diff --git a/resources/buildConfigDefinitions.js b/resources/buildConfigDefinitions.js
index e0d33daa4b..0be6e0085d 100644
--- a/resources/buildConfigDefinitions.js
+++ b/resources/buildConfigDefinitions.js
@@ -255,7 +255,16 @@ function inject(t, list) {
props.push(t.objectProperty(t.stringLiteral('action'), action));
}
if (elt.defaultValue) {
- const parsedValue = parseDefaultValue(elt, elt.defaultValue, t);
+ let parsedValue = parseDefaultValue(elt, elt.defaultValue, t);
+ if (!parsedValue) {
+ for (const type of elt.typeAnnotation.types) {
+ elt.type = type.type;
+ parsedValue = parseDefaultValue(elt, elt.defaultValue, t);
+ if (parsedValue) {
+ break;
+ }
+ }
+ }
if (parsedValue) {
props.push(t.objectProperty(t.stringLiteral('default'), parsedValue));
} else {
diff --git a/spec/EmailVerificationToken.spec.js b/spec/EmailVerificationToken.spec.js
index e21a049719..a7a59b893e 100644
--- a/spec/EmailVerificationToken.spec.js
+++ b/spec/EmailVerificationToken.spec.js
@@ -288,6 +288,184 @@ describe('Email Verification Token Expiration: ', () => {
});
});
+ it('can conditionally send emails', async () => {
+ let sendEmailOptions;
+ const emailAdapter = {
+ sendVerificationEmail: options => {
+ sendEmailOptions = options;
+ },
+ sendPasswordResetEmail: () => Promise.resolve(),
+ sendMail: () => {},
+ };
+ const verifyUserEmails = {
+ method(req) {
+ expect(Object.keys(req)).toEqual(['original', 'object', 'master', 'ip']);
+ return false;
+ },
+ };
+ const verifySpy = spyOn(verifyUserEmails, 'method').and.callThrough();
+ await reconfigureServer({
+ appName: 'emailVerifyToken',
+ verifyUserEmails: verifyUserEmails.method,
+ emailAdapter: emailAdapter,
+ emailVerifyTokenValidityDuration: 5, // 5 seconds
+ publicServerURL: 'http://localhost:8378/1',
+ });
+ const beforeSave = {
+ method(req) {
+ req.object.set('emailVerified', true);
+ },
+ };
+ const saveSpy = spyOn(beforeSave, 'method').and.callThrough();
+ const emailSpy = spyOn(emailAdapter, 'sendVerificationEmail').and.callThrough();
+ Parse.Cloud.beforeSave(Parse.User, beforeSave.method);
+ const user = new Parse.User();
+ user.setUsername('sets_email_verify_token_expires_at');
+ user.setPassword('expiringToken');
+ user.set('email', 'user@example.com');
+ await user.signUp();
+
+ const config = Config.get('test');
+ const results = await config.database.find(
+ '_User',
+ {
+ username: 'sets_email_verify_token_expires_at',
+ },
+ {},
+ Auth.maintenance(config)
+ );
+
+ expect(results.length).toBe(1);
+ const user_data = results[0];
+ expect(typeof user_data).toBe('object');
+ expect(user_data.emailVerified).toEqual(true);
+ expect(user_data._email_verify_token).toBeUndefined();
+ expect(user_data._email_verify_token_expires_at).toBeUndefined();
+ expect(emailSpy).not.toHaveBeenCalled();
+ expect(saveSpy).toHaveBeenCalled();
+ expect(sendEmailOptions).toBeUndefined();
+ expect(verifySpy).toHaveBeenCalled();
+ });
+
+ it('can conditionally send emails and allow conditional login', async () => {
+ let sendEmailOptions;
+ const emailAdapter = {
+ sendVerificationEmail: options => {
+ sendEmailOptions = options;
+ },
+ sendPasswordResetEmail: () => Promise.resolve(),
+ sendMail: () => {},
+ };
+ const verifyUserEmails = {
+ method(req) {
+ expect(Object.keys(req)).toEqual(['original', 'object', 'master', 'ip']);
+ if (req.object.get('username') === 'no_email') {
+ return false;
+ }
+ return true;
+ },
+ };
+ const verifySpy = spyOn(verifyUserEmails, 'method').and.callThrough();
+ await reconfigureServer({
+ appName: 'emailVerifyToken',
+ verifyUserEmails: verifyUserEmails.method,
+ preventLoginWithUnverifiedEmail: verifyUserEmails.method,
+ emailAdapter: emailAdapter,
+ emailVerifyTokenValidityDuration: 5, // 5 seconds
+ publicServerURL: 'http://localhost:8378/1',
+ });
+ const user = new Parse.User();
+ user.setUsername('no_email');
+ user.setPassword('expiringToken');
