UNPKG

payload

Version:

Node, React, Headless CMS and Application Framework built on Next.js

payloadcms.com

payloadcms/payload

112 lines (111 loc) 4.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
import { status as httpStatus } from 'http-status'; import { APIError, Forbidden } from '../../errors/index.js'; import { commitTransaction } from '../../utilities/commitTransaction.js'; import { initTransaction } from '../../utilities/initTransaction.js'; import { killTransaction } from '../../utilities/killTransaction.js'; import { getFieldsToSign } from '../getFieldsToSign.js'; import { jwtSign } from '../jwt.js'; import { authenticateLocalStrategy } from '../strategies/local/authenticate.js'; import { generatePasswordSaltHash } from '../strategies/local/generatePasswordSaltHash.js'; export const resetPasswordOperation = async (args)=>{ const { collection: { config: collectionConfig }, data, depth, overrideAccess, req: { payload: { secret }, payload }, req } = args; if (!Object.prototype.hasOwnProperty.call(data, 'token') || !Object.prototype.hasOwnProperty.call(data, 'password')) { throw new APIError('Missing required data.', httpStatus.BAD_REQUEST); } if (collectionConfig.auth.disableLocalStrategy) { throw new Forbidden(req.t); } try { const shouldCommit = await initTransaction(req); // ///////////////////////////////////// // Reset Password // ///////////////////////////////////// const user = await payload.db.findOne({ collection: collectionConfig.slug, req, where: { resetPasswordExpiration: { greater_than: new Date().toISOString() }, resetPasswordToken: { equals: data.token } } }); if (!user) { throw new APIError('Token is either invalid or has expired.', httpStatus.FORBIDDEN); } // TODO: replace this method const { hash, salt } = await generatePasswordSaltHash({ collection: collectionConfig, password: data.password, req }); user.salt = salt; user.hash = hash; user.resetPasswordExpiration = new Date().toISOString(); if (collectionConfig.auth.verify) { user._verified = Boolean(user._verified); } // ///////////////////////////////////// // beforeValidate - Collection // ///////////////////////////////////// if (collectionConfig.hooks?.beforeValidate?.length) { for (const hook of collectionConfig.hooks.beforeValidate){ await hook({ collection: args.collection?.config, context: req.context, data: user, operation: 'update', req }); } } // ///////////////////////////////////// // Update new password // ///////////////////////////////////// const doc = await payload.db.updateOne({ id: user.id, collection: collectionConfig.slug, data: user, req }); await authenticateLocalStrategy({ doc, password: data.password }); const fieldsToSign = getFieldsToSign({ collectionConfig, email: user.email, user }); const { token } = await jwtSign({ fieldsToSign, secret, tokenExpiration: collectionConfig.auth.tokenExpiration }); const fullUser = await payload.findByID({ id: user.id, collection: collectionConfig.slug, depth, overrideAccess, req }); if (shouldCommit) { await commitTransaction(req); } if (fullUser) { fullUser.collection = collectionConfig.slug; fullUser._strategy = 'local-jwt'; } const result = { token, user: fullUser }; return result; } catch (error) { await killTransaction(req); throw error; } }; //# sourceMappingURL=resetPassword.js.map