Website : rimsha.abasa.com
backdoor
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
var
/
www
/
talha_silentcontent
/
src
/
app
/
api
/
reset-password
/
Filename :
route.ts
back
Copy
import { NextRequest, NextResponse } from "next/server"; import { connect } from "@/app/dbConfig/dbConfig"; import jwt from "jsonwebtoken"; import bcryptjs from "bcryptjs"; import User from "@/models/userModel"; connect(); type DecodedToken = { email: string; }; export async function POST(req: NextRequest) { try { const { token, newPassword } = await req.json(); // Validate request payload if (!token || !newPassword) { return NextResponse.json( { message: "Token and new password are required" }, { status: 400 } ); } // Verify JWT token let decodedToken: DecodedToken; try { decodedToken = jwt.verify( token, process.env.TOKEN_SECRET as string ) as DecodedToken; } catch (error) { if (error instanceof jwt.TokenExpiredError) { return NextResponse.json( { message: "Token has expired" }, { status: 400 } ); } if (error instanceof jwt.JsonWebTokenError) { return NextResponse.json( { message: "Invalid token" }, { status: 400 } ); } throw error; // Re-throw other errors for generic error handling } const { email } = decodedToken; const user = await User.findOne({ email }); if (!user) { return NextResponse.json({ message: "User not found" }, { status: 404 }); } const salt = await bcryptjs.genSalt(10); const hashedPassword = await bcryptjs.hash(newPassword, salt); const updatedUser = await User.findOneAndUpdate( { email }, { password: hashedPassword }, { new: true } ); if (!updatedUser) { return NextResponse.json( { message: "Failed to update user password" }, { status: 500 } ); } return NextResponse.json( { message: "Password updated successfully" }, { status: 200 } ); } catch (error) { console.error("Error in reset password handler:", error); if (error instanceof Error) { return NextResponse.json( { message: "Internal server error", error: error.message }, { status: 500 } ); } // Return appropriate error message return NextResponse.json( { message: "Internal server error", error: 'UNKNOWN ERROR' }, { status: 500 } ); } }