diff --git a/src/admin/components/views/ResetPassword/index.tsx b/src/admin/components/views/ResetPassword/index.tsx index 47a71d52d1..5ea2518736 100644 --- a/src/admin/components/views/ResetPassword/index.tsx +++ b/src/admin/components/views/ResetPassword/index.tsx @@ -1,5 +1,6 @@ import React from 'react'; import { Link, useHistory, useParams } from 'react-router-dom'; +import { toast } from 'react-toastify'; import { Trans, useTranslation } from 'react-i18next'; import { useConfig } from '../../utilities/Config'; import { useAuth } from '../../utilities/Auth'; @@ -29,6 +30,9 @@ const ResetPassword: React.FC = () => { if (data.token) { setToken(data.token); history.push(`${admin}`); + } else { + history.push(`${admin}/login`); + toast.success(t('general:updatedSuccessfully'), { autoClose: 3000 }); } }; diff --git a/src/auth/operations/forgotPassword.ts b/src/auth/operations/forgotPassword.ts index 18b41d72a5..535e7dc5ff 100644 --- a/src/auth/operations/forgotPassword.ts +++ b/src/auth/operations/forgotPassword.ts @@ -67,6 +67,7 @@ async function forgotPassword(incomingArgs: Arguments): Promise { resetPasswordToken?: string, resetPasswordExpiration?: number | Date, } + const user: UserDoc = await Model.findOne({ email: (data.email as string).toLowerCase() }); if (!user) return null; diff --git a/src/auth/operations/resetPassword.ts b/src/auth/operations/resetPassword.ts index 2faadb62b6..115db9c07a 100644 --- a/src/auth/operations/resetPassword.ts +++ b/src/auth/operations/resetPassword.ts @@ -62,44 +62,48 @@ async function resetPassword(args: Arguments): Promise { await user.save(); - await user.authenticate(data.password); + let token: string; - const fieldsToSign = collectionConfig.fields.reduce((signedFields, field) => { - if (fieldAffectsData(field) && field.saveToJWT) { - return { - ...signedFields, - [field.name]: user[field.name], + if (!collectionConfig.auth.verify || user._verified) { + await user.authenticate(data.password); + + const fieldsToSign = collectionConfig.fields.reduce((signedFields, field) => { + if (fieldAffectsData(field) && field.saveToJWT) { + return { + ...signedFields, + [field.name]: user[field.name], + }; + } + return signedFields; + }, { + email: user.email, + id: user.id, + collection: collectionConfig.slug, + }); + + token = jwt.sign( + fieldsToSign, + secret, + { + expiresIn: collectionConfig.auth.tokenExpiration, + }, + ); + + if (args.res) { + const cookieOptions = { + path: '/', + httpOnly: true, + expires: getCookieExpiration(collectionConfig.auth.tokenExpiration), + secure: collectionConfig.auth.cookies.secure, + sameSite: collectionConfig.auth.cookies.sameSite, + domain: undefined, }; + + + if (collectionConfig.auth.cookies.domain) cookieOptions.domain = collectionConfig.auth.cookies.domain; + + args.res.cookie(`${config.cookiePrefix}-token`, token, cookieOptions); } - return signedFields; - }, { - email: user.email, - id: user.id, - collection: collectionConfig.slug, - }); - - const token = jwt.sign( - fieldsToSign, - secret, - { - expiresIn: collectionConfig.auth.tokenExpiration, - }, - ); - - if (args.res) { - const cookieOptions = { - path: '/', - httpOnly: true, - expires: getCookieExpiration(collectionConfig.auth.tokenExpiration), - secure: collectionConfig.auth.cookies.secure, - sameSite: collectionConfig.auth.cookies.sameSite, - domain: undefined, - }; - - - if (collectionConfig.auth.cookies.domain) cookieOptions.domain = collectionConfig.auth.cookies.domain; - - args.res.cookie(`${config.cookiePrefix}-token`, token, cookieOptions); } const fullUser = await payload.findByID({ collection: collectionConfig.slug, id: user.id, overrideAccess }); diff --git a/src/auth/types.ts b/src/auth/types.ts index 0d535c4578..a0f9c3254f 100644 --- a/src/auth/types.ts +++ b/src/auth/types.ts @@ -66,6 +66,7 @@ export interface UserDocument extends PayloadMongooseDocument { authenticate: (pass: string) => Promise resetPasswordExpiration: number email: string + _verified?: boolean } type GenerateVerifyEmailHTML = (args: { req: PayloadRequest, token: string, user: any }) => Promise | string