47 lines
1.1 KiB
JavaScript
47 lines
1.1 KiB
JavaScript
import { NextResponse } from "next/server";
|
|
import { z } from "zod";
|
|
|
|
const verifySchema = z.object({
|
|
token: z.string().min(1, "Token is required"),
|
|
});
|
|
|
|
export async function POST(request) {
|
|
try {
|
|
const body = await request.json();
|
|
const { token } = verifySchema.parse(body);
|
|
|
|
// Import database here to avoid edge runtime issues
|
|
const { default: db } = await import("@/lib/db.js");
|
|
|
|
// Check if token exists and is valid
|
|
const resetToken = db
|
|
.prepare(
|
|
`
|
|
SELECT prt.*, u.username, u.name
|
|
FROM password_reset_tokens prt
|
|
JOIN users u ON prt.user_id = u.id
|
|
WHERE prt.token = ? AND prt.used = 0 AND prt.expires_at > datetime('now')
|
|
`
|
|
)
|
|
.get(token);
|
|
|
|
if (!resetToken) {
|
|
return NextResponse.json(
|
|
{ error: "Invalid or expired token" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
return NextResponse.json({
|
|
valid: true,
|
|
username: resetToken.username,
|
|
name: resetToken.name,
|
|
});
|
|
} catch (error) {
|
|
console.error("Token verification error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
} |