github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2024-12-02 23:23:52 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Always invalidate all user email tokens

Browse Source 
Reported by B. Dhiyaneshwaran of Geek Freak.
This commit is contained in:
Franz Liedke 2018-11-29 00:33:42 +01:00
parent 546b4f01ac
commit 66607a5674
No known key found for this signature in database
GPG Key ID: 9A0231A879B055F4
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/User/Command/ConfirmEmailHandler.php
View File

@ -53,7 +53,8 @@ class ConfirmEmailHandler
$user->save(); $user->save();
$this->dispatchEventsFor($user); $this->dispatchEventsFor($user);
$token->delete(); // Delete *all* tokens for the user, in case other ones were sent first
$user->emailTokens()->delete();
return $user; return $user;
} }

10
src/User/User.php
View File

@ -614,6 +614,16 @@ class User extends AbstractModel
return $this->hasMany('Flarum\Notification\Notification'); return $this->hasMany('Flarum\Notification\Notification');
} }
/**
* Define the relationship with the user's email tokens.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function emailTokens()
{
return $this->hasMany(EmailToken::class);
}
/** /**
* Define the relationship with the permissions of all of the groups that * Define the relationship with the permissions of all of the groups that
* the user is in. * the user is in.