From 0e4a111f81cceed275d9bec2695f6e401fb654d8 Mon Sep 17 00:00:00 2001
From: syuilo <Syuilotan@yahoo.co.jp>
Date: Fri, 12 Nov 2021 02:02:25 +0900
Subject: refactoring

Resolve #7779
---
 .../src/server/api/endpoints/reset-password.ts     | 45 ++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 packages/backend/src/server/api/endpoints/reset-password.ts

(limited to 'packages/backend/src/server/api/endpoints/reset-password.ts')

diff --git a/packages/backend/src/server/api/endpoints/reset-password.ts b/packages/backend/src/server/api/endpoints/reset-password.ts
new file mode 100644
index 0000000000..53b0bfde0b
--- /dev/null
+++ b/packages/backend/src/server/api/endpoints/reset-password.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import * as bcrypt from 'bcryptjs';
+import { publishMainStream } from '@/services/stream';
+import define from '../define';
+import { Users, UserProfiles, PasswordResetRequests } from '@/models/index';
+import { ApiError } from '../error';
+
+export const meta = {
+	requireCredential: false as const,
+
+	params: {
+		token: {
+			validator: $.str
+		},
+
+		password: {
+			validator: $.str
+		}
+	},
+
+	errors: {
+
+	}
+};
+
+export default define(meta, async (ps, user) => {
+	const req = await PasswordResetRequests.findOneOrFail({
+		token: ps.token,
+	});
+
+	// 発行してから30分以上経過していたら無効
+	if (Date.now() - req.createdAt.getTime() > 1000 * 60 * 30) {
+		throw new Error(); // TODO
+	}
+
+	// Generate hash of password
+	const salt = await bcrypt.genSalt(8);
+	const hash = await bcrypt.hash(ps.password, salt);
+
+	await UserProfiles.update(req.userId, {
+		password: hash
+	});
+
+	PasswordResetRequests.delete(req.id);
+});
-- 
cgit v1.2.3-freya