Skip to content

Commit ae929c2

Browse files
LZoogLZoog
authored
Merge pull request #19816 from mozilla/FXA-12009
chore(email, settings): remove email_to_hash_with from links to reset_password
2 parents 0a8216a + 8074eef commit ae929c2

6 files changed

Lines changed: 27 additions & 48 deletions

File tree

libs/accounts/email-renderer/src/renderer/email-link-builder.ts

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5,17 +5,12 @@
55
export class EmailLinkBuilder {
66
constructor() {}
77

8-
buildPasswordChangeRequiredLink(opts: {
9-
url: string;
10-
email: string;
11-
emailToHashWith: string;
12-
}) {
8+
buildPasswordChangeRequiredLink(opts: { url: string; email: string }) {
139
const link = new URL(opts.url);
1410
link.searchParams.set('utm_campaign', 'account-locked');
1511
link.searchParams.set('utm_content', 'fx-account-locked');
1612
link.searchParams.set('utm_medium', 'email');
1713
link.searchParams.set('email', opts.email);
18-
link.searchParams.set('email_to_hash_with', opts.emailToHashWith);
1914
return link.toString();
2015
}
2116

packages/fxa-admin-server/src/backend/email.service.ts

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,6 @@ export class EmailService {
7575
const link = this.linkBuilder.buildPasswordChangeRequiredLink({
7676
url: linksConfig.initiatePasswordResetUrl,
7777
email: account.primaryEmail?.email || account.email,
78-
emailToHashWith: account.email,
7978
});
8079

8180
const emailContent = await this.renderer.renderPasswordChangeRequired(

packages/fxa-auth-server/lib/senders/email.js

Lines changed: 7 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -386,12 +386,9 @@ module.exports = function (log, config, bounces, statsd) {
386386

387387
Mailer.prototype._passwordResetLinkAttributes = function (
388388
email,
389-
templateName,
390-
emailToHashWith
389+
templateName
391390
) {
392-
return linkAttributes(
393-
this.createPasswordResetLink(email, templateName, emailToHashWith)
394-
);
391+
return linkAttributes(this.createPasswordResetLink(email, templateName));
395392
};
396393

397394
Mailer.prototype._twoFactorSettingsLinkAttributes = function (
@@ -1251,7 +1248,7 @@ module.exports = function (log, config, bounces, statsd) {
12511248
const links = this._generateLinks(
12521249
this.initiatePasswordResetUrl,
12531250
message,
1254-
{ email: message.email, email_to_hash_with: message.emailToHashWith },
1251+
{ email: message.email },
12551252
templateName
12561253
);
12571254

@@ -3986,15 +3983,10 @@ module.exports = function (log, config, bounces, statsd) {
39863983
templateName
39873984
);
39883985

3989-
links['resetLink'] = this.createPasswordResetLink(
3990-
email,
3991-
templateName,
3992-
query.emailToHashWith
3993-
);
3986+
links['resetLink'] = this.createPasswordResetLink(email, templateName);
39943987
links['resetLinkAttributes'] = this._passwordResetLinkAttributes(
39953988
email,
3996-
templateName,
3997-
query.emailToHashWith
3989+
templateName
39983990
);
39993991

40003992
links['twoFactorSettingsLink'] = this.createTwoFactorSettingsLink(
@@ -4169,15 +4161,8 @@ module.exports = function (log, config, bounces, statsd) {
41694161
);
41704162
};
41714163

4172-
Mailer.prototype.createPasswordResetLink = function (
4173-
email,
4174-
templateName,
4175-
emailToHashWith
4176-
) {
4177-
const query = {
4178-
email: email,
4179-
email_to_hash_with: emailToHashWith,
4180-
};
4164+
Mailer.prototype.createPasswordResetLink = function (email, templateName) {
4165+
const query = { email };
41814166

