@cocalc/server/dist/auth/redeem-password-reset.js

CoCalc server functionality: functions used by either the hub and the next.js server

"use strict";
/*
1. check that the password reset id is valid still; throw error if not
2. check that the password is valid; throw error if not
3. invalidate password reset id by writing that it is used to the database
4. write hash of new password to the database
5. Return account_id of user who just reset their password.
*/
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const pool_1 = __importDefault(require("@cocalc/database/pool"));
const get_1 = __importDefault(require("@cocalc/database/pool/account/get"));
const set_password_1 = __importDefault(require("@cocalc/database/pool/account/set-password"));
async function redeemPasswordReset(password, passwordResetId) {
    if (password.length < 6) {
        // won't happen in practice because frontend UI prevents this...
        throw Error("password is too short");
    }
    const pool = (0, pool_1.default)();
    const { rows } = await pool.query("SELECT email_address FROM password_reset WHERE expire > NOW() AND id=$1::UUID", [passwordResetId]);
    if (rows.length == 0) {
        throw Error("Password reset no longer valid.");
    }
    const { email_address } = rows[0];
    await pool.query("UPDATE password_reset SET expire=NOW() WHERE id=$1::UUID", [
        passwordResetId,
    ]);
    const account_id = await (0, get_1.default)({ email_address });
    await (0, set_password_1.default)(account_id, password);
    return account_id;
}
exports.default = redeemPasswordReset;
//# sourceMappingURL=redeem-password-reset.js.map