Skip to content

Commit 0a33b66

Browse files
wpcodevowpcodevo
committed
updated
1 parent 1354405 commit 0a33b66

File tree

1 file changed

+3
-5
lines changed

1 file changed

+3
-5
lines changed

controllers/auth.controller.go

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -235,19 +235,17 @@ func (ac *AuthController) ResetPassword(ctx *gin.Context) {
235235
passwordResetToken := utils.Encode(resetToken)
236236

237237
var updatedUser models.User
238-
result := ac.DB.First(&updatedUser, "password_reset_token = ?", passwordResetToken)
238+
result := ac.DB.First(&updatedUser, "password_reset_token = ? AND password_reset_at > ?", passwordResetToken, time.Now())
239239
if result.Error != nil {
240-
ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": "Invalid verification code or user doesn't exists"})
240+
ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": "The reset token is invalid or has expired"})
241241
return
242242
}
243243

244244
updatedUser.Password = hashedPassword
245245
updatedUser.PasswordResetToken = ""
246246
ac.DB.Save(&updatedUser)
247247

248-
ctx.SetCookie("access_token", "", -1, "/", "localhost", false, true)
249-
ctx.SetCookie("refresh_token", "", -1, "/", "localhost", false, true)
250-
ctx.SetCookie("logged_in", "", -1, "/", "localhost", false, true)
248+
ctx.SetCookie("token", "", -1, "/", "localhost", false, true)
251249

252250
ctx.JSON(http.StatusOK, gin.H{"status": "success", "message": "Password data updated successfully"})
253251
}

0 commit comments

Comments
 (0)