Archives/Athou_commafeed
1
0
Fork 1
mirror of https://github.com/Athou/commafeed.git synced 2026-03-21 21:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

avoid exposing registered email addresses

Browse Source
This commit is contained in:
Athou
2022-07-13 13:28:07 +02:00
parent d82bb22341
commit 9bbfc2de3f
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/app/js/controllers.js
View File

@@ -1683,7 +1683,7 @@ module.controller("LoginCtrl", [
} }
var recovery_success = function (data) { var recovery_success = function (data) {
$scope.recovery_message = "Email has ben sent. Check your inbox." $scope.recovery_message = "An email has been sent if this address was registered. Check your inbox."
} }
var recovery_error = function (data) { var recovery_error = function (data) {
$scope.recovery_message = data.data $scope.recovery_message = data.data

3
src/main/java/com/commafeed/frontend/resource/UserREST.java
View File

@@ -259,8 +259,9 @@ public class UserREST {
public Response sendPasswordReset(@Valid @ApiParam(required = true) PasswordResetRequest req) { public Response sendPasswordReset(@Valid @ApiParam(required = true) PasswordResetRequest req) {
User user = userDAO.findByEmail(req.getEmail()); User user = userDAO.findByEmail(req.getEmail());
if (user == null) { if (user == null) {
return Response.status(Status.PRECONDITION_FAILED).entity("Email not found.").type(MediaType.TEXT_PLAIN).build(); return Response.ok().build();
} }
try { try {
user.setRecoverPasswordToken(DigestUtils.sha1Hex(UUID.randomUUID().toString())); user.setRecoverPasswordToken(DigestUtils.sha1Hex(UUID.randomUUID().toString()));
user.setRecoverPasswordTokenDate(new Date()); user.setRecoverPasswordTokenDate(new Date());