Finish password reset (hopefully)

src/services/userService.ts

@@ -77,9 +77,15 @@ class UserService {
       const isTokenExpired = latestToken.createdAt < tokenExpiryDate
 
       if (!isTokenExpired) return false
+
+      await prisma.passwordResetToken.delete({
+        where: {
+          id: latestToken.id
+        }
+      })
     }
 
-    prisma.passwordResetToken.create({
+    await prisma.passwordResetToken.create({
       data: {
         userId: user.id,
         token: token,
@@ -101,8 +107,8 @@ class UserService {
         from: config.SMTP_USER,
         to: email,
         subject: "Reset your password",
-        text: "A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/#" + token, // Plain text body
-        html: "<p>A password reset has been requested, reset your password here: <a href='" + config.CLIENT_URL + "/#" + token + "'>" + config.CLIENT_URL + "/#token=" + token + "</a></p>", // Html body
+        text: "A password reset has been requested, reset your password here: " + config.CLIENT_URL + "#" + token, // Plain text body
+        html: "<p>A password reset has been requested, reset your password here: <a href='" + config.CLIENT_URL + "#" + token + "'>" + config.CLIENT_URL + "#" + token + "</a></p>", // Html body
       });
 
       return true
@@ -110,6 +116,26 @@ class UserService {
       return false
     }
   }
+
+  /**
+   * Set new password
+   * @param urlToken
+   * @param password
+   */
+  async newPassword(urlToken: string, password: string): Promise<boolean | User> {
+    const tokenData = await PasswordResetTokenRepository.getByToken(urlToken)
+    if (!tokenData) {
+      return false
+    }
+
+    const hashedPassword = await bcrypt.hash(password, 10)
+    return prisma.user.update({
+      where: { id: tokenData.userId },
+      data: {
+        password: hashedPassword
+      }
+    })
+  }
 }
 
 export default UserService