Add `options.preserveAccessTokens`

Add an option to preserve access tokens when email/password is changed.
This commit is contained in:
lchaglla 2018-10-05 22:05:24 +02:00 committed by Miroslav Bajtoš
parent 0bb7cd67ec
commit 2b7b0e1cc1
No known key found for this signature in database
GPG Key ID: 6F2304BA9361C7E3
2 changed files with 13 additions and 0 deletions

View File

@ -1385,6 +1385,8 @@ module.exports = function(User) {
if (!newEmail && !newPassword) return next();
if (ctx.options.preserveAccessTokens) return next();
var userIdsToExpire = ctx.hookState.originalUserData.filter(function(u) {
return (newEmail && u.email !== newEmail) ||
(newPassword && u.password !== newPassword);

View File

@ -2755,6 +2755,17 @@ describe('User', function() {
], done);
});
it('keeps sessions sessions when preserveAccessTokens is passed in options', function(done) {
user.updateAttributes(
{email: 'invalidateAccessTokens@example.com'},
{preserveAccessTokens: true},
function(err, userInstance) {
if (err) return done(err);
assertPreservedTokens(done);
}
);
});
it('preserves other users\' sessions if their email is untouched', function(done) {
var user1, user2, user3;
async.series([