diff options
Diffstat (limited to 'api/user.go')
-rw-r--r-- | api/user.go | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/api/user.go b/api/user.go index 93a07134d..2238aca8b 100644 --- a/api/user.go +++ b/api/user.go @@ -376,7 +376,7 @@ func sendWelcomeEmail(c *Context, userId string, email string, siteURL string, v } if !verified { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(email)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(email)) bodyPage.Props["VerifyUrl"] = link } @@ -423,7 +423,7 @@ func addDirectChannels(teamId string, user *model.User) { } func SendVerifyEmail(c *Context, userId, userEmail, siteURL string) { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(userEmail)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(userEmail)) url, _ := url.Parse(siteURL) @@ -1858,7 +1858,7 @@ func sendEmailChangeEmail(c *Context, oldEmail, newEmail, siteURL string) { } func SendEmailChangeVerifyEmail(c *Context, userId, newUserEmail, siteURL string) { - link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId), url.QueryEscape(newUserEmail)) + link := fmt.Sprintf("%s/do_verify_email?uid=%s&hid=%s&email=%s", siteURL, userId, model.HashPassword(userId+utils.Cfg.EmailSettings.InviteSalt), url.QueryEscape(newUserEmail)) subject := fmt.Sprintf("[%v] %v", utils.Cfg.TeamSettings.SiteName, c.T("api.templates.email_change_verify_subject", map[string]interface{}{"TeamDisplayName": utils.Cfg.TeamSettings.SiteName})) @@ -2260,7 +2260,7 @@ func verifyEmail(c *Context, w http.ResponseWriter, r *http.Request) { return } - if model.ComparePassword(hashedId, userId) { + if model.ComparePassword(hashedId, userId+utils.Cfg.EmailSettings.InviteSalt) { if c.Err = (<-Srv.Store.User().VerifyEmail(userId)).Err; c.Err != nil { return } else { |