password reset
This commit is contained in:
jackiettran
@@ -33,6 +33,14 @@ const authenticateToken = async (req, res, next) => {
|
||||
});
|
||||
}
|
||||
|
||||
// Validate JWT version to invalidate old tokens after password change
|
||||
if (decoded.jwtVersion !== user.jwtVersion) {
|
||||
return res.status(401).json({
|
||||
error: "Session expired due to password change. Please log in again.",
|
||||
code: "JWT_VERSION_MISMATCH",
|
||||
});
|
||||
}
|
||||
|
||||
req.user = user;
|
||||
next();
|
||||
} catch (error) {
|
||||
@@ -85,6 +93,12 @@ const optionalAuth = async (req, res, next) => {
|
||||
return next();
|
||||
}
|
||||
|
||||
// Validate JWT version to invalidate old tokens after password change
|
||||
if (decoded.jwtVersion !== user.jwtVersion) {
|
||||
req.user = null;
|
||||
return next();
|
||||
}
|
||||
|
||||
req.user = user;
|
||||
next();
|
||||
} catch (error) {
|
||||
|
||||
@@ -260,6 +260,56 @@ const validatePasswordChange = [
|
||||
handleValidationErrors,
|
||||
];
|
||||
|
||||
// Forgot password validation
|
||||
const validateForgotPassword = [
|
||||
body("email")
|
||||
.isEmail()
|
||||
.normalizeEmail()
|
||||
.withMessage("Please provide a valid email address")
|
||||
.isLength({ max: 255 })
|
||||
.withMessage("Email must be less than 255 characters"),
|
||||
|
||||
handleValidationErrors,
|
||||
];
|
||||
|
||||
// Reset password validation
|
||||
const validateResetPassword = [
|
||||
body("token")
|
||||
.notEmpty()
|
||||
.withMessage("Reset token is required")
|
||||
.isLength({ min: 64, max: 64 })
|
||||
.withMessage("Invalid reset token format"),
|
||||
|
||||
body("newPassword")
|
||||
.isLength({ min: 8, max: 128 })
|
||||
.withMessage("Password must be between 8 and 128 characters")
|
||||
.matches(passwordStrengthRegex)
|
||||
.withMessage(
|
||||
"Password must contain at least one uppercase letter, one lowercase letter, one number, and one special character"
|
||||
)
|
||||
.custom((value) => {
|
||||
if (commonPasswords.includes(value.toLowerCase())) {
|
||||
throw new Error(
|
||||
"Password is too common. Please choose a stronger password"
|
||||
);
|
||||
}
|
||||
return true;
|
||||
}),
|
||||
|
||||
handleValidationErrors,
|
||||
];
|
||||
|
||||
// Verify reset token validation
|
||||
const validateVerifyResetToken = [
|
||||
body("token")
|
||||
.notEmpty()
|
||||
.withMessage("Reset token is required")
|
||||
.isLength({ min: 64, max: 64 })
|
||||
.withMessage("Invalid reset token format"),
|
||||
|
||||
handleValidationErrors,
|
||||
];
|
||||
|
||||
module.exports = {
|
||||
sanitizeInput,
|
||||
handleValidationErrors,
|
||||
@@ -268,4 +318,7 @@ module.exports = {
|
||||
validateGoogleAuth,
|
||||
validateProfileUpdate,
|
||||
validatePasswordChange,
|
||||
validateForgotPassword,
|
||||
validateResetPassword,
|
||||
validateVerifyResetToken,
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user