41824167
return this._generateUTMLink(
41834168
this.initiatePasswordResetUrl,

packages/fxa-auth-server/test/local/senders/emails.ts

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -697,7 +697,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
697697
['html', [
698698
{ test: 'include', expected: 'Your password has been reset' },
699699
{ test: 'include', expected: 'Your password has been reset' },
700-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'password-reset-success', 'reset-password', 'email', 'email_to_hash_with=')) },
700+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'password-reset-success', 'reset-password', 'email')) },
701701
{ test: 'include', expected: `${MESSAGE.device.uaBrowser} on ${MESSAGE.device.uaOS} ${MESSAGE.device.uaOSVersion}` },
702702
{ test: 'include', expected: `${MESSAGE.location.city}, ${MESSAGE.location.stateCode}, ${MESSAGE.location.country} (estimated)` },
703703
{ test: 'include', expected: `${MESSAGE.date}` },
@@ -708,7 +708,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
708708
]],
709709
['text', [
710710
{ test: 'include', expected: 'Your password has been reset' },
711-
{ test: 'include', expected: configUrl('initiatePasswordResetUrl', 'password-reset-success', 'reset-password', 'email', 'email_to_hash_with=') },
711+
{ test: 'include', expected: configUrl('initiatePasswordResetUrl', 'password-reset-success', 'reset-password', 'email') },
712712
{ test: 'include', expected: `${MESSAGE.device.uaBrowser} on ${MESSAGE.device.uaOS} ${MESSAGE.device.uaOSVersion}` },
713713
{ test: 'include', expected: `${MESSAGE.location.city}, ${MESSAGE.location.stateCode}, ${MESSAGE.location.country} (estimated)` },
714714
{ test: 'include', expected: `${MESSAGE.date}` },
@@ -848,7 +848,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
848848
['html', [
849849
{ test: 'include', expected: 'Password updated' },
850850
{ test: 'include', expected: 'Password changed successfully' },
851-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'password-changed-success', 'reset-password', 'email', 'email_to_hash_with=')) },
851+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'password-changed-success', 'reset-password', 'email')) },
852852
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'password-changed-success', 'privacy')) },
853853
{ test: 'include', expected: decodeUrl(configHref('supportUrl', 'password-changed-success', 'support')) },
854854
{ test: 'include', expected: `${MESSAGE.device.uaBrowser} on ${MESSAGE.device.uaOS} ${MESSAGE.device.uaOSVersion}` },
@@ -859,7 +859,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
859859
]],
860860
['text', [
861861
{ test: 'include', expected: 'Password changed successfully' },
862-
{ test: 'include', expected: configUrl('initiatePasswordResetUrl', 'password-changed-success', 'reset-password', 'email', 'email_to_hash_with=') },
862+
{ test: 'include', expected: configUrl('initiatePasswordResetUrl', 'password-changed-success', 'reset-password', 'email') },
863863
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'password-changed-success', 'privacy')}` },
864864
{ test: 'include', expected: `For more info, visit Mozilla Support: ${configUrl('supportUrl', 'password-changed-success', 'support')}` },
865865
{ test: 'include', expected: `${MESSAGE.device.uaBrowser} on ${MESSAGE.device.uaOS} ${MESSAGE.device.uaOSVersion}` },
@@ -1503,7 +1503,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
15031503
{ test: 'include', expected: `${MESSAGE.date}` },
15041504
{ test: 'exists', expected: `${MESSAGE.time}` },
15051505
{ test: 'include', expected: decodeUrl(configHref('accountSettingsUrl', 'recovery-phone-added', 'manage-account', 'email', 'uid')) },
1506-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'recovery-phone-added', 'reset-password', 'email', 'email_to_hash_with=')) },
1506+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'recovery-phone-added', 'reset-password', 'email')) },
15071507
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'recovery-phone-added', 'privacy')) },
15081508
{ test: 'include', expected: decodeUrl(configHref('supportUrl', 'recovery-phone-added', 'support')) },
15091509
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1518,7 +1518,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
15181518
{ test: 'include', expected: `${MESSAGE.date}` },
15191519
{ test: 'exists', expected: `${MESSAGE.time}` },
15201520
{ test: 'include', expected: `Manage account:\n${configUrl('accountSettingsUrl', 'recovery-phone-added', 'manage-account', 'email', 'uid')}` },
1521-
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'recovery-phone-added', 'reset-password', 'email', 'email_to_hash_with=')}` },
1521+
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'recovery-phone-added', 'reset-password', 'email')}` },
15221522
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'recovery-phone-added', 'privacy')}` },
15231523
{ test: 'include', expected: `For more info, visit Mozilla Support: ${configUrl('supportUrl', 'recovery-phone-added', 'support')}` },
15241524
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1551,7 +1551,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
15511551
