Mirrors/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-12 13:17:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

Check email validity before using it for password hint sending

Browse Source
This commit is contained in:
Jean-Christophe BEGUE
2018-08-15 17:25:59 +02:00
committed by Jean-Christophe BEGUE
parent 401aa7c699
commit 9e63985b28
4 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/api/core/accounts.rs
View File

@ -5,6 +5,7 @@ use db::models::*;
use api::{PasswordData, JsonResult, EmptyResult, JsonUpcase, NumberOrString};
use auth::Headers;
use fast_chemail::is_valid_email;
use mail;
use CONFIG;
@ -259,6 +260,10 @@ struct PasswordHintData {
fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
let data: PasswordHintData = data.into_inner().data;
if !is_valid_email(&data.Email) {
return Ok(());
}
let user = User::find_by_mail(&data.Email, &conn);
if user.is_none() {
return Ok(());