search

abitdodgy / cfw-usermanager

A user manager demo app for ColdFusion on Wheels
23 stars 11 forks source link

Potential issues with token creation... #1

Closed abitdodgy closed 12 years ago

abitdodgy commented 12 years ago

VerifyEmails.sendVerificationEmail() and PasswordResets.sendInstructions() allow the user to create an unlimited number of tokens.

Potential solutions:

  1. Set a session limit
  2. Check an existing token first
abitdodgy commented 12 years ago

Fixed by changing the relationship to hasOne() and checking before creating a new one.