when admin is changing users emails check if its avaiable and remove old email of user first
upgrade script to cleanup email:uid, email:sorted, will remove entries if user doesn't exist or doesn't have email or if entry in user hash doesn't match entry in email:uid
fix missing ! in email interstitial
fix missing await in canSendValidation,
fix broken tests
dont pass sessionId to email.remove if admin is changing/removing email
for user flags-> admins + all users who have `admin:users` privilege
for post flags -> admins + global mods + moderators of the category the post is in
refactor getModeratorUids function so it can be used for different privileges
* fix: convert loginDays and loginSeconds to number inputs
* feat: configurable session timeout for when "Remember Me" is not checked
closes#11124
* test: addition tests to check loginDays and sessionDuration settings
* test: also test loginSeconds override
* chore: incrementing version number - v2.8.1
* chore: update changelog for v2.8.1
* fix: accidental clearing of reset rate limiting on reset send
* test: move user reset tests to its own file, add failing test for user reset locks
* fix: #11119, counter attempted flooding of user reset route
* test: fix password reset socket test to check for error now
* test: same user sending multiple reset emails
should work after waiting the correct amount of time
* lint: fixes
* chore: rename outdated `cleanTokensAndUids` method
* test: no need to create user for new test
Co-authored-by: Misty Release Bot <deploy@nodebb.org>
Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
Julian Lam
Barış Soner Uşaklı
gasoved
psibean
nesro
Peter Jaszkowiak