+ user.set('email', 'user@example.com');
+ await user.signUp();
+ expect(sendEmailOptions).toBeUndefined();
+ expect(user.getSessionToken()).toBeDefined();
+ expect(verifySpy).toHaveBeenCalledTimes(2);
+ const user2 = new Parse.User();
+ user2.setUsername('email');
+ user2.setPassword('expiringToken');
+ user2.set('email', 'user2@example.com');
+ await user2.signUp();
+ expect(user2.getSessionToken()).toBeUndefined();
+ expect(sendEmailOptions).toBeDefined();
+ expect(verifySpy).toHaveBeenCalledTimes(4);
+ });
+
+ it('can conditionally send user email verification', async () => {
+ const emailAdapter = {
+ sendVerificationEmail: () => {},
+ sendPasswordResetEmail: () => Promise.resolve(),
+ sendMail: () => {},
+ };
+ const sendVerificationEmail = {
+ method(req) {
+ expect(req.user).toBeDefined();
+ expect(req.master).toBeDefined();
+ return false;
+ },
+ };
+ const sendSpy = spyOn(sendVerificationEmail, 'method').and.callThrough();
+ await reconfigureServer({
+ appName: 'emailVerifyToken',
+ verifyUserEmails: true,
+ emailAdapter: emailAdapter,
+ emailVerifyTokenValidityDuration: 5, // 5 seconds
+ publicServerURL: 'http://localhost:8378/1',
+ sendUserEmailVerification: sendVerificationEmail.method,
+ });
+ const emailSpy = spyOn(emailAdapter, 'sendVerificationEmail').and.callThrough();
+ const newUser = new Parse.User();
+ newUser.setUsername('unsets_email_verify_token_expires_at');
+ newUser.setPassword('expiringToken');
+ newUser.set('email', 'user@example.com');
+ await newUser.signUp();
+ await Parse.User.requestEmailVerification('user@example.com');
+ expect(sendSpy).toHaveBeenCalledTimes(2);
+ expect(emailSpy).toHaveBeenCalledTimes(0);
+ });
+
+ it('beforeSave options do not change existing behaviour', async () => {
+ let sendEmailOptions;
+ const emailAdapter = {
+ sendVerificationEmail: options => {
+ sendEmailOptions = options;
+ },
+ sendPasswordResetEmail: () => Promise.resolve(),
+ sendMail: () => {},
+ };
+ await reconfigureServer({
+ appName: 'emailVerifyToken',
+ verifyUserEmails: true,
+ emailAdapter: emailAdapter,
+ emailVerifyTokenValidityDuration: 5, // 5 seconds
+ publicServerURL: 'http://localhost:8378/1',
+ });
+ const emailSpy = spyOn(emailAdapter, 'sendVerificationEmail').and.callThrough();
+ const newUser = new Parse.User();
+ newUser.setUsername('unsets_email_verify_token_expires_at');
+ newUser.setPassword('expiringToken');
+ newUser.set('email', 'user@parse.com');
+ await newUser.signUp();
+ const response = await request({
+ url: sendEmailOptions.link,
+ followRedirects: false,
+ });
+ expect(response.status).toEqual(302);
+ const config = Config.get('test');
+ const results = await config.database.find('_User', {
+ username: 'unsets_email_verify_token_expires_at',
+ });
+
+ expect(results.length).toBe(1);
+ const user = results[0];
+ expect(typeof user).toBe('object');
+ expect(user.emailVerified).toEqual(true);
+ expect(typeof user._email_verify_token).toBe('undefined');
+ expect(typeof user._email_verify_token_expires_at).toBe('undefined');
+ expect(emailSpy).toHaveBeenCalled();
+ });
+
it('unsets the _email_verify_token_expires_at and _email_verify_token fields in the User class if email verification is successful', done => {
const user = new Parse.User();
let sendEmailOptions;
diff --git a/spec/UserController.spec.js b/spec/UserController.spec.js
index 6bcc454baf..7b98367702 100644
--- a/spec/UserController.spec.js
+++ b/spec/UserController.spec.js
@@ -1,4 +1,3 @@
-const UserController = require('../lib/Controllers/UserController').UserController;
const emailAdapter = require('./support/MockEmailAdapter');
describe('UserController', () => {
@@ -11,11 +10,14 @@ describe('UserController', () => {
describe('sendVerificationEmail', () => {
describe('parseFrameURL not provided', () => {
it('uses publicServerURL', async done => {
- await reconfigureServer({
+ const server = await reconfigureServer({
