2026-04-15 19:04:27 +05:00
|
|
|
|
import type { APIRoute } from 'astro';
|
2026-04-27 21:29:12 +05:00
|
|
|
|
|
2026-05-04 03:10:06 +05:00
|
|
|
|
const PB_POCKETBASE_URL = import.meta.env.PB_POCKETBASE_URL || 'http://127.0.0.1:8090';
|
2026-04-15 19:04:27 +05:00
|
|
|
|
|
|
|
|
|
|
export const POST: APIRoute = async ({ request }) => {
|
|
|
|
|
|
try {
|
|
|
|
|
|
const data = await request.json();
|
|
|
|
|
|
const { token, userId, password } = data;
|
|
|
|
|
|
|
|
|
|
|
|
if (!token || !userId || !password) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Отсутствуют параметры'
|
|
|
|
|
|
}), { status: 400 });
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
const decoded = Buffer.from(token, 'base64').toString('utf8');
|
|
|
|
|
|
const [tokenUserId, timestamp] = decoded.split(':');
|
|
|
|
|
|
|
|
|
|
|
|
if (tokenUserId !== userId) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Неверный токен'
|
|
|
|
|
|
}), { status: 400 });
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
const tokenTime = parseInt(timestamp);
|
|
|
|
|
|
const now = Date.now();
|
|
|
|
|
|
const maxAge = 60 * 60 * 1000;
|
|
|
|
|
|
|
|
|
|
|
|
if (now - tokenTime > maxAge) {
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Срок действия ссылки истёк'
|
|
|
|
|
|
}), { status: 400 });
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2026-05-04 03:10:06 +05:00
|
|
|
|
const response = await fetch(`${PB_POCKETBASE_URL}/api/collections/users/confirm-password-reset`, {
|
2026-04-15 19:04:27 +05:00
|
|
|
|
method: 'POST',
|
|
|
|
|
|
headers: { 'Content-Type': 'application/json' },
|
|
|
|
|
|
body: JSON.stringify({
|
2026-04-27 21:29:12 +05:00
|
|
|
|
token: token,
|
2026-04-15 19:04:27 +05:00
|
|
|
|
password: password,
|
|
|
|
|
|
passwordConfirm: password,
|
|
|
|
|
|
}),
|
|
|
|
|
|
});
|
|
|
|
|
|
|
2026-04-27 21:29:12 +05:00
|
|
|
|
if (!response.ok) {
|
|
|
|
|
|
const err = await response.json();
|
|
|
|
|
|
console.error('Reset password error:', err);
|
2026-04-15 19:04:27 +05:00
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
2026-04-27 21:29:12 +05:00
|
|
|
|
error: 'Не удалось сбросить пароль'
|
2026-04-15 19:04:27 +05:00
|
|
|
|
}), { status: 400 });
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: true,
|
|
|
|
|
|
message: 'Пароль успешно изменён'
|
|
|
|
|
|
}), { status: 200 });
|
|
|
|
|
|
|
|
|
|
|
|
} catch (error: any) {
|
|
|
|
|
|
console.error('Reset password error:', error);
|
|
|
|
|
|
|
|
|
|
|
|
return new Response(JSON.stringify({
|
|
|
|
|
|
success: false,
|
|
|
|
|
|
error: 'Ошибка при сбросе пароля'
|
|
|
|
|
|
}), { status: 400 });
|
|
|
|
|
|
}
|
|
|
|
|
|
};
|
