Clear email tokens on email update - entryway (#2130)

delete email tokens on email update
bluesky-social · Feb 3, 2024 · 346d04d · 346d04d
1 parent 4127d0f
commit 346d04d
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/packages/pds/src/api/com/atproto/server/updateEmail.ts b/packages/pds/src/api/com/atproto/server/updateEmail.ts
@@ -35,9 +35,8 @@ export default function (server: Server, ctx: AppContext) {
       await ctx.db.transaction(async (dbTxn) => {
         const accntSrvce = ctx.services.account(dbTxn)
 
-        if (token) {
-          await accntSrvce.deleteEmailToken(did, 'update_email')
-        }
+        await accntSrvce.deleteAllEmailTokens(did)
+
         if (user.email !== email) {
           try {
             await accntSrvce.updateEmail(did, email)

diff --git a/packages/pds/src/services/account/index.ts b/packages/pds/src/services/account/index.ts
@@ -546,6 +546,13 @@ export class AccountService {
       .executeTakeFirst()
   }
 
+  async deleteAllEmailTokens(did: string) {
+    await this.db.db
+      .deleteFrom('email_token')
+      .where('did', '=', did)
+      .executeTakeFirst()
+  }
+
   async assertValidToken(
     did: string,
     purpose: EmailTokenPurpose,