jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

users: add note about invitationToken

Browse Source 
this is a one time token that is valid until the account is set up.
this is the reason it has no expiry time.
This commit is contained in:
Girish Ramakrishnan
2026-01-17 09:44:43 +01:00
parent ce0024a43c
commit 2b362d8eaf
2 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/users.js
View File

@@ -194,9 +194,7 @@ function removePrivateFields(user) {
'id', 'username', 'email', 'fallbackEmail', 'displayName', 'groupIds', 'active', 'source', 'role', 'createdAt',
'twoFactorAuthenticationEnabled', 'notificationConfig', 'hasAvatar', 'hasBackgroundImage' ]);
// invite status indicator
result.inviteAccepted = !user.inviteToken;
result.inviteAccepted = !user.inviteToken; // invite status indicator
return result;
}
@@ -284,7 +282,7 @@ async function add(email, data, auditSource) {
password: Buffer.from(derivedKey, 'binary').toString('hex'),
salt: salt.toString('hex'),
resetToken: '',
inviteToken: hat(256), // new users start out with invite tokens
inviteToken: hat(256), // new users start out a one-time invite token
displayName,
source,
role,