Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: password reset when provider is changed #13706

Merged
merged 3 commits into from
Feb 15, 2024
Merged

fix: password reset when provider is changed #13706

merged 3 commits into from
Feb 15, 2024

Conversation

Udit-takkar
Copy link
Contributor

@Udit-takkar Udit-takkar commented Feb 15, 2024
edited
Loading

What does this PR do?

Fixes

image

How to reproduce the bug?

  1. Login in with google

  2. Change your email which would send password reset email and change your provider from google to CAL

@graphite-app graphite-app bot requested a review from a team February 15, 2024 12:02
@Udit-takkar Udit-takkar requested review from ThyMinimalDev and removed request for a team February 15, 2024 12:02
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 15, 2024
edited
Loading

Thank you for following the naming conventions! 🙏 Feel free to join our discord and post your PR link.

@keithwillcode keithwillcode added consumer core area: core, team members only labels Feb 15, 2024
@Udit-takkar Udit-takkar added the Urgent Created by Linear-GitHub Sync label Feb 15, 2024
@vercel Vercel
Copy link

vercel bot commented Feb 15, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

4 Ignored Deployments
Name Status Preview Comments Updated (UTC)
ai ⬜️ Ignored (Inspect) Visit Preview Feb 15, 2024 0:52am
cal ⬜️ Ignored (Inspect) Visit Preview Feb 15, 2024 0:52am
calcom-web-canary ⬜️ Ignored (Inspect) Visit Preview Feb 15, 2024 0:52am
qa ⬜️ Ignored (Inspect) Visit Preview Feb 15, 2024 0:52am

@graphite-app Graphite App
Copy link

graphite-app bot commented Feb 15, 2024

Graphite Automations

A Graphite automation took an action on this PR • (02/15/24)

1 reviewer was added based on Keith Williams's automation, 'Add consumer team as reviewer'

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 15, 2024
edited
Loading

📦 Next.js Bundle Analysis for @calcom/web

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

@ThyMinimalDev ThyMinimalDev requested a review from a team February 15, 2024 12:14
@deploysentinel DeploySentinel
Copy link

deploysentinel bot commented Feb 15, 2024
edited
Loading

Current Playwright Test Results Summary

✅ 63 Passing - ⚠️ 2 Flaky

Run may still be in progress, this comment will be updated as current testing workflow or job completes...

(Last updated on 02/15/2024 01:18:08pm UTC)

Run Details

Running Workflow PR Update on Github Actions

Commit: ad6c1d6

Started: 02/15/2024 01:15:29pm UTC

⚠️ Flakes

📄   apps/web/playwright/profile.e2e.ts • 2 Flakes

Top 1 Common Error Messages

null

 2 Test Cases Affected

Test Case Results

Test Case Last 7 days Failures Last 7 days Flakes
Update Profile Cannot update a users email when existing user has same email (verification enabled)
Retry 1Initial Attempt
0.40% (1) 1 / 249 run
failed over last 7 days
49.40% (123) 123 / 249 runs
flaked over last 7 days
Update Profile Can update a users email (verification enabled)
Retry 1Initial Attempt
11.65% (29) 29 / 249 runs
failed over last 7 days
54.22% (135) 135 / 249 runs
flaked over last 7 days

View Detailed Build Results

ThyMinimalDev
ThyMinimalDev reviewed Feb 15, 2024
View reviewed changes
apps/web/pages/api/auth/reset-password.ts Outdated
},
},
emailVerified: new Date(),
},
});
} catch (e) {
console.error("Error updating password", e);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the error is not necessarily related to updating the password, could also fail if the email is not found

emrysal
emrysal reviewed Feb 15, 2024
View reviewed changes
apps/web/pages/api/auth/reset-password.ts Outdated
},
},
emailVerified: new Date(),
},
});
} catch (e) {
console.error("Error updating password", e);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This has the potential to thoroughly spam our logs if someone bruteforces the password reset

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should i remove the log then?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

or add checkRateLimitAndThrowError

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think we can just remove the log

@ThyMinimalDev ThyMinimalDev enabled auto-merge (squash) February 15, 2024 13:15
@ThyMinimalDev ThyMinimalDev merged commit b5730da into main Feb 15, 2024
38 checks passed
@ThyMinimalDev ThyMinimalDev deleted the fix/pass-reset branch February 15, 2024 13:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emrysal emrysal emrysal left review comments

@ThyMinimalDev ThyMinimalDev ThyMinimalDev approved these changes

Assignees
No one assigned
Labels
consumer core area: core, team members only Urgent Created by Linear-GitHub Sync
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Udit-takkar @emrysal @ThyMinimalDev @keithwillcode