37 lines
1.5 KiB
TypeScript
37 lines
1.5 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import { prisma } from '../../../../lib/prisma';
|
|
import { hashPassword } from '../../../../lib/auth';
|
|
import { addHours } from '../../../../lib/tokens';
|
|
|
|
export async function POST(req: Request) {
|
|
try {
|
|
const body = await req.json();
|
|
const token = String(body.token ?? '').trim();
|
|
const password = String(body.password ?? '');
|
|
|
|
if (!token || !password) {
|
|
return NextResponse.json({ error: 'Missing token or password' }, { status: 400 });
|
|
}
|
|
if (password.length < 8) {
|
|
return NextResponse.json({ error: 'Password must be at least 8 characters' }, { status: 400 });
|
|
}
|
|
|
|
const record = await prisma.verificationToken.findUnique({ where: { token }, include: { user: true } });
|
|
if (!record || record.type !== 'password_reset' || record.consumedAt || record.expiresAt < new Date()) {
|
|
return NextResponse.json({ error: 'Invalid or expired token' }, { status: 400 });
|
|
}
|
|
|
|
const passwordHash = await hashPassword(password);
|
|
await prisma.$transaction([
|
|
prisma.user.update({ where: { id: record.userId }, data: { passwordHash } }),
|
|
prisma.verificationToken.update({ where: { id: record.id }, data: { consumedAt: new Date(), expiresAt: addHours(-1) } }),
|
|
]);
|
|
|
|
return NextResponse.json({ ok: true });
|
|
} catch (error) {
|
|
console.error('Password reset error', error);
|
|
return NextResponse.json({ error: 'Failed to reset password' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export const dynamic = 'force-dynamic';
|