The Cognitive Distortion Journal (CDJ) is a smart journaling tool that helps remedy distorted thinking. It can feel impossible to follow the CBT technique of labeling and reframing distorted thinking when you've been thinking this way your whole life. The CDJ can help with that 🧠✨ -- v2 is in development!
This PR patches a security issue. A sus user might try to log in and get beta access by clicking Forgot Password. This patches that hole by checking if the user with the given email is pending approval. Previously a user that requests beta access could press Forgot Password and be sent a password reset link to establish a password necessary to log in effectively logging in through the backdoor.
The email of a user that request beta approval is stored in the database. If this email exists and the user does not have beta access by checking the betaAccess flag within the same model, when they try to click Forgot Password for a recovery email, the next() middleware is called which is the error handler sending back a a message that the user requires beta access to reset their password.
This PR patches a security issue. A sus user might try to log in and get beta access by clicking Forgot Password. This patches that hole by checking if the user with the given email is pending approval. Previously a user that requests beta access could press Forgot Password and be sent a password reset link to establish a password necessary to log in effectively logging in through the backdoor.
The
emailof a user that request beta approval is stored in the database. If thisemailexists and the user does not have beta access by checking thebetaAccessflag within the same model, when they try to click Forgot Password for a recovery email, thenext()middleware is called which is the error handler sending back a a message that the user requires beta access to reset their password.