mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-22 14:31:26 +00:00
Update password reset ttl, now expires after 24 hours
This commit is contained in:
parent
c40cdb6d8a
commit
829c41e16f
4 changed files with 60 additions and 5 deletions
48
app/Console/Commands/PasswordResetGC.php
Normal file
48
app/Console/Commands/PasswordResetGC.php
Normal file
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use Illuminate\Console\Command;
|
||||
use App\EmailVerification;
|
||||
|
||||
class PasswordResetGC extends Command
|
||||
{
|
||||
/**
|
||||
* The name and signature of the console command.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $signature = 'gc:passwordreset';
|
||||
|
||||
/**
|
||||
* The console command description.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $description = 'Delete password reset tokens over 24 hours old';
|
||||
|
||||
/**
|
||||
* Create a new command instance.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct()
|
||||
{
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute the console command.
|
||||
*
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle()
|
||||
{
|
||||
EmailVerification::where('created_at', '<', now()->subMinutes(1441))
|
||||
->chunk(50, function($emails) {
|
||||
foreach($emails as $em) {
|
||||
$em->delete();
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
|
@ -32,6 +32,7 @@ class Kernel extends ConsoleKernel
|
|||
$schedule->command('horizon:snapshot')->everyFiveMinutes();
|
||||
$schedule->command('story:gc')->everyFiveMinutes();
|
||||
$schedule->command('gc:failedjobs')->dailyAt(3);
|
||||
$schedule->command('gc:passwordreset')->dailyAt('09:41');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -6,6 +6,7 @@ use Auth;
|
|||
use Cache;
|
||||
use Mail;
|
||||
use Illuminate\Support\Facades\Redis;
|
||||
use Illuminate\Support\Str;
|
||||
use Carbon\Carbon;
|
||||
use App\Mail\ConfirmEmail;
|
||||
use Illuminate\Http\Request;
|
||||
|
@ -80,8 +81,8 @@ class AccountController extends Controller
|
|||
EmailVerification::whereUserId(Auth::id())->delete();
|
||||
|
||||
$user = User::whereNull('email_verified_at')->find(Auth::id());
|
||||
$utoken = str_random(64);
|
||||
$rtoken = str_random(128);
|
||||
$utoken = Str::uuid() . Str::random(mt_rand(5,9));
|
||||
$rtoken = Str::random(mt_rand(64, 70));
|
||||
|
||||
$verify = new EmailVerification();
|
||||
$verify->user_id = $user->id;
|
||||
|
@ -98,7 +99,7 @@ class AccountController extends Controller
|
|||
public function confirmVerifyEmail(Request $request, $userToken, $randomToken)
|
||||
{
|
||||
$verify = EmailVerification::where('user_token', $userToken)
|
||||
->where('created_at', '>', now()->subWeeks(2))
|
||||
->where('created_at', '>', now()->subHours(24))
|
||||
->where('random_token', $randomToken)
|
||||
->firstOrFail();
|
||||
|
||||
|
|
|
@ -1,12 +1,17 @@
|
|||
@component('mail::message')
|
||||
# Email Confirmation
|
||||
|
||||
Please confirm your email address.
|
||||
Hello <b>@{{$verify->user->username}}</b>, please confirm your email address.
|
||||
|
||||
If you did not create this account, please disregard this email.
|
||||
|
||||
@component('mail::button', ['url' => $verify->url()])
|
||||
Confirm Email
|
||||
@endcomponent
|
||||
|
||||
<p>This link expires after 24 hours.</p>
|
||||
<br>
|
||||
|
||||
Thanks,<br>
|
||||
{{ config('pixelfed.domain.app') }}
|
||||
<a href="{{ config('app.url') }}">{{ config('pixelfed.domain.app') }}</a>
|
||||
@endcomponent
|
||||
|
|
Loading…
Reference in a new issue