diff --git a/common/models/user.js b/common/models/user.js
index 1295e631..431548d8 100644
--- a/common/models/user.js
+++ b/common/models/user.js
@@ -681,7 +681,9 @@ module.exports = function(User) {
UserModel.observe('after save', function afterEmailUpdate(ctx, next) {
if (!ctx.Model.relations.accessTokens) return next();
var AccessToken = ctx.Model.relations.accessTokens.modelTo;
+ if (!ctx.instance && !ctx.data) return next();
var newEmail = (ctx.instance || ctx.data).email;
+ if (!newEmail) return next();
if (!ctx.hookState.originalUserData) return next();
var idsToExpire = ctx.hookState.originalUserData.filter(function(u) {
return u.email !== newEmail;
diff --git a/test/user.test.js b/test/user.test.js
index b17abc5f..1e6ae028 100644
--- a/test/user.test.js
+++ b/test/user.test.js
@@ -1972,6 +1972,43 @@ describe('User', function() {
], done);
});
+ it('keeps sessions AS IS if non-email property is changed using updateAll', function(done) {
+ var userPartial;
+ async.series([
+ function createPartialUser(next) {
+ User.create(
+ { email: 'partial@example.com', password: 'pass1', age: 25 },
+ function(err, partialInstance) {
+ if (err) return next(err);
+ userPartial = partialInstance;
+ next();
+ });
+ },
+ function loginPartiallUser(next) {
+ User.login({ email: 'partial@example.com', password: 'pass1' }, function(err, ats) {
+ if (err) return next(err);
+ next();
+ });
+ },
+ function updatePartialUser(next) {
+ User.updateAll(
+ { id: userPartial.id },
+ { age: userPartial.age + 1 },
+ function(err, info) {
+ if (err) return next(err);
+ next();
+ });
+ },
+ function verifyTokensOfPartialUser(next) {
+ AccessToken.find({ where: { userId: userPartial.id }}, function(err, tokens1) {
+ if (err) return next(err);
+ expect(tokens1.length).to.equal(1);
+ next();
+ });
+ },
+ ], done);
+ });
+
function assertPreservedToken(done) {
AccessToken.find({ where: { userId: user.id }}, function(err, tokens) {
if (err) return done(err);