diff --git a/src/server/backend/plugins/payments/payrexx/payrexxRoutes.js b/src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
index f38cc50..6793610 100644
--- a/src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
+++ b/src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
@@ -13,6 +13,7 @@ const ticket = require( '../../../tickets/ticketGenerator.js' );
const payrexxModule = require( './module.payrexx.js' );
const payrexx = payrexxModule.init();
const TicketGenerator = new ticket();
+const generator = require( '../../../token.js' );
let sessionReference = {};
let waitingClients = {};
@@ -101,6 +102,7 @@ module.exports = ( app, settings ) => {
response.write( 'data: ready\n\n' );
response.end();
delete waitingClients[ request.session.id ];
+ request.session.id = generator.generateToken( 30 );
}, 2000 );
} else if ( stat === 'noTicket' ) {
clearInterval( ping );
@@ -120,6 +122,7 @@ module.exports = ( app, settings ) => {
if ( !pendingPayments[ request.session.id ] ) {
const stat = TicketGenerator.getGenerationStatus( request.session.id );
if ( stat === 'done' ) {
+ request.session.id = generator.generateToken( 30 );
response.send( { 'status': 'ticketOk' } );
} else if ( stat === 'noTicket' ) {
response.send( { 'status': 'noTicket' } );
diff --git a/src/server/backend/plugins/payments/stripe/stripeRoutes.js b/src/server/backend/plugins/payments/stripe/stripeRoutes.js
index 1128a99..0c79938 100644
--- a/src/server/backend/plugins/payments/stripe/stripeRoutes.js
+++ b/src/server/backend/plugins/payments/stripe/stripeRoutes.js
@@ -16,6 +16,7 @@ const stripe = require( 'stripe' )( stripeConfig[ 'APIKey' ] );
const bodyParser = require( 'body-parser' );
const ticket = require( '../../../tickets/ticketGenerator.js' );
const TicketGenerator = new ticket();
+const generator = require( '../../../token.js' );
const endpointSecret = stripeConfig[ 'endpointSecret' ];
@@ -103,6 +104,7 @@ module.exports = ( app, settings ) => {
response.write( 'data: ready\n\n' );
response.end();
delete waitingClients[ request.session.id ];
+ request.session.id = generator.generateToken( 30 );
}, 2000 );
} else if ( stat === 'noTicket' ) {
clearInterval( ping );
@@ -122,6 +124,7 @@ module.exports = ( app, settings ) => {
if ( !pendingPayments[ request.session.id ] ) {
const stat = TicketGenerator.getGenerationStatus( request.session.id );
if ( stat === 'done' ) {
+ request.session.id = generator.generateToken( 30 );
response.send( { 'status': 'ticketOk' } );
} else if ( stat === 'noTicket' ) {
response.send( { 'status': 'noTicket' } );
diff --git a/src/server/backend/userRoutes.js b/src/server/backend/userRoutes.js
index c02aa67..f8087c9 100644
--- a/src/server/backend/userRoutes.js
+++ b/src/server/backend/userRoutes.js
@@ -178,7 +178,7 @@ module.exports = ( app, settings ) => {
'name': request.body.name,
'two_fa': 'disabled',
'user_data': JSON.stringify( { 'country': request.body.country } ),
- 'marketing': request.body.newsletter ? generator.generateToken( 60 ) : null
+ 'marketing': request.body.newsletter ?? null
} ).then( () => {
request.session.loggedInUser = true;
request.session.username = request.body.mail;
@@ -215,6 +215,8 @@ module.exports = ( app, settings ) => {
if ( call === '2fa' ) {
db.writeDataSimple( 'users', 'email', request.session.username, { 'two_fa': request.body.twoFA } );
response.send( 'ok' );
+ } else {
+ response.status( 404 ).send( 'Not found' );
}
} else {
response.status( 403 ).send( 'unauthorised' );
diff --git a/src/server/ui/en/signup/allowTwoFA.html b/src/server/ui/en/signup/allowTwoFA.html
index fa94970..97bedd3 100644
--- a/src/server/ui/en/signup/allowTwoFA.html
+++ b/src/server/ui/en/signup/allowTwoFA.html
@@ -90,11 +90,10 @@