diff options
| author | Christopher Speller <crspeller@gmail.com> | 2016-11-15 08:06:58 -0500 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2016-11-15 08:06:58 -0500 |
| commit | e4f46124b0aa0d661bf59f229c0ebc3c7dc65d1d (patch) | |
| tree | 1cc25ee31b1de89653d72df0412967959963861f /api | |
| parent | 7df8eaf29aa59467236c1b434bc09ccc33cd011f (diff) | |
| parent | 3f19ccf1b1a6efdcc990cf8a0270ec4ffc0c6e22 (diff) | |
| download | chat-e4f46124b0aa0d661bf59f229c0ebc3c7dc65d1d.tar.gz chat-e4f46124b0aa0d661bf59f229c0ebc3c7dc65d1d.tar.bz2 chat-e4f46124b0aa0d661bf59f229c0ebc3c7dc65d1d.zip | |
Merge branch 'release-3.5'
Diffstat (limited to 'api')
| -rw-r--r-- | api/user.go | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/api/user.go b/api/user.go index 93a07134d..2238aca8b 100644 --- a/api/user.go +++ b/api/user.go @@ -376,7 +376,7 @@ func sendWelcomeEmail(c *Context, userId string, email string, siteURL string, v } if !verified { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(email)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(email)) bodyPage.Props["VerifyUrl"] = link } @@ -423,7 +423,7 @@ func addDirectChannels(teamId string, user *model.User) { } func SendVerifyEmail(c *Context, userId, userEmail, siteURL string) { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(userEmail)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(userEmail)) url, _ := url.Parse(siteURL) @@ -1858,7 +1858,7 @@ func sendEmailChangeEmail(c *Context, oldEmail, newEmail, siteURL string) { } func SendEmailChangeVerifyEmail(c *Context, userId, newUserEmail, siteURL string) { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(newUserEmail)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(newUserEmail)) subject := fmt.Sprintf("[%v] %v", utils.Cfg.TeamSettings.SiteName, c.T("api.templates.email_change_verify_subject", map[string]interface{}{"TeamDisplayName": utils.Cfg.TeamSettings.SiteName})) @@ -2260,7 +2260,7 @@ func verifyEmail(c *Context, w http.ResponseWriter, r *http.Request) { return } - if model.ComparePassword(hashedId, userId) { + if model.ComparePassword(hashedId, userId+utils.Cfg.EmailSettings.InviteSalt) { if c.Err = (<-Srv.Store.User().VerifyEmail(userId)).Err; c.Err != nil { return } else { |