encode email in url param

This commit is contained in:
miloschwartz
2026-07-16 21:28:36 -04:00
parent 3c9f0946d2
commit a30119f5e8
4 changed files with 24 additions and 12 deletions
+1 -1
View File
@@ -99,7 +99,7 @@ export async function requestPasswordReset(
}); });
}); });
const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${email}&token=${token}`; const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${encodeURIComponent(email)}&token=${token}`;
if (!config.getRawConfig().email) { if (!config.getRawConfig().email) {
logger.info( logger.info(
@@ -94,7 +94,7 @@ export async function adminGeneratePasswordResetCode(
}); });
}); });
const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${existingUser[0].email}&token=${token}`; const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${encodeURIComponent(existingUser[0].email!)}&token=${token}`;
logger.info( logger.info(
`Admin generated password reset code for user ${existingUser[0].email} (${userId})` `Admin generated password reset code for user ${existingUser[0].email} (${userId})`
+2 -2
View File
@@ -287,7 +287,7 @@ export async function inviteUser(
) )
); );
const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${email}`; const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${encodeURIComponent(email)}`;
if (doEmail) { if (doEmail) {
await sendEmail( await sendEmail(
@@ -341,7 +341,7 @@ export async function inviteUser(
.values(uniqueRoleIds.map((roleId) => ({ inviteId, roleId }))); .values(uniqueRoleIds.map((roleId) => ({ inviteId, roleId })));
}); });
const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${email}`; const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${encodeURIComponent(email)}`;
if (doEmail) { if (doEmail) {
await sendEmail( await sendEmail(
+20 -8
View File
@@ -93,14 +93,20 @@ export default function InviteStatusCard({
setType(type); setType(type);
if (!user && type === "user_does_not_exist") { if (!user && type === "user_does_not_exist") {
const inviteRedirect = encodeURIComponent(
`/invite?token=${tokenParam}`
);
const redirectUrl = email const redirectUrl = email
? `/auth/signup?redirect=/invite?token=${tokenParam}&email=${email}` ? `/auth/signup?redirect=${inviteRedirect}&email=${encodeURIComponent(email)}`
: `/auth/signup?redirect=/invite?token=${tokenParam}`; : `/auth/signup?redirect=${inviteRedirect}`;
router.push(redirectUrl); router.push(redirectUrl);
} else if (!user && type === "not_logged_in") { } else if (!user && type === "not_logged_in") {
const inviteRedirect = encodeURIComponent(
`/invite?token=${tokenParam}`
);
const redirectUrl = email const redirectUrl = email
? `/auth/login?redirect=/invite?token=${tokenParam}&user=${email}` ? `/auth/login?redirect=${inviteRedirect}&user=${encodeURIComponent(email)}`
: `/auth/login?redirect=/invite?token=${tokenParam}`; : `/auth/login?redirect=${inviteRedirect}`;
router.push(redirectUrl); router.push(redirectUrl);
} else { } else {
setLoading(false); setLoading(false);
@@ -112,17 +118,23 @@ export default function InviteStatusCard({
async function goToLogin() { async function goToLogin() {
await api.post("/auth/logout", {}); await api.post("/auth/logout", {});
const inviteRedirect = encodeURIComponent(
`/invite?token=${tokenParam}`
);
const redirectUrl = email const redirectUrl = email
? `/auth/login?redirect=/invite?token=${tokenParam}&user=${email}` ? `/auth/login?redirect=${inviteRedirect}&user=${encodeURIComponent(email)}`
: `/auth/login?redirect=/invite?token=${tokenParam}`; : `/auth/login?redirect=${inviteRedirect}`;
router.push(redirectUrl); router.push(redirectUrl);
} }
async function goToSignup() { async function goToSignup() {
await api.post("/auth/logout", {}); await api.post("/auth/logout", {});
const inviteRedirect = encodeURIComponent(
`/invite?token=${tokenParam}`
);
const redirectUrl = email const redirectUrl = email
? `/auth/signup?redirect=/invite?token=${tokenParam}&email=${email}` ? `/auth/signup?redirect=${inviteRedirect}&email=${encodeURIComponent(email)}`
: `/auth/signup?redirect=/invite?token=${tokenParam}`; : `/auth/signup?redirect=${inviteRedirect}`;
router.push(redirectUrl); router.push(redirectUrl);
} }