publicServerURL: 'http://www.example.com',
customPages: {
parseFrameURL: undefined,
},
+ verifyUserEmails: true,
+ emailAdapter,
+ appName: 'test',
});
emailAdapter.sendVerificationEmail = options => {
expect(options.link).toEqual(
@@ -24,20 +26,20 @@ describe('UserController', () => {
emailAdapter.sendVerificationEmail = () => Promise.resolve();
done();
};
- const userController = new UserController(emailAdapter, 'test', {
- verifyUserEmails: true,
- });
- userController.sendVerificationEmail(user);
+ server.config.userController.sendVerificationEmail(user);
});
});
describe('parseFrameURL provided', () => {
it('uses parseFrameURL and includes the destination in the link parameter', async done => {
- await reconfigureServer({
+ const server = await reconfigureServer({
publicServerURL: 'http://www.example.com',
customPages: {
parseFrameURL: 'http://someother.example.com/handle-parse-iframe',
},
+ verifyUserEmails: true,
+ emailAdapter,
+ appName: 'test',
});
emailAdapter.sendVerificationEmail = options => {
expect(options.link).toEqual(
@@ -46,10 +48,7 @@ describe('UserController', () => {
emailAdapter.sendVerificationEmail = () => Promise.resolve();
done();
};
- const userController = new UserController(emailAdapter, 'test', {
- verifyUserEmails: true,
- });
- userController.sendVerificationEmail(user);
+ server.config.userController.sendVerificationEmail(user);
});
});
});
diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js
index 6871add987..7618f500bf 100644
--- a/src/Controllers/UserController.js
+++ b/src/Controllers/UserController.js
@@ -32,20 +32,33 @@ export class UserController extends AdaptableController {
}
get shouldVerifyEmails() {
- return this.options.verifyUserEmails;
+ return (this.config || this.options).verifyUserEmails;
}
- setEmailVerifyToken(user) {
- if (this.shouldVerifyEmails) {
- user._email_verify_token = randomString(25);
+ async setEmailVerifyToken(user, req, storage = {}) {
+ let shouldSendEmail = this.shouldVerifyEmails;
+ if (typeof shouldSendEmail === 'function') {
+ const response = await Promise.resolve(shouldSendEmail(req));
+ shouldSendEmail = response !== false;
+ }
+ if (!shouldSendEmail) {
+ return false;
+ }
+ storage.sendVerificationEmail = true;
+ user._email_verify_token = randomString(25);
+ if (
+ !storage.fieldsChangedByTrigger ||
+ !storage.fieldsChangedByTrigger.includes('emailVerified')
+ ) {
user.emailVerified = false;
+ }
- if (this.config.emailVerifyTokenValidityDuration) {
- user._email_verify_token_expires_at = Parse._encode(
- this.config.generateEmailVerifyTokenExpiresAt()
- );
- }
+ if (this.config.emailVerifyTokenValidityDuration) {
+ user._email_verify_token_expires_at = Parse._encode(
+ this.config.generateEmailVerifyTokenExpiresAt()
+ );
}
+ return true;
}
verifyEmail(username, token) {
@@ -131,27 +144,39 @@ export class UserController extends AdaptableController {
});
}
- sendVerificationEmail(user) {
+ async sendVerificationEmail(user, req) {
if (!this.shouldVerifyEmails) {
return;
}
const token = encodeURIComponent(user._email_verify_token);
// We may need to fetch the user in case of update email
- this.getUserIfNeeded(user).then(user => {
- const username = encodeURIComponent(user.username);
-
- const link = buildEmailLink(this.config.verifyEmailURL, username, token, this.config);
- const options = {
- appName: this.config.appName,
- link: link,
- user: inflate('_User', user),
- };
- if (this.adapter.sendVerificationEmail) {
- this.adapter.sendVerificationEmail(options);
- } else {
- this.adapter.sendMail(this.defaultVerificationEmail(options));
- }
- });
+ const fetchedUser = await this.getUserIfNeeded(user);
+ let shouldSendEmail = this.config.sendUserEmailVerification;
+ if (typeof shouldSendEmail === 'function') {
+ const response = await Promise.resolve(
+ this.config.sendUserEmailVerification({
+ user: Parse.Object.fromJSON({ className: '_User', ...fetchedUser }),
