fix: only pass the "token" parameter to reset with token action

team-alembic · Jul 19, 2024 · 2eca472 · 2eca472
1 parent f6c2ae6
commit 2eca472
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/lib/ash_authentication/strategies/password/actions.ex b/lib/ash_authentication/strategies/password/actions.ex
@@ -110,7 +110,7 @@ defmodule AshAuthentication.Strategy.Password.Actions do
     strategy.resource
     |> Query.new()
     |> Query.set_context(%{private: %{ash_authentication?: true}})
-    |> Query.for_read(strategy.sign_in_with_token_action_name, params)
+    |> Query.for_read(strategy.sign_in_with_token_action_name, %{"token" => params["token"]})
     |> Ash.read(options)
     |> case do
       {:ok, [user]} ->

diff --git a/test/ash_authentication/strategies/password/actions_test.exs b/test/ash_authentication/strategies/password/actions_test.exs
@@ -168,7 +168,7 @@ defmodule AshAuthentication.Strategy.Password.ActionsTest do
 
       log =
         capture_log(fn ->
-          assert :ok = Actions.reset_request(strategy, %{"username" => user.username()}, [])
+          assert :ok = Actions.reset_request(strategy, %{"username" => user.username}, [])
         end)
 
       assert log =~ ~r/password reset request for user #{user.username}/i