#1928 Customizable password reset lifetime

2019-06-22 21:19:16 +02:00 · 2019-06-22 21:19:16 +02:00 · 0ed97453f8
parent 232863422f
commit 0ed97453f8
10 changed files with 16 additions and 9 deletions
--- a/client/src/app/core/server/server.service.ts
+++ b/client/src/app/core/server/server.service.ts
@ -83,7 +83,8 @@ export class ServerService {
    },
    user: {
      videoQuota: -1,
-      videoQuotaDaily: -1
+      videoQuotaDaily: -1,
      resetPasswordLifetime: 5
    },
    import: {
      videos: {
--- a/client/src/app/login/login.component.ts
+++ b/client/src/app/login/login.component.ts
@ -78,7 +78,7 @@ export class LoginComponent extends FormReactive implements OnInit {
      .subscribe(
        () => {
          const message = this.i18n(
-            'An email with the reset password instructions will be sent to {{email}}. The link will expire within 5 minutes.',
+            `An email with the reset password instructions will be sent to {{email}}. The link will expire within ${this.getResetPasswordLifetime()} minutes.`,
            { email: this.forgotPasswordEmail }
          )
          this.notifier.success(message)
@ -96,4 +96,8 @@ export class LoginComponent extends FormReactive implements OnInit {
  hideForgotPasswordModal () {
    this.openedForgotPasswordModal.close()
  }
  getResetPasswordLifetime () {
    return this.serverService.getConfig().user.resetPasswordLifetime
  }
 }
--- a/config/default.yaml
+++ b/config/default.yaml
@ -174,6 +174,7 @@ user:
  # -1 == unlimited
  video_quota: -1
  video_quota_daily: -1
  password_reset_lifetime: 15 # Minutes before password reset link expiration
 # If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
 # In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
--- a/config/production.yaml.example
+++ b/config/production.yaml.example
@ -188,6 +188,7 @@ user:
  # -1 == unlimited
  video_quota: -1
  video_quota_daily: -1
  password_reset_lifetime: 5 # Minutes before password reset link expiration
 # If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
 # In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
--- a/server/controllers/api/config.ts
+++ b/server/controllers/api/config.ts
@ -131,7 +131,8 @@ async function getConfig (req: express.Request, res: express.Response) {
    },
    user: {
      videoQuota: CONFIG.USER.VIDEO_QUOTA,
-      videoQuotaDaily: CONFIG.USER.VIDEO_QUOTA_DAILY
+      videoQuotaDaily: CONFIG.USER.VIDEO_QUOTA_DAILY,
      resetPasswordLifetime: CONFIG.USER.USER_PASSWORD_RESET_LIFETIME
    },
    trending: {
      videos: {
--- a/server/initializers/config.ts
+++ b/server/initializers/config.ts
@ -144,7 +144,8 @@ const CONFIG = {
  },
  USER: {
    get VIDEO_QUOTA () { return parseBytes(config.get<number>('user.video_quota')) },
-    get VIDEO_QUOTA_DAILY () { return parseBytes(config.get<number>('user.video_quota_daily')) }
+    get VIDEO_QUOTA_DAILY () { return parseBytes(config.get<number>('user.video_quota_daily')) },
    get USER_PASSWORD_RESET_LIFETIME () { return parseBytes(config.get<number>('user.password_reset_lifetime')) }
  },
  TRANSCODING: {
    get ENABLED () { return config.get<boolean>('transcoding.enabled') },
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@ -471,8 +471,6 @@ let PRIVATE_RSA_KEY_SIZE = 2048
 // Password encryption
 const BCRYPT_SALT_SIZE = 10
 const USER_PASSWORD_RESET_LIFETIME = 60000 * 5 // 5 minutes
 const USER_EMAIL_VERIFY_LIFETIME = 60000 * 60 // 60 minutes
 const NSFW_POLICY_TYPES: { [ id: string ]: NSFWPolicyType } = {
@ -689,7 +687,6 @@ export {
  VIDEO_ABUSE_STATES,
  CACHE,
  JOB_REQUEST_TIMEOUT,
  USER_PASSWORD_RESET_LIFETIME,
  MEMOIZE_TTL,
  USER_EMAIL_VERIFY_LIFETIME,
  OVERVIEWS,
--- a/server/lib/emailer.ts
+++ b/server/lib/emailer.ts
@ -350,7 +350,7 @@ class Emailer {
  addPasswordResetEmailJob (to: string, resetPasswordUrl: string) {
    const text = `Hi dear user,\n\n` +
      `A reset password procedure for your account ${to} has been requested on ${WEBSERVER.HOST} ` +
-      `Please follow this link to reset it: ${resetPasswordUrl}  (the link will expire within 5 minutes)\n\n` +
+      `Please follow this link to reset it: ${resetPasswordUrl}  (the link will expire within ${CONFIG.USER.USER_PASSWORD_RESET_LIFETIME} minutes)\n\n` +
      `If you are not the person who initiated this request, please ignore this email.\n\n` +
      `Cheers,\n` +
      `${CONFIG.EMAIL.BODY.SIGNATURE}`
--- a/server/lib/redis.ts
+++ b/server/lib/redis.ts
@ -5,7 +5,6 @@ import { generateRandomString } from '../helpers/utils'
 import {
  CONTACT_FORM_LIFETIME,
  USER_EMAIL_VERIFY_LIFETIME,
  USER_PASSWORD_RESET_LIFETIME,
  VIDEO_VIEW_LIFETIME,
  WEBSERVER
 } from '../initializers/constants'
@ -68,6 +67,7 @@ class Redis {
  async setResetPasswordVerificationString (userId: number) {
    const generatedString = await generateRandomString(32)
    const USER_PASSWORD_RESET_LIFETIME = CONFIG.USER.USER_PASSWORD_RESET_LIFETIME * 60000
    await this.setValue(this.generateResetPasswordKey(userId), generatedString, USER_PASSWORD_RESET_LIFETIME)
    return generatedString
--- a/shared/models/server/server-config.model.ts
+++ b/shared/models/server/server-config.model.ts
@ -90,6 +90,7 @@ export interface ServerConfig {
  user: {
    videoQuota: number
    videoQuotaDaily: number
    resetPasswordLifetime: number
  }
  trending: {