+ master: req.auth?.isMaster,
+ })
+ );
+ shouldSendEmail = !!response;
+ }
+ if (!shouldSendEmail) {
+ return;
+ }
+ const username = encodeURIComponent(user.username);
+
+ const link = buildEmailLink(this.config.verifyEmailURL, username, token, this.config);
+ const options = {
+ appName: this.config.appName,
+ link: link,
+ user: inflate('_User', fetchedUser),
+ };
+ if (this.adapter.sendVerificationEmail) {
+ this.adapter.sendVerificationEmail(options);
+ } else {
+ this.adapter.sendMail(this.defaultVerificationEmail(options));
+ }
}
/**
@@ -160,7 +185,7 @@ export class UserController extends AdaptableController {
* @param user
* @returns {*}
*/
- regenerateEmailVerifyToken(user) {
+ async regenerateEmailVerifyToken(user, master) {
const { _email_verify_token } = user;
let { _email_verify_token_expires_at } = user;
if (_email_verify_token_expires_at && _email_verify_token_expires_at.__type === 'Date') {
@@ -174,19 +199,22 @@ export class UserController extends AdaptableController {
) {
return Promise.resolve();
}
- this.setEmailVerifyToken(user);
+ const shouldSend = await this.setEmailVerifyToken(user, { user, master });
+ if (!shouldSend) {
+ return;
+ }
return this.config.database.update('_User', { username: user.username }, user);
}
- resendVerificationEmail(username) {
- return this.getUserIfNeeded({ username: username }).then(aUser => {
- if (!aUser || aUser.emailVerified) {
- throw undefined;
- }
- return this.regenerateEmailVerifyToken(aUser).then(() => {
- this.sendVerificationEmail(aUser);
- });
- });
+ async resendVerificationEmail(username, req) {
+ const aUser = await this.getUserIfNeeded({ username: username });
+ if (!aUser || aUser.emailVerified) {
+ throw undefined;
+ }
+ const generate = await this.regenerateEmailVerifyToken(aUser, req.auth?.isMaster);
+ if (generate) {
+ this.sendVerificationEmail(aUser, req);
+ }
}
setPasswordResetToken(email) {
diff --git a/src/Options/Definitions.js b/src/Options/Definitions.js
index 3815902c51..b067412d26 100644
--- a/src/Options/Definitions.js
+++ b/src/Options/Definitions.js
@@ -496,6 +496,12 @@ module.exports.ParseServerOptions = {
action: parsers.objectParser,
default: {},
},
+ sendUserEmailVerification: {
+ env: 'PARSE_SERVER_SEND_USER_EMAIL_VERIFICATION',
+ help:
+ 'Set to `false` to prevent sending of verification email. Supports a function with a return value of `true` or `false` for conditional email sending.
Default is `true`.
',
+ default: true,
+ },
serverCloseComplete: {
env: 'PARSE_SERVER_SERVER_CLOSE_COMPLETE',
help: 'Callback when server has closed',
@@ -542,8 +548,7 @@ module.exports.ParseServerOptions = {
verifyUserEmails: {
env: 'PARSE_SERVER_VERIFY_USER_EMAILS',
help:
- 'Set to `true` to require users to verify their email address to complete the sign-up process.
Default is `false`.',
- action: parsers.booleanParser,
+ 'Set to `true` to require users to verify their email address to complete the sign-up process. Supports a function with a return value of `true` or `false` for conditional verification.
Default is `false`.',
default: false,
},
webhookKey: {
diff --git a/src/Options/docs.js b/src/Options/docs.js
index 847e7df944..2e1390345d 100644
--- a/src/Options/docs.js
+++ b/src/Options/docs.js
@@ -89,6 +89,7 @@
* @property {Boolean} scheduledPush Configuration for push scheduling, defaults to false.
* @property {SchemaOptions} schema Defined schema
* @property {SecurityOptions} security The security options to identify and report weak security settings.
+ * @property {Boolean} sendUserEmailVerification Set to `false` to prevent sending of verification email. Supports a function with a return value of `true` or `false` for conditional email sending.
Default is `true`.
* @property {Function} serverCloseComplete Callback when server has closed
* @property {String} serverURL URL to your parse server with http:// or https://.
