49 lines
1.5 KiB
TypeScript
49 lines
1.5 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { prisma } from '@/lib/db'
|
|
import { hashPassword } from '@/lib/auth'
|
|
import { resetPasswordLimiter, getClientIp, rateLimitResponse } from '@/lib/rate-limit'
|
|
|
|
export async function POST(req: NextRequest) {
|
|
try {
|
|
const ip = getClientIp(req)
|
|
const rl = resetPasswordLimiter.check(ip)
|
|
if (!rl.success) return rateLimitResponse(rl.resetAt)
|
|
|
|
const { token, password } = await req.json()
|
|
if (!token || !password) {
|
|
return NextResponse.json({ error: 'Token und Passwort erforderlich' }, { status: 400 })
|
|
}
|
|
|
|
if (password.length < 8) {
|
|
return NextResponse.json({ error: 'Passwort muss mindestens 8 Zeichen lang sein' }, { status: 400 })
|
|
}
|
|
|
|
const user = await (prisma as any).user.findFirst({
|
|
where: {
|
|
resetToken: token,
|
|
resetTokenExpiry: { gt: new Date() },
|
|
},
|
|
})
|
|
|
|
if (!user) {
|
|
return NextResponse.json({ error: 'Ungültiger oder abgelaufener Link. Bitte fordern Sie einen neuen Link an.' }, { status: 400 })
|
|
}
|
|
|
|
const hashedPassword = await hashPassword(password)
|
|
|
|
await (prisma as any).user.update({
|
|
where: { id: user.id },
|
|
data: {
|
|
password: hashedPassword,
|
|
resetToken: null,
|
|
resetTokenExpiry: null,
|
|
},
|
|
})
|
|
|
|
return NextResponse.json({ success: true, message: 'Passwort wurde erfolgreich geändert.' })
|
|
} catch (error) {
|
|
console.error('Reset password error:', error)
|
|
return NextResponse.json({ error: 'Serverfehler' }, { status: 500 })
|
|
}
|
|
}
|