feat: implement password reset functionality with token verification and change password feature

src/app/api/auth/password-reset/verify/route.js

@@ -0,0 +1,47 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+
+const verifySchema = z.object({
+	token: z.string().min(1, "Token is required"),
+});
+
+export async function POST(request) {
+	try {
+		const body = await request.json();
+		const { token } = verifySchema.parse(body);
+
+		// Import database here to avoid edge runtime issues
+		const { default: db } = await import("@/lib/db.js");
+
+		// Check if token exists and is valid
+		const resetToken = db
+			.prepare(
+				`
+				SELECT prt.*, u.username, u.name
+				FROM password_reset_tokens prt
+				JOIN users u ON prt.user_id = u.id
+				WHERE prt.token = ? AND prt.used = 0 AND prt.expires_at > datetime('now')
+			`
+			)
+			.get(token);
+
+		if (!resetToken) {
+			return NextResponse.json(
+				{ error: "Invalid or expired token" },
+				{ status: 400 }
+			);
+		}
+
+		return NextResponse.json({
+			valid: true,
+			username: resetToken.username,
+			name: resetToken.name,
+		});
+	} catch (error) {
+		console.error("Token verification error:", error);
+		return NextResponse.json(
+			{ error: "Internal server error" },
+			{ status: 500 }
+		);
+	}
+}