diff options
| author | Ivan Tashkinov <ivantashkinov@gmail.com> | 2020-11-19 19:35:44 +0300 |
|---|---|---|
| committer | Ivan Tashkinov <ivantashkinov@gmail.com> | 2020-11-19 19:35:44 +0300 |
| commit | b27d8f74370ad404a91b15fa1f51ea6162f35098 (patch) | |
| tree | 470f5bd604cad39dcf5163d18be3be2a78bf20f6 /lib | |
| parent | e164c37139c4365d7d46a2a990b364ad26dfdbf7 (diff) | |
| parent | c8d11c306452ea36f5690ba1824434dc71bd9f95 (diff) | |
| download | pleroma-b27d8f74370ad404a91b15fa1f51ea6162f35098.tar.gz | |
Merge remote-tracking branch 'remotes/origin/develop' into 2301-users-search-discoverability-fix
# Conflicts:
# CHANGELOG.md
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/activity/search.ex | 5 | ||||
| -rw-r--r-- | lib/pleroma/password_reset_token.ex | 11 | ||||
| -rw-r--r-- | lib/pleroma/web/twitter_api/controllers/password_controller.ex | 1 |
3 files changed, 16 insertions, 1 deletions
diff --git a/lib/pleroma/activity/search.ex b/lib/pleroma/activity/search.ex index ceb365bb3..382c81118 100644 --- a/lib/pleroma/activity/search.ex +++ b/lib/pleroma/activity/search.ex @@ -27,7 +27,10 @@ defmodule Pleroma.Activity.Search do |> maybe_restrict_local(user) |> maybe_restrict_author(author) |> maybe_restrict_blocked(user) - |> Pagination.fetch_paginated(%{"offset" => offset, "limit" => limit}, :offset) + |> Pagination.fetch_paginated( + %{"offset" => offset, "limit" => limit, "skip_order" => index_type == :rum}, + :offset + ) |> maybe_fetch(user, search_query) end diff --git a/lib/pleroma/password_reset_token.ex b/lib/pleroma/password_reset_token.ex index 787bd4781..fea5b1c22 100644 --- a/lib/pleroma/password_reset_token.ex +++ b/lib/pleroma/password_reset_token.ex @@ -40,6 +40,7 @@ defmodule Pleroma.PasswordResetToken do @spec reset_password(binary(), map()) :: {:ok, User.t()} | {:error, binary()} def reset_password(token, data) do with %{used: false} = token <- Repo.get_by(PasswordResetToken, %{token: token}), + false <- expired?(token), %User{} = user <- User.get_cached_by_id(token.user_id), {:ok, _user} <- User.reset_password(user, data), {:ok, token} <- Repo.update(used_changeset(token)) do @@ -48,4 +49,14 @@ defmodule Pleroma.PasswordResetToken do _e -> {:error, token} end end + + def expired?(%__MODULE__{inserted_at: inserted_at}) do + validity = Pleroma.Config.get([:instance, :password_reset_token_validity], 0) + + now = NaiveDateTime.utc_now() + + difference = NaiveDateTime.diff(now, inserted_at) + + difference > validity + end end diff --git a/lib/pleroma/web/twitter_api/controllers/password_controller.ex b/lib/pleroma/web/twitter_api/controllers/password_controller.ex index 800ab8954..b1a9d810e 100644 --- a/lib/pleroma/web/twitter_api/controllers/password_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/password_controller.ex @@ -17,6 +17,7 @@ defmodule Pleroma.Web.TwitterAPI.PasswordController do def reset(conn, %{"token" => token}) do with %{used: false} = token <- Repo.get_by(PasswordResetToken, %{token: token}), + false <- PasswordResetToken.expired?(token), %User{} = user <- User.get_cached_by_id(token.user_id) do render(conn, "reset.html", %{ token: token, |