From b735ca2da7ff87b759949e66470ce7a33f812114 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@protonmail.com>
Date: Thu, 14 Jul 2022 07:22:26 +0000
Subject: [PATCH] fix: admin password reset should not timeout

---
 apps/api/src/routes/api/v1/handlers.ts | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/apps/api/src/routes/api/v1/handlers.ts b/apps/api/src/routes/api/v1/handlers.ts
index 95988f1f1..c76181294 100644
--- a/apps/api/src/routes/api/v1/handlers.ts
+++ b/apps/api/src/routes/api/v1/handlers.ts
@@ -157,10 +157,18 @@ export async function login(request: FastifyRequest<Login>, reply: FastifyReply)
 				if (userFound.password === 'RESETME') {
 					const hashedPassword = await hashPassword(password);
 					if (userFound.updatedAt < new Date(Date.now() - 1000 * 60 * 10)) {
-						await prisma.user.update({
-							where: { email: userFound.email },
-							data: { password: 'RESETTIMEOUT' }
-						});
+						if (userFound.id === '0') {
+							await prisma.user.update({
+								where: { email: userFound.email },
+								data: { password: 'RESETME' }
+							});
+						} else {
+							await prisma.user.update({
+								where: { email: userFound.email },
+								data: { password: 'RESETTIMEOUT' }
+							});
+						}
+
 						throw {
 							status: 500,
 							message: 'Password reset link has expired. Please request a new one.'