fix: use token_hash with /auth/confirm route for password reset link
All checks were successful
Staging Build / build (push) Successful in 2m36s
All checks were successful
Staging Build / build (push) Successful in 2m36s
This commit is contained in:
@@ -85,10 +85,12 @@ export async function resetPassword(email: string) {
|
||||
});
|
||||
if (error) throw error;
|
||||
const linkData = data as any;
|
||||
let resetLink = linkData?.properties?.action_link || linkData?.action_link || linkData?.link || '';
|
||||
if (!resetLink) throw new Error('Reset link not generated');
|
||||
// Fix: replace localhost URLs with actual site URL
|
||||
resetLink = resetLink.replace(/http:\/\/localhost:\d+/g, process.env.NEXT_PUBLIC_SITE_URL || 'https://staging.hephex.de');
|
||||
// Extract token_hash from the generated link properties
|
||||
const tokenHash = linkData?.properties?.hashed_token;
|
||||
if (!tokenHash) throw new Error('Recovery token not generated');
|
||||
// Build link pointing to our own /auth/confirm route
|
||||
const siteUrl = process.env.NEXT_PUBLIC_SITE_URL || 'https://staging.hephex.de';
|
||||
const resetLink = `${siteUrl}/auth/confirm?token_hash=${tokenHash}&type=recovery&next=/auth/update-password`;
|
||||
await sendMail({
|
||||
to: email,
|
||||
subject: 'Passwort zurücksetzen',
|
||||
|
||||
Reference in New Issue
Block a user