|
|
@@ -7,24 +7,17 @@ module.exports = (crowi, app) => {
|
|
|
|
|
|
return async(req, res, next) => {
|
|
|
const { token } = req.params;
|
|
|
- // if (token == null) {
|
|
|
- // return res.redirect('/login');
|
|
|
- // }
|
|
|
|
|
|
if (token == null) {
|
|
|
+ res.redirect('/login');
|
|
|
return next(createError(400, 'Token not found'));
|
|
|
}
|
|
|
|
|
|
const passwordResetOrder = await PasswordResetOrder.findOne({ token });
|
|
|
- // console.log('passwordResetOrder.isRevoked1', passwordResetOrder.isRevoked);
|
|
|
|
|
|
- // if (passwordResetOrder == null || passwordResetOrder.isExpired() || passwordResetOrder.isRevoked) {
|
|
|
- // console.log('passwordResetOrder.isRevoked2', passwordResetOrder.isRevoked);
|
|
|
- // return res.redirect('/forgot-password/error/password-reset-order');
|
|
|
- // }
|
|
|
-
|
|
|
- // check the oneTimeToken is valid
|
|
|
+ // check if the token is valid
|
|
|
if (passwordResetOrder == null || passwordResetOrder.isExpired() || passwordResetOrder.isRevoked) {
|
|
|
+ res.redirect('/forgot-password/error/password-reset-order');
|
|
|
return next(createError(400, 'passwordResetOrder is null or expired or revoked'));
|
|
|
}
|
|
|
|
kaori