84d75cf693
* Upgrades next-auth to v4 * Fixes next-auth session types * Type fixes * Fixes login issue * Team page fixes * Type fixes * Fixes secret * Adds test for forgotten password * Skips if pw secret is undefined * Prevents error if PW secret is undefined * Adds PLAYWRIGHT_SECRET explainer * Adds pending auth TODOs * Adds missing secret * Fixed imports * Fixed imports * Type fixes * Test fixes Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
55 lines
1.4 KiB
TypeScript
55 lines
1.4 KiB
TypeScript
import { NextApiRequest, NextApiResponse } from "next";
|
|
|
|
import { hashPassword } from "@lib/auth";
|
|
import prisma from "@lib/prisma";
|
|
|
|
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
if (req.method !== "POST") {
|
|
return res.status(400).json({ message: "" });
|
|
}
|
|
|
|
try {
|
|
const rawPassword = req.body?.password;
|
|
const rawRequestId = req.body?.requestId;
|
|
|
|
if (!rawPassword || !rawRequestId) {
|
|
return res.status(400).json({ message: "Couldn't find an account for this email" });
|
|
}
|
|
|
|
const maybeRequest = await prisma.resetPasswordRequest.findUnique({
|
|
where: {
|
|
id: rawRequestId,
|
|
},
|
|
});
|
|
|
|
if (!maybeRequest) {
|
|
return res.status(400).json({ message: "Couldn't find an account for this email" });
|
|
}
|
|
|
|
const maybeUser = await prisma.user.findUnique({
|
|
where: {
|
|
email: maybeRequest.email,
|
|
},
|
|
});
|
|
|
|
if (!maybeUser) {
|
|
return res.status(400).json({ message: "Couldn't find an account for this email" });
|
|
}
|
|
|
|
const hashedPassword = await hashPassword(rawPassword);
|
|
|
|
await prisma.user.update({
|
|
where: {
|
|
id: maybeUser.id,
|
|
},
|
|
data: {
|
|
password: hashedPassword,
|
|
},
|
|
});
|
|
|
|
return res.status(201).json({ message: "Password reset." });
|
|
} catch (reason) {
|
|
console.error(reason);
|
|
return res.status(500).json({ message: "Unable to create password reset request" });
|
|
}
|
|
}
|