review feedback

mozilla · Aug 26, 2019 · 86e1038 · 86e1038
1 parent d82f21c
commit 86e1038
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 15 deletions.
diff --git a/packages/fxa-auth-server/lib/routes/password.js b/packages/fxa-auth-server/lib/routes/password.js
@@ -69,11 +69,6 @@ module.exports = function(
           if (!match) {
             throw error.incorrectPassword(emailRecord.email, form.email);
           }
-          const password = new Password(
-            oldAuthPW,
-            emailRecord.authSalt,
-            emailRecord.verifierVersion
-          );
           const wrapKb = await password.unwrap(emailRecord.wrapWrapKb);
           const keyFetchToken = await db.createKeyFetchToken({
             uid: emailRecord.uid,
@@ -186,8 +181,7 @@ module.exports = function(
         async function fetchDevicesToNotify() {
           // We fetch the devices to notify before changePassword() because
           // db.resetAccount() deletes all the devices saved in the account.
-          const devices = await request.app.devices;
-          devicesToNotify = devices;
+          devicesToNotify = await request.app.devices;
           // If the originating sessionToken belongs to a device,
           // do not send the notification to that device. It will
           // get informed about the change via WebChannel message.
@@ -200,7 +194,7 @@ module.exports = function(
 
         async function changePassword() {
           let authSalt, password;
-          const hex = await random.hex(32); // TODO why is this async?
+          const hex = await random.hex(32);
           authSalt = hex;
           password = new Password(authPW, authSalt, verifierVersion);
           await db.deletePasswordChangeToken(passwordChangeToken);
@@ -229,8 +223,7 @@ module.exports = function(
             );
           }
 
-          const accountData = await db.account(passwordChangeToken.uid);
-          account = accountData;
+          account = await db.account(passwordChangeToken.uid);
 
           log.notifyAttachedServices('passwordChange', request, {
             uid: passwordChangeToken.uid,

diff --git a/packages/fxa-auth-server/lib/routes/totp.js b/packages/fxa-auth-server/lib/routes/totp.js
@@ -139,11 +139,16 @@ module.exports = (log, db, mailer, customs, config) => {
             uid,
           };
 
-          await mailer.sendPostRemoveTwoStepAuthNotification(
-            account.emails,
-            account,
-            emailOptions
-          );
+          try {
+            await mailer.sendPostRemoveTwoStepAuthNotification(
+              account.emails,
+              account,
+              emailOptions
+            );
+          } catch (err) {
+            // If email fails, log the error without aborting the operation.
+            log.error('mailer.sendPostRemoveTwoStepAuthNotification', { err });
+          }
         }
 
         return {};