mirror of
https://github.com/discourse/discourse.git
synced 2024-12-12 15:33:55 +08:00
fa8cd629f1
This commit adds token_hash and scopes columns to email_tokens table. token_hash is a replacement for the token column to avoid storing email tokens in plaintext as it can pose a security risk. The new scope column ensures that email tokens cannot be used to perform a different action than the one intended. To sum up, this commit: * Adds token_hash and scope to email_tokens * Reuses code that schedules critical_user_email * Refactors EmailToken.confirm and EmailToken.atomic_confirm methods * Periodically cleans old, unconfirmed or expired email tokens
27 lines
830 B
Ruby
27 lines
830 B
Ruby
# frozen_string_literal: true
|
|
|
|
module Jobs
|
|
class ActivationReminderEmails < ::Jobs::Scheduled
|
|
every 2.hours
|
|
|
|
def execute(args)
|
|
User.joins("LEFT JOIN user_custom_fields ON users.id = user_id AND user_custom_fields.name = 'activation_reminder'")
|
|
.where(active: false, staged: false, user_custom_fields: { value: nil })
|
|
.where('users.created_at BETWEEN ? AND ?', 3.days.ago, 2.days.ago)
|
|
.find_each do |user|
|
|
|
|
user.custom_fields['activation_reminder'] = true
|
|
user.save_custom_fields
|
|
|
|
email_token = user.email_tokens.create!(email: user.email, scope: EmailToken.scopes[:signup])
|
|
::Jobs.enqueue(
|
|
:user_email,
|
|
type: :activation_reminder,
|
|
user_id: user.id,
|
|
email_token: email_token.token
|
|
)
|
|
end
|
|
end
|
|
end
|
|
end
|