2024-09-01 19:22:00 +00:00
|
|
|
import { eq } from 'drizzle-orm'
|
|
|
|
|
import { isWithinExpirationDate } from 'oslo'
|
|
|
|
|
import { password_reset_tokens } from '../../../src/lib/server/api/databases/tables'
|
2024-08-29 23:12:40 +00:00
|
|
|
// import { lucia } from '$lib/server/lucia';
|
2024-09-01 19:22:00 +00:00
|
|
|
import { db } from '../../../src/lib/server/api/packages/drizzle'
|
2024-03-02 02:00:27 +00:00
|
|
|
|
|
|
|
|
export async function POST({ request, params }) {
|
2024-09-01 19:22:00 +00:00
|
|
|
const { password } = await request.json()
|
2024-03-02 02:00:27 +00:00
|
|
|
|
|
|
|
|
if (typeof password !== 'string' || password.length < 8) {
|
|
|
|
|
return new Response(null, {
|
2024-05-08 00:19:13 +00:00
|
|
|
status: 400,
|
2024-09-01 19:22:00 +00:00
|
|
|
})
|
2024-03-02 02:00:27 +00:00
|
|
|
}
|
|
|
|
|
|
2024-09-01 19:22:00 +00:00
|
|
|
const verificationToken = params.token
|
2024-03-02 02:00:27 +00:00
|
|
|
|
|
|
|
|
const token = await db.query.password_reset_tokens.findFirst({
|
2024-05-08 00:19:13 +00:00
|
|
|
where: eq(password_reset_tokens.id, verificationToken),
|
2024-09-01 19:22:00 +00:00
|
|
|
})
|
2024-03-02 02:00:27 +00:00
|
|
|
if (!token) {
|
2024-09-01 19:22:00 +00:00
|
|
|
await db.delete(password_reset_tokens).where(eq(password_reset_tokens.id, verificationToken))
|
2024-03-02 02:00:27 +00:00
|
|
|
return new Response(null, {
|
2024-05-08 00:19:13 +00:00
|
|
|
status: 400,
|
2024-09-01 19:22:00 +00:00
|
|
|
})
|
2024-03-02 02:00:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!token?.expires_at || !isWithinExpirationDate(token.expires_at)) {
|
|
|
|
|
return new Response(null, {
|
2024-05-08 00:19:13 +00:00
|
|
|
status: 400,
|
2024-09-01 19:22:00 +00:00
|
|
|
})
|
2024-03-02 02:00:27 +00:00
|
|
|
}
|
|
|
|
|
|
2024-08-29 23:12:40 +00:00
|
|
|
// await lucia.invalidateUserSessions(token.user_id);
|
|
|
|
|
// const hashPassword = await new Argon2id().hash(password);
|
|
|
|
|
// // await db.update(usersTable).set({ hashed_password: hashPassword }).where(eq(usersTable.id, token.user_id));
|
|
|
|
|
//
|
|
|
|
|
// const session = await lucia.createSession(token.user_id, {});
|
|
|
|
|
// const sessionCookie = lucia.createSessionCookie(session.id);
|
2024-03-02 02:00:27 +00:00
|
|
|
|
|
|
|
|
return new Response(null, {
|
|
|
|
|
status: 302,
|
|
|
|
|
headers: {
|
2024-05-08 00:19:13 +00:00
|
|
|
Location: '/',
|
|
|
|
|
'Set-Cookie': sessionCookie.serialize(),
|
|
|
|
|
},
|
2024-09-01 19:22:00 +00:00
|
|
|
})
|
2024-05-08 00:19:13 +00:00
|
|
|
}
|
