fix for #861

tinode · May 9, 2023 · 30d2f02 · 30d2f02
1 parent 72f9cc1
commit 30d2f02
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 3 deletions.
diff --git a/server/session.go b/server/session.go
@@ -987,7 +987,7 @@ func (s *Session) authSecretReset(params []byte) error {
 		return types.ErrMalformed
 	}
 
-	// Technically we don't need to check it here, but we are going to mail the 'authName' string to the user.
+	// Technically we don't need to check it here, but we are going to mail the 'authScheme' string to the user.
 	// We have to make sure it does not contain any exploits. This is the simplest check.
 	auther := store.Store.GetLogicalAuthHandler(authScheme)
 	if auther == nil {
@@ -1010,8 +1010,12 @@ func (s *Session) authSecretReset(params []byte) error {
 	if err != nil {
 		return err
 	}
+	tempScheme, err := validator.TempAuthScheme()
+	if err != nil {
+		return err
+	}
 
-	code, _, err := store.Store.GetLogicalAuthHandler("code").GenSecret(&auth.Rec{
+	code, _, err := store.Store.GetLogicalAuthHandler(tempScheme).GenSecret(&auth.Rec{
 		Uid:        uid,
 		AuthLevel:  auth.LevelAuth,
 		Features:   auth.FeatureNoLogin,

diff --git a/server/validate/email/validate.go b/server/validate/email/validate.go
@@ -390,6 +390,11 @@ func (v *validator) Remove(user t.Uid, value string) error {
 	return store.Users.DelCred(user, validatorName, value)
 }
 
+// TempAuthScheme returns a temporary authentication method used by this validator.
+func (v *validator) TempAuthScheme() (string, error) {
+	return "token", nil
+}
+
 // SendMail replacement
 func (v *validator) sendMail(rcpt []string, msg []byte) error {
 

diff --git a/server/validate/tel/validate.go b/server/validate/tel/validate.go
@@ -248,6 +248,11 @@ func (*validator) Remove(user t.Uid, value string) error {
 	return store.Users.DelCred(user, validatorName, value)
 }
 
+// TempAuthScheme returns a temporary authentication method used by this validator.
+func (v *validator) TempAuthScheme() (string, error) {
+	return "code", nil
+}
+
 // Implement sending the SMS.
 func (*validator) send(to, body string) error {
 	logs.Info.Println("Send SMS, To:", to, "; Text:", body)

diff --git a/server/validate/validator.go b/server/validate/validator.go
@@ -26,7 +26,7 @@ type Validator interface {
 	// Returns normalized credential prefixed with an appropriate namespace prefix.
 	PreCheck(cred string, params map[string]interface{}) (string, error)
 
-	// Request sends a request for confirmation to the user. Returns true if it's a new credential,
+	// Request sends a request for validation to the user. Returns true if it's a new credential,
 	// false if it re-sent request for an existing unconfirmed credential.
 	//   user: UID of the user making the request.
 	//   cred: credential being validated, such as email or phone.
@@ -52,6 +52,10 @@ type Validator interface {
 
 	// Delete deletes user's record.
 	Delete(user t.Uid) error
+
+	// TempAuthScheme returns a temporary authentication method used by this validator.
+	// It should be either "code" or "token".
+	TempAuthScheme() (string, error)
 }
 
 func ValidateHostURL(origUrl string) (string, error) {