From 0c136f14ebe92785fe4543ed7ae825fbc1593aef Mon Sep 17 00:00:00 2001
From: hainq <skyarmor11@gmail.com>
Date: Mon, 9 Jul 2018 17:22:24 +0700
Subject: [PATCH] AuthEmail: Fix forgot-password endpoint This is a quick fix
 for PR#1524. Currently, defining `emailPreviouslyRegisteredResponse` will
 prevent `sendConfirmationEmail` from happening, even when `registerHelper` is
 called from `postForgotPasswordR`.

---
 yesod-auth/Yesod/Auth/Email.hs | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/yesod-auth/Yesod/Auth/Email.hs b/yesod-auth/Yesod/Auth/Email.hs
index 616414b5..1b60f1d2 100644
--- a/yesod-auth/Yesod/Auth/Email.hs
+++ b/yesod-auth/Yesod/Auth/Email.hs
@@ -516,10 +516,10 @@ parseRegister = withObject "email" (\obj -> do
 
 registerHelper :: YesodAuthEmail master
                => Bool -- ^ allow usernames?
-               -> Bool -- ^ allow password?
+               -> Bool -- ^ forgot password?
                -> Route Auth
                -> AuthHandler master TypedContent
-registerHelper allowUsername allowPassword dest = do
+registerHelper allowUsername forgotPassword dest = do
     y <- getYesod
     checkCsrfHeaderOrParam defaultCsrfHeaderName defaultCsrfParamName
     result <- runInputPostResult $ (,)
@@ -542,8 +542,8 @@ registerHelper allowUsername allowPassword dest = do
                               | allowUsername -> Right $ TS.strip x
                               | otherwise -> Left Msg.InvalidEmailAddress
 
-    let mpass = case (allowPassword, creds) of
-                    (True, Just (_, mp)) -> mp
+    let mpass = case (forgotPassword, creds) of
+                    (False, Just (_, mp)) -> mp
                     _ -> Nothing
 
     case eidentifier of
@@ -571,9 +571,10 @@ registerHelper allowUsername allowPassword dest = do
                 Nothing -> loginErrorMessageI dest (Msg.IdentifierNotFound identifier)
                 Just creds@(_, False, _, _) -> sendConfirmationEmail creds
                 Just creds@(_, True, _, _) -> do
-                  case emailPreviouslyRegisteredResponse identifier of
-                    Just response -> response
-                    Nothing -> sendConfirmationEmail creds
+                  if forgotPassword then sendConfirmationEmail creds
+                    else case emailPreviouslyRegisteredResponse identifier of
+                      Just response -> response
+                      Nothing -> sendConfirmationEmail creds
               where sendConfirmationEmail (lid, _, verKey, email) = do
                       render <- getUrlRender
                       tp <- getRouteToParent
@@ -583,7 +584,7 @@ registerHelper allowUsername allowPassword dest = do
 
 
 postRegisterR :: YesodAuthEmail master => AuthHandler master TypedContent
-postRegisterR = registerHelper False True registerR
+postRegisterR = registerHelper False False registerR
 
 getForgotPasswordR :: YesodAuthEmail master => AuthHandler master Html
 getForgotPasswordR = forgotPasswordHandler
@@ -627,7 +628,7 @@ defaultForgotPasswordHandler = do
         }
 
 postForgotPasswordR :: YesodAuthEmail master => AuthHandler master TypedContent
-postForgotPasswordR = registerHelper True False forgotPasswordR
+postForgotPasswordR = registerHelper True True forgotPasswordR
 
 getVerifyR :: YesodAuthEmail site
            => AuthEmailId site