +376,7 @@ func sendWelcomeEmail(c *Context, userId string, email string, siteURL string, v } if !verified { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(email)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(email)) bodyPage.Props["VerifyUrl"] = link } @@ -423,7 +423,7 @@ func addDirectChannels(teamId string, user *model.User) { } func SendVerifyEmail(c *Context, userId, userEmail, siteURL string) { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(userEmail)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(userEmail)) url, _ := url.Parse(siteURL) @@ -1863,7 +1863,7 @@ func sendEmailChangeEmail(c *Context, oldEmail, newEmail, siteURL string) { } func SendEmailChangeVerifyEmail(c *Context, userId, newUserEmail, siteURL string) { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(newUserEmail)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(newUserEmail)) subjectPage := utils.NewHTMLTemplate("email_change_verify_subject", c.Locale) subjectPage.Props["Subject"] = c.T("api.templates.email_change_verify_subject", @@ -2269,7 +2269,7 @@ func verifyEmail(c *Context, w http.ResponseWriter, r *http.Request) { return } - if model.ComparePassword(hashedId, userId) { + if model.ComparePassword(hashedId, userId+utils.Cfg.EmailSettings.InviteSalt) { if c.Err = (<-Srv.Store.User().VerifyEmail(userId)).Err; c.Err != nil { return } else { |