237899745/vue-driven-cloud-storage
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

🐛 修复邮箱验证链接无效的问题

Browse Source 
- 修复 UserDB.create() 中 verification_token 未哈希存储的bug
- 注册时的token现在会进行SHA256哈希,与验证时的逻辑保持一致
- 解决"无效或已过期的验证链接"错误

问题原因:注册时存储原文token,验证时用哈希后的token匹配,导致永远匹配不上

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
yuyx
2025-11-25 12:21:11 +08:00
parent 3824f1ab82
commit b188679f19
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
backend/database.js
View File

@@ -192,6 +192,11 @@ const UserDB = {
const hasFtpConfig = userData.ftp_host && userData.ftp_user && userData.ftp_password ? 1 : 0; const hasFtpConfig = userData.ftp_host && userData.ftp_user && userData.ftp_password ? 1 : 0;
// 对验证令牌进行哈希存储(与 VerificationDB.setVerification 保持一致)
const hashedVerificationToken = userData.verification_token
? crypto.createHash('sha256').update(userData.verification_token).digest('hex')
: null;
const stmt = db.prepare(` const stmt = db.prepare(`
INSERT INTO users ( INSERT INTO users (
username, email, password, username, email, password,
@@ -212,7 +217,7 @@ const UserDB = {
userData.http_download_base_url || null, userData.http_download_base_url || null,
hasFtpConfig, hasFtpConfig,
userData.is_verified !== undefined ? userData.is_verified : 0, userData.is_verified !== undefined ? userData.is_verified : 0,
userData.verification_token || null, hashedVerificationToken,
userData.verification_expires_at || null userData.verification_expires_at || null
); );