Files
afrov2/app/api/auth/reset-password/route.ts
streaper2 9c003d1b7d
All checks were successful
Build and Push App / build (push) Successful in 5m59s
feat: implement full authentication system with CSRF protection and email verification flow
2026-04-30 23:46:34 +02:00

55 lines
1.5 KiB
TypeScript

import { NextResponse, NextRequest } from 'next/server';
import prisma from '@/lib/prisma';
import bcrypt from 'bcryptjs';
import { verifyCsrfToken, verifyOrigin } from '@/lib/csrf';
export async function POST(request: NextRequest) {
// CSRF Protection
const isOriginValid = verifyOrigin(request);
const isCsrfValid = await verifyCsrfToken(request);
if (!isOriginValid || !isCsrfValid) {
return NextResponse.json(
{ error: 'Protection CSRF : Requête invalide' },
{ status: 403 }
);
}
try {
const { token, password } = await request.json();
if (!token || !password) {
return NextResponse.json({ error: 'Token et mot de passe sont requis' }, { status: 400 });
}
const user = await prisma.user.findFirst({
where: {
resetToken: token,
resetTokenExpiry: {
gt: new Date(),
},
},
});
if (!user) {
return NextResponse.json({ error: 'Token invalide ou expiré' }, { status: 400 });
}
const hashedPassword = await bcrypt.hash(password, 10);
await prisma.user.update({
where: { id: user.id },
data: {
password: hashedPassword,
resetToken: null,
resetTokenExpiry: null,
},
});
return NextResponse.json({ message: 'Votre mot de passe a été mis à jour avec succès' });
} catch (error: any) {
console.error('Error in reset-password:', error);
return NextResponse.json({ error: 'Une erreur est survenue lors de la réinitialisation' }, { status: 500 });
}
}