bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): replace hardcoded product ID lists with dynamic getAllProducts() in reset-password and verify-email

Browse Source
This commit is contained in:
saravanakumardb1 2026-03-01 17:43:32 -08:00
parent bd7e78641e
commit 2f199cb67a
1 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
services/platform-service/src/modules/auth/routes.ts
View File

@ -30,7 +30,7 @@
import type { FastifyInstance } from 'fastify';
import { BadRequestError, ForbiddenError, UnauthorizedError } from '../../lib/errors.js';
import { bus } from '../../lib/event-bus.js';
import { getProduct } from '../products/cache.js';
import { getProduct, getAllProducts } from '../products/cache.js';
import * as subscriptionRepo from '../subscriptions/repository.js';
import * as licenseRepo from '../licenses/repository.js';
import * as repo from './repository.js';
@ -548,12 +548,12 @@ export async function authRoutes(app: FastifyInstance) {
const { token, newPassword } = parsed.data;
const tokenHash = repo.hashToken(token);
// Search across all products — token hash is unique
// We'll try the common product IDs
let resetDoc = await repo.findResetToken(tokenHash, 'lysnrai');
if (!resetDoc) resetDoc = await repo.findResetToken(tokenHash, 'chronomind');
if (!resetDoc) resetDoc = await repo.findResetToken(tokenHash, 'nomgap');
if (!resetDoc) resetDoc = await repo.findResetToken(tokenHash, 'mindlyst');
// Search across all registered products — token hash is unique
let resetDoc = null;
for (const p of getAllProducts()) {
resetDoc = await repo.findResetToken(tokenHash, p.id);
if (resetDoc) break;
}
if (!resetDoc) {
throw new BadRequestError('Invalid or expired reset token');
@ -588,10 +588,11 @@ export async function authRoutes(app: FastifyInstance) {
}
const tokenHash = repo.hashToken(parsed.data.token);
let verifyDoc = await repo.findEmailVerification(tokenHash, 'lysnrai');
if (!verifyDoc) verifyDoc = await repo.findEmailVerification(tokenHash, 'chronomind');
if (!verifyDoc) verifyDoc = await repo.findEmailVerification(tokenHash, 'nomgap');
if (!verifyDoc) verifyDoc = await repo.findEmailVerification(tokenHash, 'mindlyst');
let verifyDoc = null;
for (const p of getAllProducts()) {
verifyDoc = await repo.findEmailVerification(tokenHash, p.id);
if (verifyDoc) break;
}
if (!verifyDoc) {
throw new BadRequestError('Invalid or expired verification token');