1 let crypto = require('crypto')
2 let XDate = require('xdate')
5 let post_request = await _require('/_lib/post_request.jst')
6 let Problem = await _require('/_lib/Problem.jst')
12 async (email, link_code) => {
13 // coerce and/or validate
14 email = email.slice(0, 256).toLowerCase()
15 link_code = link_code.slice(0, 256).toLowerCase()
16 if (email.length === 0 || link_code.length < 32)
19 'Minimum length check failed',
23 let transaction = await env.site.database.Transaction()
25 let root = await transaction.get({})
26 let accounts = await root.get('accounts', {})
27 let account = await accounts.get(email)
28 if (account === undefined)
30 'Account does not exist',
31 `Please create the account for "${email}" before attempting to verify the password reset link.`
35 let verify_password = await account.get('verify_password')
37 verify_password === undefined ||
38 XDate.now() >= await verify_password.get_json('expires')
42 `Password reset link code for account "${email}" does not exist or has expired.`,
45 if (link_code !== await verify_password.get_json('link_code'))
48 `Provided password reset link code "${link_code}" does not match expected value.`,
52 await account.delete('verify_password')
53 await account.set('password', await verify_password.get('password'))
55 await transaction.commit()
58 transaction.rollback()