inserting req error

packages/app/src/server/middlewares/inject-reset-order-by-token-middleware.js

@@ -8,18 +8,14 @@ module.exports = (crowi, app) => {
     const token = req.params.token || req.body.token;
 
     if (token == null) {
-      return next(createError(400, 'Token not found'));
+      req.error = 'Token not found';
     }
 
     const passwordResetOrder = await PasswordResetOrder.findOne({ token });
 
     // check if the token is valid
     if (passwordResetOrder == null || passwordResetOrder.isExpired() || passwordResetOrder.isRevoked) {
-      console.log('bbb');
-      const err = 'passwordResetOrder is null or expired or revoked';
-      // req.err = err;
-      forgotPassword.error(err);
-      return next(createError(400, err));
+      req.error = 'Token not found';
     }
 
     req.passwordResetOrder = passwordResetOrder;

packages/app/src/server/routes/apiv3/forgot-password.js

@@ -80,6 +80,16 @@ module.exports = (crowi) => {
   });
 
   router.put('/', apiLimiter, csrf, injectResetOrderByTokenMiddleware, validator.password, apiV3FormValidator, async(req, res) => {
+    if (req.error != null) {
+      if (req.error === 'Token not found') {
+        return res.json({ status: 404, error: req.error });
+      }
+
+      if (req.error === 'passwordResetOrder is null or expired or revoked') {
+        return res.json({ status: 400, error: req.error });
+      }
+    }
+
     const passwordResetOrder = req.passwordResetOrder;
     const { email } = passwordResetOrder;
     const grobalLang = configManager.getConfig('crowi', 'app:globalLang');