mirror of
https://github.com/google/nomulus
synced 2026-06-09 16:33:02 +00:00
Use existing pw reset code if creating from an existing instance (#3091)
this means that modifying requests changes them in place in the db
This commit is contained in:
@@ -118,7 +118,9 @@ public class PasswordResetRequest extends ImmutableObject implements Buildable {
|
||||
checkArgumentNotNull(getInstance().requester, "Requester must be specified");
|
||||
checkArgumentNotNull(getInstance().destinationEmail, "Destination email must be specified");
|
||||
checkArgumentNotNull(getInstance().registrarId, "Registrar ID must be specified");
|
||||
getInstance().verificationCode = UUID.randomUUID().toString();
|
||||
if (getInstance().verificationCode == null) {
|
||||
getInstance().verificationCode = UUID.randomUUID().toString();
|
||||
}
|
||||
return super.build();
|
||||
}
|
||||
|
||||
|
||||
+10
@@ -85,6 +85,16 @@ public class PasswordResetVerifyActionTest extends ConsoleActionBaseTestCase {
|
||||
.isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFailure_post_replay() throws Exception {
|
||||
createAction("POST", verificationCode, "newPassword1").run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
|
||||
|
||||
// Attempting to reuse the same code should fail
|
||||
createAction("POST", verificationCode, "newPassword2").run();
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_BAD_REQUEST);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFailure_get_invalidVerificationCode() throws Exception {
|
||||
createAction("GET", "invalid", null).run();
|
||||
|
||||
Reference in New Issue
Block a user