{ test: 'include', expected: `${MESSAGE.location.city}, ${MESSAGE.location.stateCode}, ${MESSAGE.location.country} (estimated)` },
15521552
{ test: 'include', expected: `${MESSAGE.date}` },
15531553
{ test: 'exists', expected: `${MESSAGE.time}` },
1554-
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'recovery-phone-changed', 'reset-password', 'email', 'email_to_hash_with=')}` },
1554+
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'recovery-phone-changed', 'reset-password', 'email')}` },
15551555
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'recovery-phone-changed', 'privacy')}` },
15561556
{ test: 'include', expected: `For more info, visit Mozilla Support: ${configUrl('supportUrl', 'recovery-phone-changed', 'support')}` },
15571557
]],
@@ -1572,7 +1572,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
15721572
{ test: 'include', expected: `${MESSAGE.date}` },
15731573
{ test: 'exists', expected: `${MESSAGE.time}` },
15741574
{ test: 'include', expected: decodeUrl(configHref('accountSettingsUrl', 'password-reset-recovery-phone', 'manage-account', 'email', 'uid')) },
1575-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'password-reset-recovery-phone', 'reset-password', 'email', 'email_to_hash_with=')) },
1575+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'password-reset-recovery-phone', 'reset-password', 'email')) },
15761576
{ test: 'include', expected: decodeUrl(configHref('supportUrl', 'password-reset-recovery-phone', 'support')) },
15771577
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'password-reset-recovery-phone', 'privacy')) },
15781578
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1619,7 +1619,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
16191619
{ test: 'include', expected: `${MESSAGE.location.city}, ${MESSAGE.location.stateCode}, ${MESSAGE.location.country} (estimated)` },
16201620
{ test: 'include', expected: `${MESSAGE.date}` },
16211621
{ test: 'exists', expected: `${MESSAGE.time}` },
1622-
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'recovery-phone-removed', 'reset-password', 'email', 'email_to_hash_with=')}` },
1622+
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'recovery-phone-removed', 'reset-password', 'email')}` },
16231623
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'recovery-phone-removed', 'privacy')}` },
16241624
{ test: 'include', expected: `For more info, visit Mozilla Support: ${configUrl('supportUrl', 'recovery-phone-removed', 'support')}` },
16251625
]],
@@ -1641,7 +1641,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
16411641
{ test: 'include', expected: `${MESSAGE.date}` },
16421642
{ test: 'exists', expected: `${MESSAGE.time}` },
16431643
{ test: 'include', expected: decodeUrl(configHref('accountSettingsUrl', 'signin-recovery-phone', 'manage-account', 'email', 'uid')) },
1644-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'signin-recovery-phone', 'reset-password', 'email', 'email_to_hash_with=')) },
1644+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'signin-recovery-phone', 'reset-password', 'email')) },
16451645
{ test: 'include', expected: decodeUrl(configHref('supportUrl', 'signin-recovery-phone', 'support')) },
16461646
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'signin-recovery-phone', 'privacy')) },
16471647
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1655,7 +1655,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
16551655
{ test: 'include', expected: `${MESSAGE.date}` },
16561656
{ test: 'exists', expected: `${MESSAGE.time}` },
16571657
{ test: 'include', expected: `Manage account:\n${configUrl('accountSettingsUrl', 'signin-recovery-phone', 'manage-account', 'email', 'uid')}` },
1658-
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'signin-recovery-phone', 'reset-password', 'email', 'email_to_hash_with=')}` },
1658+
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'signin-recovery-phone', 'reset-password', 'email')}` },
16591659
{ test: 'include', expected: `For more info, visit Mozilla Support: ${configUrl('supportUrl', 'signin-recovery-phone', 'support')}` },
16601660
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'signin-recovery-phone', 'privacy')}` },
16611661
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1678,7 +1678,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
16781678
{ test: 'include', expected: `${MESSAGE.date}` },
16791679
{ test: 'exists', expected: `${MESSAGE.time}` },
16801680
{ test: 'include', expected: decodeUrl(configHref('accountSettingsUrl', 'signin-recovery-code', 'manage-account', 'email', 'uid')) },
1681-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'signin-recovery-code', 'reset-password', 'email', 'email_to_hash_with=')) },
1681+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'signin-recovery-code', 'reset-password', 'email')) },
16821682
{ test: 'include', expected: decodeUrl(configHref('supportUrl', 'signin-recovery-code', 'support')) },
16831683
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'signin-recovery-code', 'privacy')) },
16841684
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1692,7 +1692,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
16921692
{ test: 'include', expected: `${MESSAGE.date}` },
16931693
{ test: 'exists', expected: `${MESSAGE.time}` },
