From 2062413c75d244388ce4119349933601cba8c4c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20Salgado?= Date: Tue, 20 Apr 2021 00:06:37 +0100 Subject: [PATCH] fix: possible two factor secret bug --- lib/new-admin/graphql/modules/authentication.js | 4 ++-- .../src/pages/UserManagement/modals/CreateUserModal.js | 3 ++- .../src/pages/UserManagement/modals/Reset2FAModal.js | 3 ++- .../src/pages/UserManagement/modals/ResetPasswordModal.js | 5 ++--- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/new-admin/graphql/modules/authentication.js b/lib/new-admin/graphql/modules/authentication.js index 43487d40..16aec232 100644 --- a/lib/new-admin/graphql/modules/authentication.js +++ b/lib/new-admin/graphql/modules/authentication.js @@ -186,12 +186,12 @@ const disableUser = (code, id, context) => { const createResetPasswordToken = (code, userID, context) => { const action = () => users.createAuthToken(userID, 'reset_password') - return executeProtectedAction(code, id, context, action) + return executeProtectedAction(code, userID, context, action) } const createReset2FAToken = (code, userID, context) => { const action = () => users.createAuthToken(userID, 'reset_twofa') - return executeProtectedAction(code, id, context, action) + return executeProtectedAction(code, userID, context, action) } const createRegisterToken = (username, role) => { diff --git a/new-lamassu-admin/src/pages/UserManagement/modals/CreateUserModal.js b/new-lamassu-admin/src/pages/UserManagement/modals/CreateUserModal.js index 748a0ae8..656d95fb 100644 --- a/new-lamassu-admin/src/pages/UserManagement/modals/CreateUserModal.js +++ b/new-lamassu-admin/src/pages/UserManagement/modals/CreateUserModal.js @@ -12,6 +12,7 @@ import { Button } from 'src/components/buttons' import { TextInput, RadioGroup } from 'src/components/inputs/formik' import { H1, H3, Info2, P, Mono } from 'src/components/typography' import CopyToClipboard from 'src/pages/Transactions/CopyToClipboard' +import { URI } from 'src/utils/apollo' import styles from '../UserManagement.styles' @@ -62,7 +63,7 @@ const CreateUserModal = ({ showModal, toggleModal }) => { const [createUser, { error }] = useMutation(CREATE_USER, { onCompleted: ({ createRegisterToken: token }) => { - setCreateUserURL(`https://localhost:3001/register?t=${token.token}`) + setCreateUserURL(`${URI}/register?t=${token.token}`) } }) diff --git a/new-lamassu-admin/src/pages/UserManagement/modals/Reset2FAModal.js b/new-lamassu-admin/src/pages/UserManagement/modals/Reset2FAModal.js index 722783e7..3b4e119e 100644 --- a/new-lamassu-admin/src/pages/UserManagement/modals/Reset2FAModal.js +++ b/new-lamassu-admin/src/pages/UserManagement/modals/Reset2FAModal.js @@ -6,6 +6,7 @@ import React, { useEffect, useState } from 'react' import Modal from 'src/components/Modal' import { Info2, P, Mono } from 'src/components/typography' import CopyToClipboard from 'src/pages/Transactions/CopyToClipboard' +import { URI } from 'src/utils/apollo' import styles from '../UserManagement.styles' @@ -36,7 +37,7 @@ const Reset2FAModal = ({ CREATE_RESET_2FA_TOKEN, { onCompleted: ({ createReset2FAToken: token }) => { - setReset2FAUrl(`https://localhost:3001/reset2fa?t=${token.token}`) + setReset2FAUrl(`${URI}/reset2fa?t=${token.token}`) } } ) diff --git a/new-lamassu-admin/src/pages/UserManagement/modals/ResetPasswordModal.js b/new-lamassu-admin/src/pages/UserManagement/modals/ResetPasswordModal.js index e02a14b4..d7590bce 100644 --- a/new-lamassu-admin/src/pages/UserManagement/modals/ResetPasswordModal.js +++ b/new-lamassu-admin/src/pages/UserManagement/modals/ResetPasswordModal.js @@ -6,6 +6,7 @@ import React, { useEffect, useState } from 'react' import Modal from 'src/components/Modal' import { Info2, P, Mono } from 'src/components/typography' import CopyToClipboard from 'src/pages/Transactions/CopyToClipboard' +import { URI } from 'src/utils/apollo' import styles from '../UserManagement.styles' @@ -39,9 +40,7 @@ const ResetPasswordModal = ({ CREATE_RESET_PASSWORD_TOKEN, { onCompleted: ({ createResetPasswordToken: token }) => { - setResetPasswordUrl( - `https://localhost:3001/resetpassword?t=${token.token}` - ) + setResetPasswordUrl(`${URI}/resetpassword?t=${token.token}`) } } )