chore: fix major vuln reported by @Baw-Appie

meili-NG · Mar 14, 2021 · 323a7c4 · 323a7c4
1 parent bfc911d
commit 323a7c4
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/routes/v1/meiling/lost-password.ts b/src/routes/v1/meiling/lost-password.ts
@@ -52,6 +52,8 @@ export async function meilingV1LostPasswordHandler(req: FastifyRequest, rep: Fas
 
     await User.addPassword(uuid, body.password);
 
+    await setPasswordResetSession(req, undefined);
+
     rep.send({ success: true });
     return;
   }
@@ -231,7 +233,7 @@ export async function meilingV1LostPasswordHandler(req: FastifyRequest, rep: Fas
     return;
   }
 
-  const isValid = verifyChallenge(passwordReset.method, passwordReset.challenge, body.data.challengeResponse);
+  const isValid = await verifyChallenge(passwordReset.method, passwordReset.challenge, body.data.challengeResponse);
   if (!isValid) {
     sendMeilingError(rep, MeilingV1ErrorType.AUTHORIZATION_REQUEST_INVALID, 'invalid challenge');
     return;