From 2b7b0e1cc14e7bb4db5778bc6224f047f8daaa51 Mon Sep 17 00:00:00 2001
From: lchaglla <lchaglla@maubic.es>
Date: Fri, 5 Oct 2018 22:05:24 +0200
Subject: [PATCH] Add `options.preserveAccessTokens`

Add an option to preserve access tokens when email/password is changed.
---
 common/models/user.js |  2 ++
 test/user.test.js     | 11 +++++++++++
 2 files changed, 13 insertions(+)

diff --git a/common/models/user.js b/common/models/user.js
index 53f1ed8a..a65059a8 100644
--- a/common/models/user.js
+++ b/common/models/user.js
@@ -1385,6 +1385,8 @@ module.exports = function(User) {
 
     if (!newEmail && !newPassword) return next();
 
+    if (ctx.options.preserveAccessTokens) return next();
+
     var userIdsToExpire = ctx.hookState.originalUserData.filter(function(u) {
       return (newEmail && u.email !== newEmail) ||
         (newPassword && u.password !== newPassword);
diff --git a/test/user.test.js b/test/user.test.js
index b11d5c7c..5ab617e9 100644
--- a/test/user.test.js
+++ b/test/user.test.js
@@ -2755,6 +2755,17 @@ describe('User', function() {
       ], done);
     });
 
+    it('keeps sessions sessions when preserveAccessTokens is passed in options', function(done) {
+      user.updateAttributes(
+        {email: 'invalidateAccessTokens@example.com'},
+        {preserveAccessTokens: true},
+        function(err, userInstance) {
+          if (err) return done(err);
+          assertPreservedTokens(done);
+        }
+      );
+    });
+
     it('preserves other users\' sessions if their email is  untouched', function(done) {
       var user1, user2, user3;
       async.series([