feat: use alternate template for pwd reset on existing account creation

This commit is contained in:
izzy
2025-05-10 16:11:08 +01:00
parent 1a04297725
commit 62d4c1f9f8
4 changed files with 18 additions and 6 deletions
@@ -59,6 +59,8 @@ pub struct Templates {
pub verify: Template,
/// Template for password reset
pub reset: Template,
/// Template for password reset when the account already exists on creation
pub reset_existing: Template,
/// Template for account deletion
pub deletion: Template,
/// Template for welcome email
+14 -4
View File
@@ -40,7 +40,7 @@ impl Account {
if let EmailVerification::Pending { .. } = &account.verification {
account.start_email_verification(authifier).await?;
} else {
account.start_password_reset(authifier).await?;
account.start_password_reset(authifier, true).await?;
}
Ok(account)
@@ -187,19 +187,29 @@ impl Account {
}
/// Send password reset email
pub async fn start_password_reset(&mut self, authifier: &Authifier) -> Success {
pub async fn start_password_reset(
&mut self,
authifier: &Authifier,
existing_account: bool,
) -> Success {
if let EmailVerificationConfig::Enabled {
templates,
expiry,
smtp,
} = &authifier.config.email_verification
{
let template = if existing_account {
&templates.reset_existing
} else {
&templates.reset
};
let token = nanoid!(32);
let url = format!("{}{}", templates.reset.url, token);
let url = format!("{}{}", template.url, token);
smtp.send_email(
self.email.clone(),
&templates.reset,
&template,
json!({
"email": self.email.clone(),
"url": url
@@ -48,7 +48,7 @@ pub async fn resend_verification(
match account.verification {
EmailVerification::Verified => {
// Send password reset if already verified
account.start_password_reset(authifier).await?;
account.start_password_reset(authifier, true).await?;
}
EmailVerification::Pending { .. } => {
// Resend if not verified yet
@@ -47,7 +47,7 @@ pub async fn send_password_reset(
.find_account_by_normalised_email(&email_normalised)
.await?
{
account.start_password_reset(authifier).await?;
account.start_password_reset(authifier, false).await?;
}
// Never fail this route, (except for db error)