From 231f258d50acbe52ac6f0730181eaa527ffdae3f Mon Sep 17 00:00:00 2001 From: Pranav Ramesh Date: Wed, 18 Sep 2024 01:35:20 -0400 Subject: [PATCH] feat: update password reset --- src/middleware.js | 42 ++++++++++++++++++++++++++--------- src/pages/forgot-password.jsx | 3 ++- src/utils/request.js | 5 ++--- 3 files changed, 35 insertions(+), 15 deletions(-) diff --git a/src/middleware.js b/src/middleware.js index 3ec3f65f..241bb6dd 100644 --- a/src/middleware.js +++ b/src/middleware.js @@ -1,20 +1,40 @@ import { NextResponse } from 'next/server' export function middleware(req) { - const { pathname } = req.nextUrl; + const { pathname } = req.nextUrl; - if ( - pathname.startsWith("/api") || // exclude all API routes - pathname.startsWith("/static") || // exclude static files - pathname.includes(".") // exclude all files in the public folder - ) - return NextResponse.next(); + // Exclude API routes and static files + if ( + pathname.startsWith("/api") || // Exclude all API routes + pathname.startsWith("/static") || // Exclude static files + pathname.includes(".") // Exclude all files in the public folder + ) { + return NextResponse.next(); + } - const idToken = req.cookies.get('idToken'); + // List of paths that don't require authentication + const publicPaths = [ + '/login', + '/careers', + '/register', + '/onboarding', + '/forgot-password', + '/education', + '/userrs', + '/privacy-policy', + '/404', + '/terms-of-service', + '/learn', + ]; - // ensure token is valid - // basic request to server to ensure that the token is valid + // Allow access to public paths, even with query parameters + if (publicPaths.some((path) => pathname.startsWith(path))) { + return NextResponse.next(); + } + + const idToken = req.cookies.get('idToken'); + // Redirect to login if token is missing or invalid if (!idToken) { const url = req.nextUrl.clone(); url.pathname = '/login'; @@ -25,5 +45,5 @@ export function middleware(req) { } export const config = { - matcher: ['/((?!_next/static|favicon.ico|login|careers|register|onboarding|forgot-password|education|userrs|privacy-policy|404|terms-of-service|learn|$).*)'], + matcher: '/:path*', } diff --git a/src/pages/forgot-password.jsx b/src/pages/forgot-password.jsx index 62ef07b0..a373d049 100644 --- a/src/pages/forgot-password.jsx +++ b/src/pages/forgot-password.jsx @@ -32,7 +32,7 @@ export default function Forgot() { const data = await response.json(); if(data.success) { - toast.success("Email was send to", email); + toast.success("Password reset email has been sent. It should arrive within a few minutes."); } else { toast.error("Email failed to send try again later"); } @@ -104,6 +104,7 @@ export default function Forgot() { if(data.success) { toast.success("Password has been reset"); + router.push("/login"); } else { toast.error("Unable to reset the password, try again later"); } diff --git a/src/utils/request.js b/src/utils/request.js index 8ef50faf..d28b9101 100644 --- a/src/utils/request.js +++ b/src/utils/request.js @@ -1,4 +1,3 @@ - const request = async (url, req_method, body) => { try { let method = req_method.toUpperCase(); @@ -20,7 +19,7 @@ const request = async (url, req_method, body) => { const pathNames = ["/", "/login", "/careers", "/register", "/onboarding", "/forgot-password", "/education", "/userrs", "/privacy-policy","/404", "/terms-of-service", "/learn"]; - if(!pathNames.includes(path)) window.location.href = "/login"; + if(!pathNames.includes(path) && !path.startsWith("/forgot-password")) window.location.href = "/login"; return null; } @@ -43,7 +42,7 @@ const request = async (url, req_method, body) => { const pathNames = ["/", "/login", "/careers", "/register", "/onboarding", "/forgot-password", "/education", "/userrs", "/privacy-policy","/404", "/terms-of-service", "/learn"]; - if(!pathNames.includes(path)) window.location.href = "/login"; + if(!pathNames.includes(path) && !path.startsWith("/forgot-password")) window.location.href = "/login"; return null; }