@paroicms/server
Version:
The ParoiCMS server
65 lines • 2.11 kB
JavaScript
import { ApiError } from "@paroicms/public-server-lib";
import { type } from "arktype";
import { hashPassword } from "../../helpers/passwordEncrypt-helper.js";
export async function updateAccountPassword(siteContext, payload) {
const account = await getAccount(siteContext, payload.accountId);
if (account.passwordResetToken !== payload.resetToken) {
throw new ApiError("Invalid reset token", 400);
}
const passwordHash = await hashPassword(payload.password);
await siteContext
.cn("PaAccount")
.update({
passwordHash,
passwordResetToken: null,
})
.where("id", account.id);
}
export async function checkAccountPasswordReset(siteContext, payload) {
const account = await getAccount(siteContext, payload.accountId);
if (account.passwordResetToken !== payload.resetToken) {
return {
authorized: false,
};
}
return {
authorized: true,
email: account.email,
name: account.name,
};
}
const PasswordResetAccountRowAT = type({
id: "number",
email: "string",
name: "string|null",
preferences: "string|null",
passwordHash: "string|null",
passwordResetToken: "string|null",
"+": "reject",
}).pipe((data) => ({
id: String(data.id),
email: data.email,
name: data.name ?? undefined,
preferences: data.preferences ?? undefined,
passwordHash: data.passwordHash ?? undefined,
passwordResetToken: data.passwordResetToken ?? undefined,
}));
async function getAccount(siteContext, id) {
const found = await siteContext
.cn("PaAccount as a")
.select([
"a.id as id",
"a.email as email",
"a.name as name",
"a.preferences as preferences",
"a.passwordHash as passwordHash",
"a.passwordResetToken as passwordResetToken",
])
.where("a.id", id)
.first();
if (!found) {
throw new ApiError(`Not found account with id:'${id}'`, 400);
}
return PasswordResetAccountRowAT.assert(found);
}
//# sourceMappingURL=password-reset.service.js.map