From 82f51b2b7e9ac3008ac7b4c6850b2f04b3bee47e Mon Sep 17 00:00:00 2001
From: Colin Kallemein <cakallemein@gmail.com>
Date: Sat, 2 Nov 2024 01:46:50 +0100
Subject: [PATCH] Added pw token expiry check, temporarily commented mailer
 code due to bugs

---
 src/services/userService.ts | 55 ++++++++++++++++++++-----------------
 1 file changed, 30 insertions(+), 25 deletions(-)

diff --git a/src/services/userService.ts b/src/services/userService.ts
index f974200..4205670 100644
--- a/src/services/userService.ts
+++ b/src/services/userService.ts
@@ -65,13 +65,16 @@ class UserService {
     const user = await UserRepository.getByEmail(email)
     if ( !user ) return
     const token = await bcrypt.genSalt(10)
+    const latestToken = await prisma.passwordResetToken.findFirst({ where: { userId: user.id } })
 
     //Check if password reset has been requested recently
-    if (await prisma.passwordResetToken.findFirst({
-      where: {
-        userId: user.id
-      },
-    })) return
+    if (latestToken) {
+
+      const tokenExpiryDate = new Date(Date.now() - 24 * 60 * 60 * 1000);
+      const isTokenExpired = latestToken.createdAt < tokenExpiryDate
+
+      if (!isTokenExpired) return
+    }
 
     prisma.passwordResetToken.create({
       data: {
@@ -80,29 +83,31 @@ class UserService {
       }
     });
 
-    const transporter = NodeMailer.createTransport({
-      host: config.SMTP_HOST,
-      port: config.SMTP_PORT,
-      secure: false,
-      auth: {
-        user: config.SMTP_USER,
-        pass: config.SMTP_PASSWORD,
-      },
-    });
+    return
 
-    const info = await transporter.sendMail({
-      from: config.SMTP_USER,
-      to: email,
-      subject: "Reset your password",
-      text: "A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/" + token, // Plain text body
-      html: "<p>A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/" + token + "</p>", // Html body
-    });
-    console.log("Message sent: %s", info.messageId);
+    // const transporter = NodeMailer.createTransport({
+    //   host: config.SMTP_HOST,
+    //   port: config.SMTP_PORT,
+    //   secure: false,
+    //   auth: {
+    //     user: config.SMTP_USER,
+    //     pass: config.SMTP_PASSWORD,
+    //   },
+    // });
+    //
+    // const info = await transporter.sendMail({
+    //   from: config.SMTP_USER,
+    //   to: email,
+    //   subject: "Reset your password",
+    //   text: "A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/" + token, // Plain text body
+    //   html: "<p>A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/" + token + "</p>", // Html body
+    // });
+    // console.log("Message sent: %s", info.messageId);
 
 
-    if (info) {
-      return true
-    }
+    // if (info) {
+    //   return true
+    // }
   }
 }