62 lines
1.4 KiB
TypeScript
62 lines
1.4 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { prisma } from '@/lib/prisma'
|
|
import { hashPassword } from '@/lib/auth'
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const body = await request.json()
|
|
const { token, password } = body
|
|
|
|
if (!token || !password) {
|
|
return NextResponse.json(
|
|
{ error: 'Token and password are required' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
if (password.length < 8) {
|
|
return NextResponse.json(
|
|
{ error: 'Password must be at least 8 characters' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
const user = await prisma.user.findFirst({
|
|
where: {
|
|
resetToken: token,
|
|
resetExpires: {
|
|
gt: new Date(),
|
|
},
|
|
},
|
|
})
|
|
|
|
if (!user) {
|
|
return NextResponse.json(
|
|
{ error: 'Invalid or expired reset token' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
const passwordHash = await hashPassword(password)
|
|
|
|
await prisma.user.update({
|
|
where: { id: user.id },
|
|
data: {
|
|
passwordHash,
|
|
resetToken: null,
|
|
resetExpires: null,
|
|
},
|
|
})
|
|
|
|
return NextResponse.json({
|
|
message: 'Password has been reset successfully',
|
|
})
|
|
} catch (error) {
|
|
console.error('Reset password error:', error)
|
|
return NextResponse.json(
|
|
{ error: 'Failed to reset password' },
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
}
|