ThaMunsta/loot-hunt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

QOL improvements
All checks were successful
Build Images and Deploy / Update-PROD-Stack (push) Successful in 28s
Details

Browse Source
This commit is contained in:
Mike Johnston
2026-02-28 01:14:50 -05:00
parent 79ee7064a8
commit bdb6d5ee25
11 changed files with 264 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/routes/auth.js
View File

@@ -79,4 +79,39 @@ router.get('/logout', (req, res) => {
});
});
// ─── Password reset (via admin-generated URL) ────────────
router.get('/reset/:token', (req, res) => {
const tokenRecord = Users.findByResetToken(req.params.token);
if (!tokenRecord) {
return res.render('error', { title: 'Invalid Link', message: 'This password reset link is invalid or has expired.' });
}
res.render('auth/reset', { title: 'Reset Password', token: req.params.token, username: tokenRecord.username, error: null });
});
router.post('/reset/:token', (req, res) => {
const tokenRecord = Users.findByResetToken(req.params.token);
if (!tokenRecord) {
return res.render('error', { title: 'Invalid Link', message: 'This password reset link is invalid or has expired.' });
}
const { password, password_confirm } = req.body;
if (!password || password.length < 6) {
return res.render('auth/reset', { title: 'Reset Password', token: req.params.token, username: tokenRecord.username, error: 'Password must be at least 6 characters.' });
}
if (password !== password_confirm) {
return res.render('auth/reset', { title: 'Reset Password', token: req.params.token, username: tokenRecord.username, error: 'Passwords do not match.' });
}
Users.setPassword(tokenRecord.user_id, password);
Users.consumeResetToken(req.params.token);
// Log the user in
req.session.userId = tokenRecord.user_id;
req.session.username = tokenRecord.username;
req.session.isAdmin = false; // they can re-check on next load
res.redirect('/');
});
module.exports = router;