shellphone.app/app/features/auth/actions/reset-password.ts

import { type ActionFunction, json, redirect } from "@remix-run/node";
import { TokenType } from "@prisma/client";

import db from "~/utils/db.server";
import logger from "~/utils/logger.server";
import { type FormError, validate } from "~/utils/validation.server";
import { authenticate, hashPassword } from "~/utils/auth.server";
import { ResetPasswordError } from "~/utils/errors";
import { hashToken } from "~/utils/token.server";
import { ResetPassword } from "../validations";

export type ResetPasswordActionData = { errors: FormError<typeof ResetPassword> };

const action: ActionFunction = async ({ request }) => {
	const searchParams = new URL(request.url).searchParams;
	const token = searchParams.get("token");
	if (!token) {
		return redirect("/forgot-password");
	}

	const formData = Object.fromEntries(await request.formData());
	const validation = validate(ResetPassword, { ...formData, token });
	if (validation.errors) {
		return json<ResetPasswordActionData>({ errors: validation.errors });
	}

	const hashedToken = hashToken(token);
	const savedToken = await db.token.findFirst({
		where: { hashedToken, type: TokenType.RESET_PASSWORD },
		include: { user: true },
	});
	if (!savedToken) {
		logger.warn(`No token found with hashedToken=${hashedToken}`);
		throw new ResetPasswordError();
	}

	await db.token.delete({ where: { id: savedToken.id } });

	if (savedToken.expiresAt < new Date()) {
		logger.warn(`Token with hashedToken=${hashedToken} is expired since ${savedToken.expiresAt.toUTCString()}`);
		throw new ResetPasswordError();
	}

	const password = validation.data.password.trim();
	const hashedPassword = await hashPassword(password);
	const { email } = await db.user.update({
		where: { id: savedToken.userId },
		data: { hashedPassword },
	});

	await db.session.deleteMany({ where: { userId: savedToken.userId } });

	return authenticate({ email, password, request });
};

export default action;
remixed v0 2022-05-14 10:22:06 +00:00			`import { type ActionFunction, json, redirect } from "@remix-run/node";`
			`import { TokenType } from "@prisma/client";`

			`import db from "~/utils/db.server";`
			`import logger from "~/utils/logger.server";`
			`import { type FormError, validate } from "~/utils/validation.server";`
			`import { authenticate, hashPassword } from "~/utils/auth.server";`
			`import { ResetPasswordError } from "~/utils/errors";`
			`import { hashToken } from "~/utils/token.server";`
			`import { ResetPassword } from "../validations";`

			`export type ResetPasswordActionData = { errors: FormError<typeof ResetPassword> };`

			`const action: ActionFunction = async ({ request }) => {`
			`const searchParams = new URL(request.url).searchParams;`
			`const token = searchParams.get("token");`
			`if (!token) {`
			`return redirect("/forgot-password");`
			`}`

			`const formData = Object.fromEntries(await request.formData());`
			`const validation = validate(ResetPassword, { ...formData, token });`
			`if (validation.errors) {`
			`return json<ResetPasswordActionData>({ errors: validation.errors });`
			`}`

			`const hashedToken = hashToken(token);`
			`const savedToken = await db.token.findFirst({`
			`where: { hashedToken, type: TokenType.RESET_PASSWORD },`
			`include: { user: true },`
			`});`
			`if (!savedToken) {`
			logger.warn(`No token found with hashedToken=${hashedToken}`);
			`throw new ResetPasswordError();`
			`}`

			`await db.token.delete({ where: { id: savedToken.id } });`

			`if (savedToken.expiresAt < new Date()) {`
			logger.warn(`Token with hashedToken=${hashedToken} is expired since ${savedToken.expiresAt.toUTCString()}`);
			`throw new ResetPasswordError();`
			`}`

			`const password = validation.data.password.trim();`
			`const hashedPassword = await hashPassword(password);`
			`const { email } = await db.user.update({`
			`where: { id: savedToken.userId },`
			`data: { hashedPassword },`
			`});`

			`await db.session.deleteMany({ where: { userId: savedToken.userId } });`

			`return authenticate({ email, password, request });`
			`};`

			`export default action;`