diff --git a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts index 927bb1c6e3..a3c7500960 100644 --- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts +++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts @@ -71,7 +71,8 @@ export async function signup(req: Request, res: Response) { password, email_verification_token, invite_token: null, - invite_token_expires: null + invite_token_expires: null, + email: user.email }); } else { NcError.badRequest('User already exist'); @@ -102,7 +103,8 @@ export async function signup(req: Request, res: Response) { salt, password, email_verification_token, - roles + roles, + token_expired: false }); } user = await User.getByEmail(email); @@ -126,7 +128,8 @@ export async function signup(req: Request, res: Response) { await promisify((req as any).login.bind(req))(user); const refreshToken = randomTokenString(); await User.update(user.id, { - refresh_token: refreshToken + refresh_token: refreshToken, + email: user.email }); setTokenCookie(res, refreshToken); @@ -179,7 +182,9 @@ async function successfulSignIn({ const refreshToken = randomTokenString(); await User.update(user.id, { - refresh_token: refreshToken + refresh_token: refreshToken, + email: user.email, + token_expired: false }); setTokenCookie(res, refreshToken); @@ -249,6 +254,7 @@ async function googleSignin(req, res, next) { function randomTokenString(): string { return crypto.randomBytes(40).toString('hex'); } + function setTokenCookie(res, token): void { // create http only cookie with refresh token that expires in 7 days const cookieOptions = { @@ -285,7 +291,8 @@ async function passwordChange(req: Request, res): Promise { await User.update(user.id, { salt, password, - email: user.email + email: user.email, + token_expired: true }); Audit.insert({ @@ -311,6 +318,7 @@ async function passwordForgot(req: Request, res): Promise { if (user) { const token = uuidv4(); await User.update(user.id, { + email: user.email, reset_password_token: token, reset_password_expires: new Date(Date.now() + 60 * 60 * 1000) }); @@ -363,6 +371,9 @@ async function tokenValidate(req, res): Promise { if (user.reset_password_expires < new Date()) { NcError.badRequest('Password reset url expired'); } + if (user.token_expired) { + NcError.badRequest('Token Expired. Please login again.'); + } res.json(true); } @@ -389,8 +400,10 @@ async function passwordReset(req, res): Promise { await User.update(user.id, { salt, password, + email: user.email, reset_password_expires: null, - reset_password_token: '' + reset_password_token: '', + token_expired: true }); Audit.insert({ @@ -416,6 +429,7 @@ async function emailVerification(req, res): Promise { } await User.update(user.id, { + email: user.email, email_verification_token: '', email_verified: true }); @@ -446,7 +460,9 @@ async function refreshToken(req, res): Promise { const refreshToken = randomTokenString(); await User.update(user.id, { - refresh_token: refreshToken + email: user.email, + refresh_token: refreshToken, + token_expired: false }); setTokenCookie(res, refreshToken); diff --git a/packages/nocodb/src/lib/models/User.ts b/packages/nocodb/src/lib/models/User.ts index 92792da92d..a9d046fac3 100644 --- a/packages/nocodb/src/lib/models/User.ts +++ b/packages/nocodb/src/lib/models/User.ts @@ -22,6 +22,7 @@ export default class User implements UserType { email_verification_token?: string; email_verified: boolean; roles?: string; + token_expired?: boolean; constructor(data: User) { Object.assign(this, data); @@ -43,7 +44,8 @@ export default class User implements UserType { 'reset_password_token', 'email_verification_token', 'email_verified', - 'roles' + 'roles', + 'token_expired' ]); const { id } = await ncMeta.metaInsert2( null, @@ -71,7 +73,8 @@ export default class User implements UserType { 'reset_password_token', 'email_verification_token', 'email_verified', - 'roles' + 'roles', + 'token_expired' ]); // get existing cache const keys = [