From f56578ab501e52325424b0ab4b3ba79502a8572d Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Wed, 16 Aug 2017 14:36:51 -0400
Subject: [PATCH] remove reset tokens if target user email changes

---
 app.js              |  2 +-
 src/user/profile.js |  1 +
 src/user/reset.js   | 40 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/app.js b/app.js
index 7a0b7bc2a5..cab5bdd5a4 100644
--- a/app.js
+++ b/app.js
@@ -292,4 +292,4 @@ function versionCheck() {
 		winston.warn('Your version of Node.js is too outdated for NodeBB. Please update your version of Node.js.');
 		winston.warn('Recommended ' + range.green + ', '.reset + version.yellow + ' provided\n'.reset);
 	}
-}
+}
\ No newline at end of file
diff --git a/src/user/profile.js b/src/user/profile.js
index d3067b6945..54ed58267b 100644
--- a/src/user/profile.js
+++ b/src/user/profile.js
@@ -185,6 +185,7 @@ module.exports = function (User) {
 					function (next) {
 						db.sortedSetAdd('users:notvalidated', Date.now(), uid, next);
 					},
+					async.apply(User.reset.cleanByUid, uid),
 				], function (err) {
 					next(err);
 				});
diff --git a/src/user/reset.js b/src/user/reset.js
index abe45a6031..618ba680bc 100644
--- a/src/user/reset.js
+++ b/src/user/reset.js
@@ -7,6 +7,7 @@ var winston = require('winston');
 var user = require('../user');
 var utils = require('../utils');
 var translator = require('../translator');
+var batch = require('../batch');
 
 var db = require('../database');
 var meta = require('../meta');
@@ -168,3 +169,42 @@ UserReset.clean = function (callback) {
 		},
 	], callback);
 };
+
+UserReset.cleanByUid = function (uid, callback) {
+	if (typeof callback !== 'function') {
+		callback = function () {};
+	}
+
+	var toClean = [];
+	uid = parseInt(uid, 10);
+
+	async.waterfall([
+		async.apply(db.getSortedSetRange.bind(db), 'reset:issueDate', 0, -1),
+		function (tokens, next) {
+			batch.processArray(tokens, function (tokens, next) {
+				db.getObjectFields('reset:uid', tokens, function (err, results) {
+					for (var code in results) {
+						if (results.hasOwnProperty(code) && parseInt(results[code], 10) === uid) {
+							toClean.push(code);
+						}
+					}
+
+					next(err);
+				});
+			}, next);
+		},
+		function (next) {
+			if (!toClean.length) {
+				winston.verbose('[UserReset.cleanByUid] No tokens found for uid (' + uid + ').');
+				return setImmediate(next);
+			}
+
+			winston.verbose('[UserReset.cleanByUid] Found ' + toClean.length + ' token(s), removing...');
+			async.parallel([
+				async.apply(db.deleteObjectFields, 'reset:uid', toClean),
+				async.apply(db.sortedSetRemove, 'reset:issueDate', toClean),
+				async.apply(db.sortedSetRemove, 'reset:issueDate:uid', uid),
+			], next);
+		},
+	], callback);
+};