1 files changed, 19 insertions(+), 0 deletions(-)

M accounts/routes.go

@@ 513,6 513,25 @@ func (s *Service) ForgotPasswordConfPOST(c echo.Context) error {
 		return err
 	}
 
+	if !user.IsVerified() {
+		// To be here they had to have verified the email.
+		ctx := database.Context(c.Request().Context(), gctx.Server.DB)
+		if err := database.WithTx(ctx, nil, func(tx *sql.Tx) error {
+			// Null any current pending email changes
+			_, err := tx.ExecContext(ctx, `
+				UPDATE "users"
+				SET is_verified=true
+				WHERE id=$1`,
+				user.GetID())
+			if err != nil {
+				return err
+			}
+			return nil
+		}); err != nil {
+			return err
+		}
+	}
+
 	if err := s.fetch.ProcessSuccessfulPasswordReset(c); err != nil {
 		return err
 	}