search

codeuino / social-platform-donut-backend

Donut API:
http://donut-api-prod.codeuino.org/
GNU General Public License v3.0
24 stars 57 forks source link

--Solved: #206 #221

Closed kaustubhai closed 3 years ago

kaustubhai commented 3 years ago

Problem

Github Issue Number: #206 Security Issue: Link stayed active to change password even after use

Solution of problem

Encrypted generated token to reset the password, with the user's existing password. This way after successfully changing the password once, the token gets invalid

Type of Change

Checklist

[x] My code follows the same style as the codebase [ ] My Code change requires a change in documentation [ ] I have updated the Readme accordingly [x] I made PR against development branch [x] I have run the test cases locally and it's passing. [x] I have squashed my commits

rrachitgarg commented 3 years ago

Looks good to me @vaibhavdaren