mod_easy_invite: Invalidate password reset tokens after use

Requires Prosody 84441c19750e
2020-06-22 11:40:45 +01:00 · 2020-06-22 11:40:45 +01:00 · 4d550e0998
parent 395ab8d404
commit 4d550e0998
1 changed files with 9 additions and 0 deletions
--- a/snikket-modules/mod_easy_invite/mod_easy_invite.lua
+++ b/snikket-modules/mod_easy_invite/mod_easy_invite.lua
@ -194,6 +194,15 @@ module:hook("user-registered", function (event)
 	end
 end);

+-- Equivalent of user-registered but for when the account already existed
+-- (i.e. password reset)
+module:hook("user-password-reset", function (event)
+	local validated_invite = event.validated_invite or (event.session and event.session.validated_invite);
+	if not validated_invite then
+		return;
+	end
+	validated_invite:use();
+end);

 local sm = require "core.storagemanager";
 function module.command(arg)