fix: admin password reset should not timeout

This commit is contained in:
Andras Bacsai 2022-07-14 07:22:26 +00:00
parent cbdd098528
commit b735ca2da7

View File

@ -157,10 +157,18 @@ export async function login(request: FastifyRequest<Login>, reply: FastifyReply)
if (userFound.password === 'RESETME') { if (userFound.password === 'RESETME') {
const hashedPassword = await hashPassword(password); const hashedPassword = await hashPassword(password);
if (userFound.updatedAt < new Date(Date.now() - 1000 * 60 * 10)) { if (userFound.updatedAt < new Date(Date.now() - 1000 * 60 * 10)) {
await prisma.user.update({ if (userFound.id === '0') {
where: { email: userFound.email }, await prisma.user.update({
data: { password: 'RESETTIMEOUT' } where: { email: userFound.email },
}); data: { password: 'RESETME' }
});
} else {
await prisma.user.update({
where: { email: userFound.email },
data: { password: 'RESETTIMEOUT' }
});
}
throw { throw {
status: 500, status: 500,
message: 'Password reset link has expired. Please request a new one.' message: 'Password reset link has expired. Please request a new one.'