45 lines
1.3 KiB
TypeScript
45 lines
1.3 KiB
TypeScript
import { getUserByEmail, createPasswordResetCode } from '~/server/utils/database'
|
|
import { sendPasswordResetEmail, generateResetCode } from '~/server/utils/email'
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const body = await readBody(event)
|
|
const { email } = body
|
|
|
|
if (!email) {
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: 'Email is required',
|
|
})
|
|
}
|
|
|
|
// Check if user exists with this email
|
|
const user = getUserByEmail(email)
|
|
|
|
if (!user) {
|
|
// Don't reveal if email exists or not for security
|
|
return { success: true, message: 'If an account exists with this email, a reset code has been sent.' }
|
|
}
|
|
|
|
// Generate 6-digit code
|
|
const code = generateResetCode()
|
|
|
|
// Set expiration to 15 minutes from now
|
|
const expiresAt = new Date(Date.now() + 15 * 60 * 1000).toISOString()
|
|
|
|
// Store code in database
|
|
createPasswordResetCode(email, code, expiresAt)
|
|
|
|
// Send email
|
|
try {
|
|
await sendPasswordResetEmail(email, code)
|
|
} catch (error) {
|
|
console.error('Failed to send reset email:', error)
|
|
throw createError({
|
|
statusCode: 500,
|
|
message: 'Failed to send reset email. Please try again later.',
|
|
})
|
|
}
|
|
|
|
return { success: true, message: 'If an account exists with this email, a reset code has been sent.' }
|
|
})
|