From cd2f570a9cd1b2f4f7ff72ba484d9ce65d074da0 Mon Sep 17 00:00:00 2001 From: tedraykov Date: Mon, 15 May 2023 19:56:13 +0300 Subject: [PATCH] feat: support dynamic password reset url Signed-off-by: tedraykov --- .changeset/hip-owls-hug.md | 5 +++++ packages/api-plugin-authentication/src/config.js | 1 + packages/api-plugin-authentication/src/util/accountServer.js | 4 ++-- 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 .changeset/hip-owls-hug.md diff --git a/.changeset/hip-owls-hug.md b/.changeset/hip-owls-hug.md new file mode 100644 index 00000000000..0e2d3b76be8 --- /dev/null +++ b/.changeset/hip-owls-hug.md @@ -0,0 +1,5 @@ +--- +"@reactioncommerce/api-plugin-authentication": minor +--- + +Allow dynamic password reset URL in the email diff --git a/packages/api-plugin-authentication/src/config.js b/packages/api-plugin-authentication/src/config.js index 6062fa57f68..5390814196a 100644 --- a/packages/api-plugin-authentication/src/config.js +++ b/packages/api-plugin-authentication/src/config.js @@ -5,6 +5,7 @@ const { str } = envalid; export default envalid.cleanEnv( process.env, { + PASSWORD_RESET_PATH_FRAGMENT: str({ default: "?resetToken=" }), STORE_URL: str({ devDefault: "http://localhost:4000" }), TOKEN_SECRET: str({ default: "UPDATE_THIS_SECRET" }) }, diff --git a/packages/api-plugin-authentication/src/util/accountServer.js b/packages/api-plugin-authentication/src/util/accountServer.js index 628b191272f..d22bce2ab47 100644 --- a/packages/api-plugin-authentication/src/util/accountServer.js +++ b/packages/api-plugin-authentication/src/util/accountServer.js @@ -14,7 +14,7 @@ export default async (app) => { if (accountsServer && accountsGraphQL) { return { accountsServer, accountsGraphQL }; } - const { MONGO_URL, STORE_URL, TOKEN_SECRET } = config; + const { MONGO_URL, PASSWORD_RESET_PATH_FRAGMENT, STORE_URL, TOKEN_SECRET } = config; const { context } = app; const client = await mongoConnectWithRetry(MONGO_URL); @@ -38,7 +38,7 @@ export default async (app) => { sendMail: async ({ to, text }) => { const query = text.split("/"); const token = query[query.length - 1]; - const url = `${STORE_URL}/?resetToken=${token}`; + const url = `${STORE_URL}/${PASSWORD_RESET_PATH_FRAGMENT}${token}`; await context.mutations.sendResetAccountPasswordEmail(context, { email: to, url