From 71e1ee808b0c30f308821ec9cba298d267134fef Mon Sep 17 00:00:00 2001
From: Sebastian Rindom <skrindom@gmail.com>
Date: Fri, 22 Oct 2021 10:44:28 +0200
Subject: [PATCH 1/4] hotfix(medusa): add product status to search

---
 packages/medusa/src/loaders/search-index.js | 1 +
 packages/medusa/src/subscribers/product.js  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/packages/medusa/src/loaders/search-index.js b/packages/medusa/src/loaders/search-index.js
index ec2ef503c3..71e43b618e 100644
--- a/packages/medusa/src/loaders/search-index.js
+++ b/packages/medusa/src/loaders/search-index.js
@@ -17,6 +17,7 @@ async function loadProductsIntoSearchEngine(container) {
         select: [
           "id",
           "title",
+          "status",
           "subtitle",
           "description",
           "handle",
diff --git a/packages/medusa/src/subscribers/product.js b/packages/medusa/src/subscribers/product.js
index bad993d4af..971fafb372 100644
--- a/packages/medusa/src/subscribers/product.js
+++ b/packages/medusa/src/subscribers/product.js
@@ -6,6 +6,7 @@ const searchFields = [
   "id",
   "title",
   "subtitle",
+  "status",
   "description",
   "handle",
   "is_giftcard",

From b82b43b4c64dc5bc705a439a214f9d1dc9976e21 Mon Sep 17 00:00:00 2001
From: Sebastian Rindom <skrindom@gmail.com>
Date: Sat, 23 Oct 2021 13:07:41 +0200
Subject: [PATCH 2/4] fix: pull missing fields

---
 .../routes/store/customers/reset-password.js  | 36 +++++++++----------
 packages/medusa/src/services/customer.js      | 11 +++++-
 2 files changed, 28 insertions(+), 19 deletions(-)

diff --git a/packages/medusa/src/api/routes/store/customers/reset-password.js b/packages/medusa/src/api/routes/store/customers/reset-password.js
index 4242e0e8f5..93dba48351 100644
--- a/packages/medusa/src/api/routes/store/customers/reset-password.js
+++ b/packages/medusa/src/api/routes/store/customers/reset-password.js
@@ -24,7 +24,9 @@ import jwt from "jsonwebtoken"
  */
 export default async (req, res) => {
   const schema = Validator.object().keys({
-    email: Validator.string().email().required(),
+    email: Validator.string()
+      .email()
+      .required(),
     token: Validator.string().required(),
     password: Validator.string().required(),
   })
@@ -34,23 +36,21 @@ export default async (req, res) => {
     throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details)
   }
 
-  try {
-    const customerService = req.scope.resolve("customerService")
-    let customer = await customerService.retrieveByEmail(value.email)
+  const customerService = req.scope.resolve("customerService")
+  let customer = await customerService.retrieveByEmail(value.email, {
+    select: ["id", "password_hash"],
+  })
 
-    const decodedToken = await jwt.verify(value.token, customer.password_hash)
-    if (!decodedToken || customer.id !== decodedToken.customer_id) {
-      res.status(401).send("Invalid or expired password reset token")
-      return
-    }
-
-    await customerService.update(customer.id, {
-      password: value.password,
-    })
-
-    customer = await customerService.retrieve(customer.id)
-    res.status(200).json({ customer })
-  } catch (error) {
-    throw error
+  const decodedToken = jwt.verify(value.token, customer.password_hash)
+  if (!decodedToken || customer.id !== decodedToken.customer_id) {
+    res.status(401).send("Invalid or expired password reset token")
+    return
   }
+
+  await customerService.update(customer.id, {
+    password: value.password,
+  })
+
+  customer = await customerService.retrieve(customer.id)
+  res.status(200).json({ customer })
 }
diff --git a/packages/medusa/src/services/customer.js b/packages/medusa/src/services/customer.js
index bbe07131d7..8d36b07ce2 100644
--- a/packages/medusa/src/services/customer.js
+++ b/packages/medusa/src/services/customer.js
@@ -94,7 +94,16 @@ class CustomerService extends BaseService {
    * @return {string} the generated JSON web token
    */
   async generateResetPasswordToken(customerId) {
-    const customer = await this.retrieve(customerId)
+    const customer = await this.retrieve(customerId, {
+      select: [
+        "id",
+        "has_account",
+        "password_hash",
+        "email",
+        "first_name",
+        "last_name",
+      ],
+    })
 