* @property {Number} sessionLength Session duration, in seconds, defaults to 1 year
@@ -97,7 +98,7 @@
* @property {Any} trustProxy The trust proxy settings. It is important to understand the exact setup of the reverse proxy, since this setting will trust values provided in the Parse Server API request. See the express trust proxy settings documentation. Defaults to `false`.
* @property {String[]} userSensitiveFields Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields
* @property {Boolean} verbose Set the logging to verbose
- * @property {Boolean} verifyUserEmails Set to `true` to require users to verify their email address to complete the sign-up process.
Default is `false`.
+ * @property {Boolean} verifyUserEmails Set to `true` to require users to verify their email address to complete the sign-up process. Supports a function with a return value of `true` or `false` for conditional verification.
Default is `false`.
* @property {String} webhookKey Key sent with outgoing webhook calls
*/
diff --git a/src/Options/index.js b/src/Options/index.js
index 87813147f7..2008301c7d 100644
--- a/src/Options/index.js
+++ b/src/Options/index.js
@@ -153,11 +153,11 @@ export interface ParseServerOptions {
/* Max file size for uploads, defaults to 20mb
:DEFAULT: 20mb */
maxUploadSize: ?string;
- /* Set to `true` to require users to verify their email address to complete the sign-up process.
+ /* Set to `true` to require users to verify their email address to complete the sign-up process. Supports a function with a return value of `true` or `false` for conditional verification.
Default is `false`.
:DEFAULT: false */
- verifyUserEmails: ?boolean;
+ verifyUserEmails: ?(boolean | void);
/* Set to `true` to prevent a user from logging in if the email has not yet been verified and email verification is required.
Default is `false`.
@@ -188,6 +188,12 @@ export interface ParseServerOptions {
Requires option `verifyUserEmails: true`.
:DEFAULT: false */
emailVerifyTokenReuseIfValid: ?boolean;
+ /* Set to `false` to prevent sending of verification email. Supports a function with a return value of `true` or `false` for conditional email sending.
+
+ Default is `true`.
+
+ :DEFAULT: true */
+ sendUserEmailVerification: ?(boolean | void);
/* The account lockout policy for failed login attempts. */
accountLockout: ?AccountLockoutOptions;
/* The password policy for enforcing password related rules. */
diff --git a/src/RestWrite.js b/src/RestWrite.js
index f7c6a53592..003a4a7d0a 100644
--- a/src/RestWrite.js
+++ b/src/RestWrite.js
@@ -113,6 +113,9 @@ RestWrite.prototype.execute = function () {
.then(() => {
return this.validateAuthData();
})
+ .then(() => {
+ return this.checkRestrictedFields();
+ })
.then(() => {
return this.runBeforeSaveTrigger();
})
@@ -603,17 +606,23 @@ RestWrite.prototype.handleAuthData = async function (authData) {
}
};
-// The non-third-party parts of User transformation
-RestWrite.prototype.transformUser = function () {
- var promise = Promise.resolve();
+RestWrite.prototype.checkRestrictedFields = async function () {
if (this.className !== '_User') {
- return promise;
+ return;
}
if (!this.auth.isMaintenance && !this.auth.isMaster && 'emailVerified' in this.data) {
const error = `Clients aren't allowed to manually update email verification.`;
throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
}
+};
+
+// The non-third-party parts of User transformation
+RestWrite.prototype.transformUser = function () {
+ var promise = Promise.resolve();
+ if (this.className !== '_User') {
+ return promise;
+ }
// Do not cleanup session if objectId is not set
if (this.query && this.objectId()) {
@@ -751,8 +760,14 @@ RestWrite.prototype._validateEmail = function () {
Object.keys(this.data.authData)[0] === 'anonymous')
) {
// We updated the email, send a new validation
- this.storage['sendVerificationEmail'] = true;
- this.config.userController.setEmailVerifyToken(this.data);
+ const { originalObject, updatedObject } = this.buildParseObjects();
+ const request = {
+ original: originalObject,
+ object: updatedObject,
+ master: this.auth.isMaster,
+ ip: this.config.ip,
+ };
+ return this.config.userController.setEmailVerifyToken(this.data, request, this.storage);
}
});
};
@@ -864,7 +879,7 @@ RestWrite.prototype._validatePasswordHistory = function () {
return Promise.resolve();
};
-RestWrite.prototype.createSessionTokenIfNeeded = function () {
+RestWrite.prototype.createSessionTokenIfNeeded = async function () {
if (this.className !== '_User') {
return;
}
@@ -878,13 +893,31 @@ RestWrite.prototype.createSessionTokenIfNeeded = function () {
}
if (
!this.storage.authProvider && // signup call, with
- this.config.preventLoginWithUnverifiedEmail && // no login without verification
+ this.config.preventLoginWithUnverifiedEmail === true && // no login without verification
this.config.verifyUserEmails
) {
// verification is on
this.storage.rejectSignup = true;
return;
}
+ if (!this.storage.authProvider && this.config.verifyUserEmails) {
+ let shouldPreventUnverifedLogin = this.config.preventLoginWithUnverifiedEmail;
+ if (typeof this.config.preventLoginWithUnverifiedEmail === 'function') {
+ const { originalObject, updatedObject } = this.buildParseObjects();
+ const request = {
+ original: originalObject,
+ object: updatedObject,
+ master: this.auth.isMaster,
+ ip: this.config.ip,
+ };
+ shouldPreventUnverifedLogin = await Promise.resolve(
+ this.config.preventLoginWithUnverifiedEmail(request)
+ );
+ }
+ if (shouldPreventUnverifedLogin === true) {
+ return;
+ }
+ }
return this.createSessionToken();
};
@@ -1010,7 +1043,7 @@ RestWrite.prototype.handleFollowup = function () {
if (this.storage && this.storage['sendVerificationEmail']) {
delete this.storage['sendVerificationEmail'];
// Fire and forget!
