fix: password reset flows should allow some cases with no primary use…

…r and ep user existing (#941) * fix: password reset flows should allow some cases with no primary user and ep user existing * fix: refactor based on review comments
supertokens · Oct 10, 2024 · 72e774f · 72e774f
1 parent 0d8b577
commit 72e774f
Show file tree

Hide file tree

Showing 10 changed files with 440 additions and 308 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [20.1.5] - 2024-10-09
+
+-   Fixes an issue where users were not able to reset their password if a user with the same email address was created before account linking was enabled.
+-   Fixes and re-works some security checks connected to password reset.
+
 ## [20.1.4] - 2024-10-07
 
 -   Fixes an issue where revoking sessions for a specific tenant didn't work well

diff --git a/lib/build/recipe/accountlinking/recipe.d.ts b/lib/build/recipe/accountlinking/recipe.d.ts
@@ -118,7 +118,12 @@ export default class Recipe extends RecipeModule {
         recipeUserId: RecipeUserId;
         userContext: UserContext;
     }) => Promise<void>;
-    private shouldBecomePrimaryUser;
+    shouldBecomePrimaryUser(
+        user: User,
+        tenantId: string,
+        session: SessionContainerInterface | undefined,
+        userContext: UserContext
+    ): Promise<boolean>;
     tryLinkingByAccountInfoOrCreatePrimaryUser({
         inputUser,
         session,

diff --git a/lib/build/recipe/emailpassword/api/implementation.js b/lib/build/recipe/emailpassword/api/implementation.js
diff --git a/lib/build/version.d.ts b/lib/build/version.d.ts
diff --git a/lib/build/version.js b/lib/build/version.js
diff --git a/lib/ts/recipe/accountlinking/recipe.ts b/lib/ts/recipe/accountlinking/recipe.ts
@@ -740,7 +740,7 @@ export default class Recipe extends RecipeModule {
         }
     };
 
-    private async shouldBecomePrimaryUser(
+    public async shouldBecomePrimaryUser(
         user: User,
         tenantId: string,
         session: SessionContainerInterface | undefined,

diff --git a/lib/ts/recipe/emailpassword/api/implementation.ts b/lib/ts/recipe/emailpassword/api/implementation.ts
diff --git a/lib/ts/version.ts b/lib/ts/version.ts
@@ -12,7 +12,7 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-export const version = "20.1.4";
+export const version = "20.1.5";
 
 export const cdiSupported = ["5.1"];
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "supertokens-node",
-    "version": "20.1.4",
+    "version": "20.1.5",
     "description": "NodeJS driver for SuperTokens core",
     "main": "index.js",
     "scripts": {