Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

fix: admin password reset should not timeout

Browse Source
This commit is contained in:
Andras Bacsai 2022-07-14 07:22:26 +00:00
parent cbdd098528
commit b735ca2da7
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
apps/api/src/routes/api/v1/handlers.ts
View File

@ -157,10 +157,18 @@ export async function login(request: FastifyRequest<Login>, reply: FastifyReply)
if (userFound.password === 'RESETME') {
const hashedPassword = await hashPassword(password);
if (userFound.updatedAt < new Date(Date.now() - 1000 * 60 * 10)) {
await prisma.user.update({
where: { email: userFound.email },
data: { password: 'RESETTIMEOUT' }
});
if (userFound.id === '0') {
await prisma.user.update({
where: { email: userFound.email },
data: { password: 'RESETME' }
});
} else {
await prisma.user.update({
where: { email: userFound.email },
data: { password: 'RESETTIMEOUT' }
});
}
throw {
status: 500,
message: 'Password reset link has expired. Please request a new one.'