rainbownapkin/canopy
1
0
Fork 0
Code Issues 2 Pull requests Actions Packages Projects Releases Wiki Activity

Password reset tokens now auto-expire when new reset requests are made.

Browse source
This commit is contained in:
rainbow napkin 2025-09-06 00:59:38 -04:00
parent edbc9909a1
commit cb5f1dbf9b
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/schemas/user/passwordResetSchema.js
View file

@ -72,6 +72,12 @@ passwordResetSchema.pre('save', async function (next){
this.ipHash = hashUtil.hashIP(this.ipHash); this.ipHash = hashUtil.hashIP(this.ipHash);
} }
//If the user was modified (usually only on document initialization)
if(this.isModified('user')){
//Delete previous requests for the given user
const requests = await this.model().deleteMany({user: this.user._id});
}
next(); next();
}); });