diff --git a/server/routers/auth/requestPasswordReset.ts b/server/routers/auth/requestPasswordReset.ts index 42b53d24d..aca435c7b 100644 --- a/server/routers/auth/requestPasswordReset.ts +++ b/server/routers/auth/requestPasswordReset.ts @@ -99,7 +99,7 @@ export async function requestPasswordReset( }); }); - const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${email}&token=${token}`; + const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${encodeURIComponent(email)}&token=${token}`; if (!config.getRawConfig().email) { logger.info( diff --git a/server/routers/user/adminGeneratePasswordResetCode.ts b/server/routers/user/adminGeneratePasswordResetCode.ts index 562a459e1..7ba8ce9df 100644 --- a/server/routers/user/adminGeneratePasswordResetCode.ts +++ b/server/routers/user/adminGeneratePasswordResetCode.ts @@ -94,7 +94,7 @@ export async function adminGeneratePasswordResetCode( }); }); - const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${existingUser[0].email}&token=${token}`; + const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${encodeURIComponent(existingUser[0].email!)}&token=${token}`; logger.info( `Admin generated password reset code for user ${existingUser[0].email} (${userId})` diff --git a/server/routers/user/inviteUser.ts b/server/routers/user/inviteUser.ts index 7445ee910..7b7ae9250 100644 --- a/server/routers/user/inviteUser.ts +++ b/server/routers/user/inviteUser.ts @@ -287,7 +287,7 @@ export async function inviteUser( ) ); - const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${email}`; + const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${encodeURIComponent(email)}`; if (doEmail) { await sendEmail( @@ -341,7 +341,7 @@ export async function inviteUser( .values(uniqueRoleIds.map((roleId) => ({ inviteId, roleId }))); }); - const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${email}`; + const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${encodeURIComponent(email)}`; if (doEmail) { await sendEmail( diff --git a/src/components/InviteStatusCard.tsx b/src/components/InviteStatusCard.tsx index 40b7123e7..790249904 100644 --- a/src/components/InviteStatusCard.tsx +++ b/src/components/InviteStatusCard.tsx @@ -93,14 +93,20 @@ export default function InviteStatusCard({ setType(type); if (!user && type === "user_does_not_exist") { + const inviteRedirect = encodeURIComponent( + `/invite?token=${tokenParam}` + ); const redirectUrl = email - ? `/auth/signup?redirect=/invite?token=${tokenParam}&email=${email}` - : `/auth/signup?redirect=/invite?token=${tokenParam}`; + ? `/auth/signup?redirect=${inviteRedirect}&email=${encodeURIComponent(email)}` + : `/auth/signup?redirect=${inviteRedirect}`; router.push(redirectUrl); } else if (!user && type === "not_logged_in") { + const inviteRedirect = encodeURIComponent( + `/invite?token=${tokenParam}` + ); const redirectUrl = email - ? `/auth/login?redirect=/invite?token=${tokenParam}&user=${email}` - : `/auth/login?redirect=/invite?token=${tokenParam}`; + ? `/auth/login?redirect=${inviteRedirect}&user=${encodeURIComponent(email)}` + : `/auth/login?redirect=${inviteRedirect}`; router.push(redirectUrl); } else { setLoading(false); @@ -112,17 +118,23 @@ export default function InviteStatusCard({ async function goToLogin() { await api.post("/auth/logout", {}); + const inviteRedirect = encodeURIComponent( + `/invite?token=${tokenParam}` + ); const redirectUrl = email - ? `/auth/login?redirect=/invite?token=${tokenParam}&user=${email}` - : `/auth/login?redirect=/invite?token=${tokenParam}`; + ? `/auth/login?redirect=${inviteRedirect}&user=${encodeURIComponent(email)}` + : `/auth/login?redirect=${inviteRedirect}`; router.push(redirectUrl); } async function goToSignup() { await api.post("/auth/logout", {}); + const inviteRedirect = encodeURIComponent( + `/invite?token=${tokenParam}` + ); const redirectUrl = email - ? `/auth/signup?redirect=/invite?token=${tokenParam}&email=${email}` - : `/auth/signup?redirect=/invite?token=${tokenParam}`; + ? `/auth/signup?redirect=${inviteRedirect}&email=${encodeURIComponent(email)}` + : `/auth/signup?redirect=${inviteRedirect}`; router.push(redirectUrl); }