fix forgot password and add runscripts
This commit is contained in:
@@ -316,6 +316,22 @@ router.post('/auth/2fa/verify', requireAdminAuth, async (req, res, next) => {
|
||||
|
||||
const ADMIN_RESET_TOKEN_TTL_MINUTES = 60
|
||||
|
||||
function ensureAppBasePath(baseUrl: string, basePath: string) {
|
||||
try {
|
||||
const url = new URL(baseUrl)
|
||||
const normalizedPathname = url.pathname.replace(/\/$/, '')
|
||||
if (normalizedPathname === basePath || normalizedPathname.endsWith(basePath)) {
|
||||
return url.toString().replace(/\/$/, '')
|
||||
}
|
||||
|
||||
url.pathname = `${normalizedPathname}${basePath}` || basePath
|
||||
return url.toString().replace(/\/$/, '')
|
||||
} catch {
|
||||
const trimmed = baseUrl.replace(/\/$/, '')
|
||||
return trimmed.endsWith(basePath) ? trimmed : `${trimmed}${basePath}`
|
||||
}
|
||||
}
|
||||
|
||||
router.post('/auth/forgot-password', async (req, res, next) => {
|
||||
try {
|
||||
const { email } = z.object({ email: z.string().email().max(255).trim().toLowerCase() }).parse(req.body)
|
||||
@@ -330,7 +346,10 @@ router.post('/auth/forgot-password', async (req, res, next) => {
|
||||
data: { passwordResetToken: rawToken, passwordResetExpiresAt: expiresAt },
|
||||
})
|
||||
|
||||
const adminUrl = process.env.ADMIN_URL ?? 'http://localhost:3002'
|
||||
const adminUrl = ensureAppBasePath(
|
||||
process.env.ADMIN_URL ?? process.env.NEXT_PUBLIC_ADMIN_URL ?? 'http://localhost:3002/admin',
|
||||
'/admin',
|
||||
)
|
||||
const resetUrl = `${adminUrl}/reset-password?token=${rawToken}`
|
||||
|
||||
await sendTransactionalEmail({
|
||||
|
||||
@@ -10,6 +10,22 @@ const router = Router()
|
||||
|
||||
const RESET_TOKEN_TTL_MINUTES = 60
|
||||
|
||||
function ensureAppBasePath(baseUrl: string, basePath: string) {
|
||||
try {
|
||||
const url = new URL(baseUrl)
|
||||
const normalizedPathname = url.pathname.replace(/\/$/, '')
|
||||
if (normalizedPathname === basePath || normalizedPathname.endsWith(basePath)) {
|
||||
return url.toString().replace(/\/$/, '')
|
||||
}
|
||||
|
||||
url.pathname = `${normalizedPathname}${basePath}` || basePath
|
||||
return url.toString().replace(/\/$/, '')
|
||||
} catch {
|
||||
const trimmed = baseUrl.replace(/\/$/, '')
|
||||
return trimmed.endsWith(basePath) ? trimmed : `${trimmed}${basePath}`
|
||||
}
|
||||
}
|
||||
|
||||
function signEmployeeToken(employeeId: string) {
|
||||
return jwt.sign(
|
||||
{ sub: employeeId, type: 'employee' },
|
||||
@@ -150,7 +166,10 @@ router.post('/forgot-password', async (req, res, next) => {
|
||||
data: { passwordResetToken: rawToken, passwordResetExpiresAt: expiresAt },
|
||||
})
|
||||
|
||||
const dashboardUrl = process.env.DASHBOARD_URL ?? 'http://localhost:3001'
|
||||
const dashboardUrl = ensureAppBasePath(
|
||||
process.env.DASHBOARD_URL ?? process.env.NEXT_PUBLIC_DASHBOARD_URL ?? 'http://localhost:3001/dashboard',
|
||||
'/dashboard',
|
||||
)
|
||||
const resetUrl = `${dashboardUrl}/reset-password?token=${rawToken}`
|
||||
|
||||
await sendTransactionalEmail({
|
||||
|
||||
Reference in New Issue
Block a user