Merge remote-tracking branch 'origin/master' into develop

2021-10-24 14:08:45 +02:00
parent 49639930a8 81847456f1
commit 531075208f
7 changed files with 66 additions and 20 deletions
--- a/integration-tests/api/tests/store/customer.js
+++ b/integration-tests/api/tests/store/customer.js
@@ -264,4 +264,33 @@ describe("/store/customers", () => {
      expect(response.data.customer.billing_address_id).toEqual(null)
    })
  })
+
+  describe("POST /store/customers/password-token", () => {
+    beforeEach(async () => {
+      const manager = dbConnection.manager
+      await manager.insert(Customer, {
+        id: "test_customer",
+        first_name: "John",
+        last_name: "Deere",
+        email: "john@deere.com",
+        password_hash:
+          "c2NyeXB0AAEAAAABAAAAAVMdaddoGjwU1TafDLLlBKnOTQga7P2dbrfgf3fB+rCD/cJOMuGzAvRdKutbYkVpuJWTU39P7OpuWNkUVoEETOVLMJafbI8qs8Qx/7jMQXkN", // password matching "test"
+        has_account: true,
+      })
+    })
+
+    afterEach(async () => {
+      await doAfterEach()
+    })
+
+    it("creates token", async () => {
+      const api = useApi()
+
+      const response = await api.post(`/store/customers/password-token`, {
+        email: "john@deere.com",
+      })
+
+      expect(response.status).toEqual(204)
+    })
+  })
 })
--- a/packages/medusa/CHANGELOG.md
+++ b/packages/medusa/CHANGELOG.md
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.1.47](https://github.com/medusajs/medusa/compare/@medusajs/medusa@1.1.46...@medusajs/medusa@1.1.47) (2021-10-23)
+
+### Bug Fixes
+
+- pull missing fields ([b82b43b](https://github.com/medusajs/medusa/commit/b82b43b4c64dc5bc705a439a214f9d1dc9976e21))
+
 ## [1.1.46](https://github.com/medusajs/medusa/compare/@medusajs/medusa@1.1.45...@medusajs/medusa@1.1.46) (2021-10-19)

 ### Bug Fixes
--- a/packages/medusa/package.json
+++ b/packages/medusa/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@medusajs/medusa",
-  "version": "1.1.46",
+  "version": "1.1.47",
  "description": "E-commerce for JAMstack",
  "main": "dist/index.js",
  "bin": {
--- a/packages/medusa/src/api/routes/store/customers/reset-password.js
+++ b/packages/medusa/src/api/routes/store/customers/reset-password.js
@@ -24,7 +24,9 @@ import jwt from "jsonwebtoken"
 */
 export default async (req, res) => {
  const schema = Validator.object().keys({
-    email: Validator.string().email().required(),
+    email: Validator.string()
+      .email()
+      .required(),
    token: Validator.string().required(),
    password: Validator.string().required(),
  })
@@ -34,23 +36,21 @@ export default async (req, res) => {
    throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details)
  }

-  try {
-    const customerService = req.scope.resolve("customerService")
-    let customer = await customerService.retrieveByEmail(value.email)
+  const customerService = req.scope.resolve("customerService")
+  let customer = await customerService.retrieveByEmail(value.email, {
+    select: ["id", "password_hash"],
+  })

-    const decodedToken = await jwt.verify(value.token, customer.password_hash)
-    if (!decodedToken || customer.id !== decodedToken.customer_id) {
-      res.status(401).send("Invalid or expired password reset token")
-      return
-    }
-
-    await customerService.update(customer.id, {
-      password: value.password,
-    })
-
-    customer = await customerService.retrieve(customer.id)
-    res.status(200).json({ customer })
-  } catch (error) {
-    throw error
+  const decodedToken = jwt.verify(value.token, customer.password_hash)
+  if (!decodedToken || customer.id !== decodedToken.customer_id) {
+    res.status(401).send("Invalid or expired password reset token")
+    return
  }
+
+  await customerService.update(customer.id, {
+    password: value.password,
+  })
+
+  customer = await customerService.retrieve(customer.id)
+  res.status(200).json({ customer })
 }
--- a/packages/medusa/src/loaders/search-index.js
+++ b/packages/medusa/src/loaders/search-index.js
@@ -17,6 +17,7 @@ async function loadProductsIntoSearchEngine(container) {
        select: [
          "id",
          "title",
+          "status",
          "subtitle",
          "description",
          "handle",
--- a/packages/medusa/src/services/customer.js
+++ b/packages/medusa/src/services/customer.js
@@ -94,7 +94,16 @@ class CustomerService extends BaseService {
   * @return {string} the generated JSON web token
   */
  async generateResetPasswordToken(customerId) {
-    const customer = await this.retrieve(customerId)
+    const customer = await this.retrieve(customerId, {
+      select: [
+        "id",
+        "has_account",
+        "password_hash",
+        "email",
+        "first_name",
+        "last_name",
+      ],
+    })

    if (!customer.has_account) {
      throw new MedusaError(
--- a/packages/medusa/src/subscribers/product.js
+++ b/packages/medusa/src/subscribers/product.js
@@ -6,6 +6,7 @@ const searchFields = [
  "id",
  "title",
  "subtitle",
+  "status",
  "description",
  "handle",
  "is_giftcard",