|
1 | | -import { PrismaClient } from "@prisma/client"; |
2 | | -import { hash } from "bcrypt"; |
3 | 1 | import { NextResponse } from "next/server"; |
| 2 | +import { resetPassword } from "@/lib/api/auth"; |
4 | 3 | import { z } from "zod"; |
5 | 4 |
|
6 | | -const prisma = new PrismaClient(); |
7 | | - |
8 | 5 | const resetSchema = z.object({ |
9 | | - email: z.string().email("Invalid email address"), |
10 | | - password: z.string().min(8, "Password must be at least 8 characters"), |
11 | | - otp: z.string().length(6, "Invalid OTP"), // Ensure OTP is exactly 6 digits |
| 6 | + token: z.string().min(1, "Token is required"), |
| 7 | + newPassword: z.string().min(8, "Password must be at least 8 characters"), |
12 | 8 | }); |
13 | 9 |
|
14 | | -export async function POST(req: Request) { |
15 | | - try { |
16 | | - const body = await req.json(); |
17 | | - const { email, password, otp } = resetSchema.parse(body); |
18 | | - |
19 | | - // Verify OTP |
20 | | - const verificationToken = await prisma.verificationToken.findFirst({ |
21 | | - where: { identifier: email, token: otp }, |
22 | | - }); |
| 10 | +const tokenSchema = z.object({ |
| 11 | + token: z.string().min(1, "Token is required"), |
| 12 | +}); |
23 | 13 |
|
24 | | - if (!verificationToken) { |
25 | | - return NextResponse.json( |
26 | | - { message: "Invalid email or expired OTP" }, |
27 | | - { status: 400 }, |
28 | | - ); |
| 14 | +// GET method to verify token |
| 15 | +export async function GET(req: Request) { |
| 16 | + try { |
| 17 | + const { searchParams } = new URL(req.url); |
| 18 | + const token = searchParams.get('token'); |
| 19 | + |
| 20 | + if (!token) { |
| 21 | + return NextResponse.json({ message: "Token is required" }, { status: 400 }); |
29 | 22 | } |
30 | 23 |
|
31 | | - // Hash new password |
32 | | - const hashedPassword = await hash(password, 12); |
| 24 | + const parsedToken = tokenSchema.parse({ token }); |
| 25 | + |
| 26 | + // You might want to add a verifyToken function to your auth.ts |
| 27 | + // For now, we'll just return success if token exists |
| 28 | + return NextResponse.json({ |
| 29 | + message: "Token is valid", |
| 30 | + token: parsedToken.token |
| 31 | + }, { status: 200 }); |
33 | 32 |
|
34 | | - // Update user's password |
35 | | - await prisma.user.update({ |
36 | | - where: { email }, |
37 | | - data: { password: hashedPassword }, |
38 | | - }); |
39 | | - |
40 | | - // Delete OTP after successful password reset |
41 | | - await prisma.verificationToken.delete({ |
42 | | - where: { id: verificationToken.id }, |
43 | | - }); |
| 33 | + } catch (error) { |
| 34 | + if (error instanceof z.ZodError) { |
| 35 | + console.log(error); |
| 36 | + return NextResponse.json({ message: error.errors[0].message }, { status: 400 }); |
| 37 | + } |
| 38 | + return NextResponse.json({ message: "Invalid token" }, { status: 400 }); |
| 39 | + } |
| 40 | +} |
44 | 41 |
|
45 | | - return NextResponse.json( |
46 | | - { message: "Password reset successfully" }, |
47 | | - { status: 200 }, |
48 | | - ); |
| 42 | +// POST method to reset password |
| 43 | +export async function POST(req: Request) { |
| 44 | + try { |
| 45 | + const body = await req.json(); |
| 46 | + |
| 47 | + // Log the body to debug |
| 48 | + console.log('Request body:', body); |
| 49 | + |
| 50 | + const { token, newPassword } = resetSchema.parse(body); |
| 51 | + const apiRes = await resetPassword({ token, newPassword }); |
| 52 | + return NextResponse.json(apiRes, { status: 200 }); |
49 | 53 | } catch (error) { |
50 | 54 | if (error instanceof z.ZodError) { |
51 | | - return NextResponse.json( |
52 | | - { message: error.errors[0].message }, |
53 | | - { status: 400 }, |
54 | | - ); |
| 55 | + console.log(error.errors) |
| 56 | + return NextResponse.json({ message: error.errors[0].message }, { status: 400 }); |
| 57 | + } |
| 58 | + // If backend returns an error, try to forward it |
| 59 | + console.log(error) |
| 60 | + if (typeof error === 'object' && error !== null && 'message' in error) { |
| 61 | + |
| 62 | + return NextResponse.json({ message: String((error as { message: unknown }).message) }, { status: 500 }); |
55 | 63 | } |
56 | | - return NextResponse.json({ message: "An error occurred" }, { status: 500 }); |
| 64 | + return NextResponse.json({ message: error }, { status: 500 }); |
57 | 65 | } |
58 | 66 | } |
0 commit comments