get token from request body in case of put method

packages/app/src/components/PasswordResetExecutionForm.jsx

@@ -35,7 +35,7 @@ const PasswordResetExecutionForm = (props) => {
 
     try {
       // get endpoint by /forgot-password/${token} or window.location.pathname
-      await appContainer.apiv3Put(`/forgot-password/${token}`, {
+      await appContainer.apiv3Put('/forgot-password', {
         token, newPassword, newPasswordConfirm,
       });
 

packages/app/src/server/middlewares/inject-reset-order-by-token-middleware.js

@@ -3,10 +3,8 @@ const createError = require('http-errors');
 module.exports = (crowi, app) => {
   const PasswordResetOrder = crowi.model('PasswordResetOrder');
 
-  // need refuctoring with http-error by GW-7091
-
   return async(req, res, next) => {
-    const { token } = req.params;
+    const token = req.params.token || req.body.token;
 
     if (token == null) {
       res.redirect('/login');

packages/app/src/server/routes/apiv3/forgot-password.js

@@ -79,7 +79,7 @@ module.exports = (crowi) => {
     }
   });
 
-  router.put('/:token', apiLimiter, csrf, injectResetOrderByTokenMiddleware, validator.password, apiV3FormValidator, async(req, res) => {
+  router.put('/', apiLimiter, csrf, injectResetOrderByTokenMiddleware, validator.password, apiV3FormValidator, async(req, res) => {
     const passwordResetOrder = req.passwordResetOrder;
     const { email } = passwordResetOrder;
     const grobalLang = configManager.getConfig('crowi', 'app:globalLang');