- this.config.userController.sendVerificationEmail(this.data);
+ this.config.userController.sendVerificationEmail(this.data, { auth: this.auth });
return this.handleFollowup.bind(this);
}
};
diff --git a/src/Routers/PagesRouter.js b/src/Routers/PagesRouter.js
index 5d5a1467a7..79a487b6e4 100644
--- a/src/Routers/PagesRouter.js
+++ b/src/Routers/PagesRouter.js
@@ -125,7 +125,7 @@ export class PagesRouter extends PromiseRouter {
const userController = config.userController;
- return userController.resendVerificationEmail(username).then(
+ return userController.resendVerificationEmail(username, req).then(
() => {
return this.goToPage(req, pages.emailVerificationSendSuccess);
},
diff --git a/src/Routers/PublicAPIRouter.js b/src/Routers/PublicAPIRouter.js
index 5009ee7d22..ddef76a5b8 100644
--- a/src/Routers/PublicAPIRouter.js
+++ b/src/Routers/PublicAPIRouter.js
@@ -63,7 +63,7 @@ export class PublicAPIRouter extends PromiseRouter {
const userController = config.userController;
- return userController.resendVerificationEmail(username).then(
+ return userController.resendVerificationEmail(username, req).then(
() => {
return Promise.resolve({
status: 302,
diff --git a/src/Routers/UsersRouter.js b/src/Routers/UsersRouter.js
index feca46e802..e58f3dda6d 100644
--- a/src/Routers/UsersRouter.js
+++ b/src/Routers/UsersRouter.js
@@ -447,7 +447,7 @@ export class UsersRouter extends ClassesRouter {
}
}
- handleVerificationEmailRequest(req) {
+ async handleVerificationEmailRequest(req) {
this._throwOnBadEmailConfig(req);
const { email } = req.body;
@@ -461,25 +461,25 @@ export class UsersRouter extends ClassesRouter {
);
}
- return req.config.database.find('_User', { email: email }).then(results => {
- if (!results.length || results.length < 1) {
- throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `No user found with email ${email}`);
- }
- const user = results[0];
+ const results = await req.config.database.find('_User', { email: email });
+ if (!results.length || results.length < 1) {
+ throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `No user found with email ${email}`);
+ }
+ const user = results[0];
- // remove password field, messes with saving on postgres
- delete user.password;
+ // remove password field, messes with saving on postgres
+ delete user.password;
- if (user.emailVerified) {
- throw new Parse.Error(Parse.Error.OTHER_CAUSE, `Email ${email} is already verified.`);
- }
+ if (user.emailVerified) {
+ throw new Parse.Error(Parse.Error.OTHER_CAUSE, `Email ${email} is already verified.`);
+ }
- const userController = req.config.userController;
- return userController.regenerateEmailVerifyToken(user).then(() => {
- userController.sendVerificationEmail(user);
- return { response: {} };
- });
- });
+ const userController = req.config.userController;
+ const send = await userController.regenerateEmailVerifyToken(user, req.auth.isMaster);
+ if (send) {
+ userController.sendVerificationEmail(user, req);
+ }
+ return { response: {} };
}
async handleChallenge(req) {