gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updated expiration of password token to 1hr, updated flash message when email is sent with password recovery instructions.

Browse Source
This commit is contained in:
Sahat Yalkabov
2014-02-18 01:16:34 -05:00
parent bde061debf
commit 58c3db89ed
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
controllers/forgot.js
View File

@ -128,7 +128,7 @@ exports.postForgot = function(req, res) {
}
user.resetPasswordToken = token;
user.resetPasswordExpires = Date.now() + 10000000;
user.resetPasswordExpires = Date.now() + 3600000; // 1 hour
// update the user's record with the token
user.save(function(err) {
@ -166,14 +166,13 @@ exports.postForgot = function(req, res) {
'If you did not request this, please ignore this email and your password will remain unchanged.\n'
};
// send email
smtpTransport.sendMail(mailOptions, function(err) {
if (err) {
req.flash('errors', { msg: err.message });
return res.redirect('/forgot');
} else {
// Message to user
req.flash('info', { msg: 'If you have an account with that email address then we sent you an email with instructions. Check your email!' });
req.flash('info', { msg: 'We have sent an email to ' + user.email + ' for further instructions.' });
return res.redirect('/forgot');
}
});