Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-09-22 06:00:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

📧 fix: Cancel Signup if Email Issuance Fails (#3010)

Browse source 
* fix: user.id assignment in jwtStrategy.js

* refactor(sendEmail): pass params as object, await email sending to propogate errors and restrict registration flow

* fix(Conversations): handle missing updatedAt field

* refactor: use `processDeleteRequest` when deleting user account for user file deletion

* refactor: delete orphaned files when deleting user account

* fix: remove unnecessary 404 status code in server/index.js
This commit is contained in:
Danny Avila 2024-06-08 06:51:29 -04:00 committed by GitHub
parent 084cf266a2
commit 92232afaca
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 104 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

92
api/server/services/AuthService.js
View file

@ -2,12 +2,13 @@ const crypto = require('crypto');
const bcrypt = require('bcryptjs');
const { errorsToString } = require('librechat-data-provider');
const {
findUser,
countUsers,
createUser,
findUser,
updateUser,
generateToken,
getUserById,
generateToken,
deleteUserById,
} = require('~/models/userMethods');
const { sendEmail, checkEmailConfig } = require('~/server/utils');
const { registerSchema } = require('~/strategies/validators');
@ -61,6 +62,19 @@ const sendVerificationEmail = async (user) => {
let verifyToken = crypto.randomBytes(32).toString('hex');
const hash = bcrypt.hashSync(verifyToken, 10);
const verificationLink = `${domains.client}/verify?token=${verifyToken}&email=${user.email}`;
await sendEmail({
email: user.email,
subject: 'Verify your email',
payload: {
appName: process.env.APP_TITLE || 'LibreChat',
name: user.name,
verificationLink: verificationLink,
year: new Date().getFullYear(),
},
template: 'verifyEmail.handlebars',
});
await new Token({
userId: user._id,
email: user.email,
@ -68,21 +82,7 @@ const sendVerificationEmail = async (user) => {
createdAt: Date.now(),
}).save();
const verificationLink = `${domains.client}/verify?token=${verifyToken}&email=${user.email}`;
logger.info(`[sendVerificationEmail] Verification link issued. [Email: ${user.email}]`);
sendEmail(
user.email,
'Verify your email',
{
appName: process.env.APP_TITLE || 'LibreChat',
name: user.name,
verificationLink: verificationLink,
year: new Date().getFullYear(),
},
'verifyEmail.handlebars',
);
return;
};
/**
@ -136,6 +136,7 @@ const registerUser = async (user) => {
const { email, password, name, username } = user;
let newUserId;
try {
const existingUser = await findUser({ email }, 'email _id');
@ -173,7 +174,7 @@ const registerUser = async (user) => {
};
const emailEnabled = checkEmailConfig();
const newUserId = await createUser(newUserData, false);
newUserId = await createUser(newUserData, false);
if (emailEnabled) {
await sendVerificationEmail({
_id: newUserId,
@ -187,6 +188,12 @@ const registerUser = async (user) => {
return { status: 200, message: genericVerificationMessage };
} catch (err) {
logger.error('[registerUser] Error in registering user:', err);
if (newUserId) {
const result = await deleteUserById(newUserId);
logger.warn(
`[registerUser] [Email: ${email}] [Temporary User deleted: ${JSON.stringify(result)}]`,
);
}
return { status: 500, message: 'Something went wrong' };
}
};
@ -226,17 +233,17 @@ const requestPasswordReset = async (req) => {
const link = `${domains.client}/reset-password?token=${resetToken}&userId=${user._id}`;
if (emailEnabled) {
sendEmail(
user.email,
'Password Reset Request',
{
await sendEmail({
email: user.email,
subject: 'Password Reset Request',
payload: {
appName: process.env.APP_TITLE || 'LibreChat',
name: user.name,
link: link,
year: new Date().getFullYear(),
},
'requestPasswordReset.handlebars',
);
template: 'requestPasswordReset.handlebars',
});
logger.info(
`[requestPasswordReset] Link emailed. [Email: ${email}] [ID: ${user._id}] [IP: ${req.ip}]`,
);
@ -277,16 +284,16 @@ const resetPassword = async (userId, token, password) => {
const user = await updateUser(userId, { password: hash });
if (checkEmailConfig()) {
sendEmail(
user.email,
'Password Reset Successfully',
{
await sendEmail({
email: user.email,
subject: 'Password Reset Successfully',
payload: {
appName: process.env.APP_TITLE || 'LibreChat',
name: user.name,
year: new Date().getFullYear(),
},
'passwordReset.handlebars',
);
template: 'passwordReset.handlebars',
});
}
await passwordResetToken.deleteOne();
@ -356,6 +363,20 @@ const resendVerificationEmail = async (req) => {
let verifyToken = crypto.randomBytes(32).toString('hex');
const hash = bcrypt.hashSync(verifyToken, 10);
const verificationLink = `${domains.client}/verify?token=${verifyToken}&email=${user.email}`;
await sendEmail({
email: user.email,
subject: 'Verify your email',
payload: {
appName: process.env.APP_TITLE || 'LibreChat',
name: user.name,
verificationLink: verificationLink,
year: new Date().getFullYear(),
},
template: 'verifyEmail.handlebars',
});
await new Token({
userId: user._id,
email: user.email,
@ -363,21 +384,8 @@ const resendVerificationEmail = async (req) => {
createdAt: Date.now(),
}).save();
const verificationLink = `${domains.client}/verify?token=${verifyToken}&email=${user.email}`;
logger.info(`[resendVerificationEmail] Verification link issued. [Email: ${user.email}]`);
sendEmail(
user.email,
'Verify your email',
{
appName: process.env.APP_TITLE || 'LibreChat',
name: user.name,
verificationLink: verificationLink,
year: new Date().getFullYear(),
},
'verifyEmail.handlebars',
);
return {
status: 200,
message: genericVerificationMessage,