From 4d550e09986c210d4a242b5db82d5a3952f6184b Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Mon, 22 Jun 2020 11:40:45 +0100
Subject: [PATCH] mod_easy_invite: Invalidate password reset tokens after use

Requires Prosody 84441c19750e
---
 snikket-modules/mod_easy_invite/mod_easy_invite.lua | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/snikket-modules/mod_easy_invite/mod_easy_invite.lua b/snikket-modules/mod_easy_invite/mod_easy_invite.lua
index 1beac7e..51e7453 100644
--- a/snikket-modules/mod_easy_invite/mod_easy_invite.lua
+++ b/snikket-modules/mod_easy_invite/mod_easy_invite.lua
@@ -194,6 +194,15 @@ module:hook("user-registered", function (event)
 	end
 end);
 
+-- Equivalent of user-registered but for when the account already existed
+-- (i.e. password reset)
+module:hook("user-password-reset", function (event)
+	local validated_invite = event.validated_invite or (event.session and event.session.validated_invite);
+	if not validated_invite then
+		return;
+	end
+	validated_invite:use();
+end);
 
 local sm = require "core.storagemanager";
 function module.command(arg)