diff --git a/core/server/models/user.js b/core/server/models/user.js index 944a65fa68..203184d45e 100644 --- a/core/server/models/user.js +++ b/core/server/models/user.js @@ -706,7 +706,7 @@ User = ghostBookshelf.Model.extend({ text = ''; // Token: - // BASE64(TIMESTAMP + email + HASH(TIMESTAMP + email + oldPasswordHash + dbHash )) + // BASE64(TIMESTAMP + email + HASH(TIMESTAMP + email + oldPasswordHash + dbHash )).replace('=', '-') hash.update(String(expires)); hash.update(email.toLocaleLowerCase()); @@ -715,13 +715,19 @@ User = ghostBookshelf.Model.extend({ text += [expires, email, hash.digest('base64')].join('|'); - return new Buffer(text).toString('base64'); + // it's possible that the token might get URI encoded, which breaks it + // we replace any `=`s with `-`s as they aren't valid base64 characters + // but are valid in a URL, so won't suffer encoding issues + return new Buffer(text).toString('base64').replace('=', '-'); }); }, validateToken: function (token, dbHash) { /*jslint bitwise:true*/ // TODO: Is there a chance the use of ascii here will cause problems if oldPassword has weird characters? + // We replaced `=`s with `-`s when we sent the token via email, so + // now we reverse that change to get a valid base64 string to decode + token = token.replace('-', '='); var tokenText = new Buffer(token, 'base64').toString('ascii'), parts, expires,