fix: use token_hash with /auth/confirm route for password reset link
All checks were successful
Staging Build / build (push) Successful in 2m36s
All checks were successful
Staging Build / build (push) Successful in 2m36s
This commit is contained in:
@@ -85,10 +85,12 @@ export async function resetPassword(email: string) {
|
|||||||
});
|
});
|
||||||
if (error) throw error;
|
if (error) throw error;
|
||||||
const linkData = data as any;
|
const linkData = data as any;
|
||||||
let resetLink = linkData?.properties?.action_link || linkData?.action_link || linkData?.link || '';
|
// Extract token_hash from the generated link properties
|
||||||
if (!resetLink) throw new Error('Reset link not generated');
|
const tokenHash = linkData?.properties?.hashed_token;
|
||||||
// Fix: replace localhost URLs with actual site URL
|
if (!tokenHash) throw new Error('Recovery token not generated');
|
||||||
resetLink = resetLink.replace(/http:\/\/localhost:\d+/g, process.env.NEXT_PUBLIC_SITE_URL || 'https://staging.hephex.de');
|
// Build link pointing to our own /auth/confirm route
|
||||||
|
const siteUrl = process.env.NEXT_PUBLIC_SITE_URL || 'https://staging.hephex.de';
|
||||||
|
const resetLink = `${siteUrl}/auth/confirm?token_hash=${tokenHash}&type=recovery&next=/auth/update-password`;
|
||||||
await sendMail({
|
await sendMail({
|
||||||
to: email,
|
to: email,
|
||||||
subject: 'Passwort zurücksetzen',
|
subject: 'Passwort zurücksetzen',
|
||||||
|
|||||||
Reference in New Issue
Block a user