fix(admin): issue correct password reset tokens (#27)

2026-01-05 03:43:32 +01:00 · 2026-01-05 03:43:32 +01:00 · 90f8132e4b
commit 90f8132e4b
parent 9fdc374443
2 changed files with 2 additions and 7 deletions
--- a/fluxer_api/src/admin/services/AdminUserSecurityService.ts
+++ b/fluxer_api/src/admin/services/AdminUserSecurityService.ts
@ -24,7 +24,6 @@ import {UserFlags} from '~/Constants';
 import {InputValidationError, UnknownUserError} from '~/Errors';
 import type {ICacheService} from '~/infrastructure/ICacheService';
 import type {IEmailService} from '~/infrastructure/IEmailService';
-import type {SnowflakeService} from '~/infrastructure/SnowflakeService';
 import type {BotMfaMirrorService} from '~/oauth/BotMfaMirrorService';
 import type {IUserRepository} from '~/user/IUserRepository';
 import type {UserContactChangeLogService} from '~/user/services/UserContactChangeLogService';
@ -45,7 +44,6 @@ interface AdminUserSecurityServiceDeps {
 	userRepository: IUserRepository;
 	authService: AuthService;
 	emailService: IEmailService;
-	snowflakeService: SnowflakeService;
 	auditService: AdminAuditService;
 	updatePropagator: AdminUserUpdatePropagator;
 	botMfaMirrorService?: BotMfaMirrorService;
@ -136,7 +134,7 @@ export class AdminUserSecurityService {
 	}

 	async sendPasswordReset(data: SendPasswordResetRequest, adminUserId: UserID, auditLogReason: string | null) {
-		const {userRepository, emailService, snowflakeService, auditService} = this.deps;
+		const {userRepository, emailService, authService, auditService} = this.deps;
 		const userId = createUserID(data.user_id);
 		const user = await userRepository.findUnique(userId);
 		if (!user) {
@ -147,7 +145,7 @@ export class AdminUserSecurityService {
 			throw InputValidationError.create('email', 'User does not have an email address');
 		}

-		const token = createPasswordResetToken(snowflakeService.generate().toString());
+		const token = createPasswordResetToken(await authService.generateSecureToken());
 		await userRepository.createPasswordResetToken({
 			token_: token,
 			user_id: userId,
--- a/fluxer_api/src/admin/services/AdminUserService.ts
+++ b/fluxer_api/src/admin/services/AdminUserService.ts
@ -29,7 +29,6 @@ import type {IEmailService} from '~/infrastructure/IEmailService';
 import type {IGatewayService} from '~/infrastructure/IGatewayService';
 import type {PendingJoinInviteStore} from '~/infrastructure/PendingJoinInviteStore';
 import type {RedisBulkMessageDeletionQueueService} from '~/infrastructure/RedisBulkMessageDeletionQueueService';
-import type {SnowflakeService} from '~/infrastructure/SnowflakeService';
 import type {UserCacheService} from '~/infrastructure/UserCacheService';
 import type {InviteService} from '~/invite/InviteService';
 import type {BotMfaMirrorService} from '~/oauth/BotMfaMirrorService';
@ -75,7 +74,6 @@ interface AdminUserServiceDeps {
 	userRepository: IUserRepository;
 	guildRepository: IGuildRepository;
 	discriminatorService: IDiscriminatorService;
-	snowflakeService: SnowflakeService;
 	authService: AuthService;
 	emailService: IEmailService;
 	entityAssetService: EntityAssetService;
@ -135,7 +133,6 @@ export class AdminUserService {
 			userRepository: deps.userRepository,
 			authService: deps.authService,
 			emailService: deps.emailService,
-			snowflakeService: deps.snowflakeService,
 			auditService: deps.auditService,
 			updatePropagator: this.updatePropagator,
 			botMfaMirrorService: deps.botMfaMirrorService,