when admin is changing users emails check if its avaiable and remove old email of user first
upgrade script to cleanup email:uid, email:sorted, will remove entries if user doesn't exist or doesn't have email or if entry in user hash doesn't match entry in email:uid
fix missing ! in email interstitial
fix missing await in canSendValidation,
fix broken tests
dont pass sessionId to email.remove if admin is changing/removing email
* fix: convert loginDays and loginSeconds to number inputs
* feat: configurable session timeout for when "Remember Me" is not checked
closes#11124
* test: addition tests to check loginDays and sessionDuration settings
* test: also test loginSeconds override
* chore: incrementing version number - v2.8.1
* chore: update changelog for v2.8.1
* fix: accidental clearing of reset rate limiting on reset send
* test: move user reset tests to its own file, add failing test for user reset locks
* fix: #11119, counter attempted flooding of user reset route
* test: fix password reset socket test to check for error now
* test: same user sending multiple reset emails
should work after waiting the correct amount of time
* lint: fixes
* chore: rename outdated `cleanTokensAndUids` method
* test: no need to create user for new test
Co-authored-by: Misty Release Bot <deploy@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
* breaking: remove `SocketUser.emailConfirm`, re: #10954
* chore: move email confirmation related configs to own section in Settings > Email
* feat: new user email method `getValidationExpiry`, returns expiration in ms.. probably.
* fix: bug where `user.email.isValidationPending` returned an u nexpected non-boolean value if there was no confirmation pending (only when checking email as well)
* fix: update getValidationExpiry to return ms
* test: use emailConfirmInterval for tests, for now
* fix: throw friendly error when attempting an email change within email confirmation window
* feat: new config option `emailConfirmExpiry` in days, governs how long the confirm link is good for
* test: additional tests for user email methods
* fix: add back missing handling of option
* test: fix tests
* chore(deps): bump lru-cache from 6.0.0 to 7.13.1 in /install
Bumps [lru-cache](https://github.com/isaacs/node-lru-cache) from 6.0.0 to 7.13.1.
- [Release notes](https://github.com/isaacs/node-lru-cache/releases)
- [Changelog](https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-lru-cache/compare/v6.0.0...v7.13.1)
---
updated-dependencies:
- dependency-name: lru-cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix(lru-cache): remove unneeded `length` params for cache creation, as `maxSize` was not used in those init calls, also renamed some methods to match new method names in lru-cache [breaking]
Added deprecation notices for old params
* fix: replace three direct calls to lru-cache with call to cacheCreate, moved cache creation call in uploads to run on first init as config is not populated at lib init
* test: move configs init above cache reset calls in databasemock
* move some more code above cache clear
* refactor: remove unused
* test: lru
* test: more debug
* test: on more test
* use await helpers.uploadFile
* fix: tests remove logs
* fix: acp cache page
* fix: add in one more guard again cache instantiation with `length` prop but no `maxSize` prop
* fix(deps): bump markdown
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
Julian Lam
Barış Soner Uşaklı
gasoved