16941694
{ test: 'include', expected: `Manage account:\n${configUrl('accountSettingsUrl', 'signin-recovery-code', 'manage-account', 'email', 'uid')}` },
1695-
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'signin-recovery-code', 'reset-password', 'email', 'email_to_hash_with=')}` },
1695+
{ test: 'include', expected: `If you did not authorize this action, please reset your password now at ${configUrl('initiatePasswordResetUrl', 'signin-recovery-code', 'reset-password', 'email')}` },
16961696
{ test: 'include', expected: `For more info, visit Mozilla Support: ${configUrl('supportUrl', 'signin-recovery-code', 'support')}` },
16971697
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'signin-recovery-code', 'privacy')}` },
16981698
{ test: 'notInclude', expected: 'utm_source=email' },
@@ -1739,7 +1739,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
17391739
{ test: 'include', expected: 'Your backup authentication code was used to confirm a password reset' },
17401740
{ test: 'include', expected: 'Code used from:' },
17411741
{ test: 'include', expected: decodeUrl(configHref('accountSettingsUrl', 'account-consume-recovery-code', 'manage-account', 'email', 'uid')) },
1742-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'account-consume-recovery-code', 'reset-password', 'email', 'email_to_hash_with=')) },
1742+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'account-consume-recovery-code', 'reset-password', 'email')) },
17431743
{ test: 'include', expected: decodeUrl(configHref('manageTwoFactorSettingsUrl', 'account-consume-recovery-code', 'manage-two-factor', 'email')) },
17441744
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'account-consume-recovery-code', 'privacy')) },
17451745
{ test: 'include', expected: decodeUrl(configHref('supportUrl', 'account-consume-recovery-code', 'support')) },
@@ -1754,7 +1754,7 @@ const TESTS: [string, any, Record<string, any>?][] = [
17541754
{ test: 'include', expected: 'Code used from:' },
17551755
{ test: 'include', expected: `Manage account:\n${configUrl('accountSettingsUrl', 'account-consume-recovery-code', 'manage-account', 'email', 'uid')}` },
17561756
{ test: 'include', expected: 'If you didnʼt take this action, then reset your password right away at:\n'},
1757-
{ test: 'include', expected: `${configUrl('initiatePasswordResetUrl', 'account-consume-recovery-code', 'reset-password', 'email', 'email_to_hash_with=')}` },
1757+
{ test: 'include', expected: `${configUrl('initiatePasswordResetUrl', 'account-consume-recovery-code', 'reset-password', 'email')}` },
17581758
{ test: 'include', expected: 'Also, reset two-step authentication at:'},
17591759
{ test: 'include', expected: `${configUrl('manageTwoFactorSettingsUrl', 'account-consume-recovery-code', 'manage-two-factor', 'email')}` },
17601760
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'account-consume-recovery-code', 'privacy')}` },
@@ -1814,14 +1814,14 @@ const TESTS: [string, any, Record<string, any>?][] = [
18141814
{ test: 'include', expected: 'Reset your password' },
18151815
{ test: 'include', expected: 'any synced data has been deleted as a precaution.' },
18161816
{ test: 'include', expected: 'Reset password' },
1817-
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'account-locked', 'account-locked', 'email=', 'email_to_hash_with=')) },
1817+
{ test: 'include', expected: decodeUrl(configHref('initiatePasswordResetUrl', 'account-locked', 'account-locked', 'email=')) },
18181818
{ test: 'include', expected: decodeUrl(configHref('privacyUrl', 'account-locked', 'privacy')) },
18191819
{ test: 'notInclude', expected: 'utm_source=email' },
18201820
]],
18211821
['text', [
18221822
{ test: 'include', expected: 'Reset your password' },
18231823
{ test: 'include', expected: 'any synced data has been deleted as a precaution.' },
1824-
{ test: 'include', expected: `Reset password:\n${configUrl('initiatePasswordResetUrl', 'account-locked', 'account-locked', 'email=', 'email_to_hash_with=')}` },
1824+
{ test: 'include', expected: `Reset password:\n${configUrl('initiatePasswordResetUrl', 'account-locked', 'account-locked', 'email=')}` },
18251825
{ test: 'include', expected: `Mozilla Accounts Privacy Notice\n${configUrl('privacyUrl', 'account-locked', 'privacy')}` },
18261826
{ test: 'notInclude', expected: 'utm_source=email' },
18271827
]],

packages/fxa-settings/src/pages/Signin/index.test.tsx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -407,7 +407,7 @@ describe('Signin component', () => {
407407
});
408408
expect(resetPasswordLink).toHaveAttribute(
409409
'href',
410-
`/reset_password?email=${MOCK_EMAIL}&email_to_hash_with=`
410+
`/reset_password?email=${MOCK_EMAIL}`
411411
);
412412
expect(resetPasswordLink).toHaveAttribute(
413413
'data-glean-id',

packages/fxa-settings/src/pages/Signin/index.tsx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -306,7 +306,7 @@ const Signin = ({
306306
)
307307
);
308308
setLocalizedBannerErrorLink({
309-
path: `/reset_password?email=${email}&email_to_hash_with=`,
309+
path: `/reset_password?email=${email}`,
310310
localizedText: ftlMsgResolver.getMsg(
311311
'signin-account-locked-banner-link',
312312
'Reset your password to sign in'

0 commit comments

Comments
 (0)