     if (!customer.has_account) {
       throw new MedusaError(

From caa9ab81dfbc38c7c3500d3fe7e297d2a40b8f23 Mon Sep 17 00:00:00 2001
From: Sebastian Rindom <skrindom@gmail.com>
Date: Sat, 23 Oct 2021 13:15:04 +0200
Subject: [PATCH 3/4] fix: add integration test

---
 .../api/__tests__/store/customer.js           | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/integration-tests/api/__tests__/store/customer.js b/integration-tests/api/__tests__/store/customer.js
index 0d59738059..425a48fb9a 100644
--- a/integration-tests/api/__tests__/store/customer.js
+++ b/integration-tests/api/__tests__/store/customer.js
@@ -264,4 +264,33 @@ describe("/store/customers", () => {
       expect(response.data.customer.billing_address_id).toEqual(null)
     })
   })
+
+  describe("POST /store/customers/password-token", () => {
+    beforeEach(async () => {
+      const manager = dbConnection.manager
+      await manager.insert(Customer, {
+        id: "test_customer",
+        first_name: "John",
+        last_name: "Deere",
+        email: "john@deere.com",
+        password_hash:
+          "c2NyeXB0AAEAAAABAAAAAVMdaddoGjwU1TafDLLlBKnOTQga7P2dbrfgf3fB+rCD/cJOMuGzAvRdKutbYkVpuJWTU39P7OpuWNkUVoEETOVLMJafbI8qs8Qx/7jMQXkN", // password matching "test"
+        has_account: true,
+      })
+    })
+
+    afterEach(async () => {
+      await doAfterEach()
+    })
+
+    it("creates token", async () => {
+      const api = useApi()
+
+      const response = await api.post(`/store/customers/password-token`, {
+        email: "john@deere.com",
+      })
+
+      expect(response.status).toEqual(204)
+    })
+  })
 })

From 81847456f1b2229d58f0e4e46a7fc079277e4b2b Mon Sep 17 00:00:00 2001
From: Sebastian Rindom <skrindom@gmail.com>
Date: Sat, 23 Oct 2021 13:30:51 +0200
Subject: [PATCH 4/4] chore(release): Publish

 - @medusajs/medusa@1.1.47
---
 packages/medusa/CHANGELOG.md | 6 ++++++
 packages/medusa/package.json | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/packages/medusa/CHANGELOG.md b/packages/medusa/CHANGELOG.md
index 8b9a9eb3b9..1a37cb6dd7 100644
--- a/packages/medusa/CHANGELOG.md
+++ b/packages/medusa/CHANGELOG.md
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.1.47](https://github.com/medusajs/medusa/compare/@medusajs/medusa@1.1.46...@medusajs/medusa@1.1.47) (2021-10-23)
+
+### Bug Fixes
+
+- pull missing fields ([b82b43b](https://github.com/medusajs/medusa/commit/b82b43b4c64dc5bc705a439a214f9d1dc9976e21))
+
 ## [1.1.46](https://github.com/medusajs/medusa/compare/@medusajs/medusa@1.1.45...@medusajs/medusa@1.1.46) (2021-10-19)
 
 ### Bug Fixes
diff --git a/packages/medusa/package.json b/packages/medusa/package.json
index b646b91756..799acbcfc0 100644
--- a/packages/medusa/package.json
+++ b/packages/medusa/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@medusajs/medusa",
-  "version": "1.1.46",
+  "version": "1.1.47",
   "description": "E-commerce for JAMstack",
   "main": "dist/index.js",
   "bin": {