mirror of
https://github.com/kjanat/livedash-node.git
synced 2026-01-16 20:52:09 +01:00
Kaj Kowalski
93fbb44eec
Major code quality overhaul addressing 58% of all linting issues: • Type Safety Improvements: - Replace all any types with proper TypeScript interfaces - Fix Map component shadowing (renamed to CountryMap) - Add comprehensive custom error classes system - Enhance API route type safety • Accessibility Enhancements: - Add explicit button types to all interactive elements - Implement useId() hooks for form element accessibility - Add SVG title attributes for screen readers - Fix static element interactions with keyboard handlers • React Best Practices: - Resolve exhaustive dependencies warnings with useCallback - Extract nested component definitions to top level - Fix array index keys with proper unique identifiers - Improve component organization and prop typing • Code Organization: - Automatic import organization and type import optimization - Fix unused function parameters and variables - Enhanced error handling with structured error responses - Improve component reusability and maintainability Results: 248 → 104 total issues (58% reduction) - Fixed all critical type safety and security issues - Enhanced accessibility compliance significantly - Improved code maintainability and performance
77 lines
1.9 KiB
TypeScript
77 lines
1.9 KiB
TypeScript
import crypto from "node:crypto";
|
|
import bcrypt from "bcryptjs";
|
|
import { type NextRequest, NextResponse } from "next/server";
|
|
import { prisma } from "../../../lib/prisma";
|
|
import { resetPasswordSchema, validateInput } from "../../../lib/validation";
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const body = await request.json();
|
|
|
|
// Validate input with strong password requirements
|
|
const validation = validateInput(resetPasswordSchema, body);
|
|
if (!validation.success) {
|
|
return NextResponse.json(
|
|
{
|
|
success: false,
|
|
error: "Validation failed",
|
|
details: validation.errors,
|
|
},
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const { token, password } = validation.data;
|
|
|
|
// Hash the token to compare with stored hash
|
|
const tokenHash = crypto.createHash("sha256").update(token).digest("hex");
|
|
|
|
const user = await prisma.user.findFirst({
|
|
where: {
|
|
resetToken: tokenHash,
|
|
resetTokenExpiry: { gte: new Date() },
|
|
},
|
|
});
|
|
|
|
if (!user) {
|
|
return NextResponse.json(
|
|
{
|
|
success: false,
|
|
error:
|
|
"Invalid or expired token. Please request a new password reset.",
|
|
},
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Hash password with higher rounds for better security
|
|
const hashedPassword = await bcrypt.hash(password, 12);
|
|
|
|
await prisma.user.update({
|
|
where: { id: user.id },
|
|
data: {
|
|
password: hashedPassword,
|
|
resetToken: null,
|
|
resetTokenExpiry: null,
|
|
},
|
|
});
|
|
|
|
return NextResponse.json(
|
|
{
|
|
success: true,
|
|
message: "Password has been reset successfully.",
|
|
},
|
|
{ status: 200 }
|
|
);
|
|
} catch (error) {
|
|
console.error("Reset password error:", error);
|
|
return NextResponse.json(
|
|
{
|
|
success: false,
|
|
error: "An internal server error occurred. Please try again later.",
|
|
},
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|