From f988eb416b561efbd89becea4257fb555f1cd675 Mon Sep 17 00:00:00 2001 From: joel Date: Wed, 4 Sep 2024 17:44:14 +0800 Subject: [PATCH] fix: add token for non-secure email change --- internal/api/mail.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/api/mail.go b/internal/api/mail.go index 00bb58e7e..1405f9169 100644 --- a/internal/api/mail.go +++ b/internal/api/mail.go @@ -588,6 +588,11 @@ func (a *API) sendEmail(r *http.Request, tx *storage.Connection, u *models.User, } if config.Hook.SendEmail.Enabled { + // When secure email change is disabled, we place the token for the new email on emailData.Token + if emailActionType == mail.EmailChangeVerification && !config.Mailer.SecureEmailChangeEnabled && u.GetEmail() != "" { + otp = otpNew + } + emailData := mail.EmailData{ Token: otp, EmailActionType: emailActionType,