From cd2f570a9cd1b2f4f7ff72ba484d9ce65d074da0 Mon Sep 17 00:00:00 2001
From: tedraykov <tedraykov@gmail.com>
Date: Mon, 15 May 2023 19:56:13 +0300
Subject: [PATCH] feat: support dynamic password reset url

Signed-off-by: tedraykov <tedraykov@gmail.com>
---
 .changeset/hip-owls-hug.md                                   | 5 +++++
 packages/api-plugin-authentication/src/config.js             | 1 +
 packages/api-plugin-authentication/src/util/accountServer.js | 4 ++--
 3 files changed, 8 insertions(+), 2 deletions(-)
 create mode 100644 .changeset/hip-owls-hug.md

diff --git a/.changeset/hip-owls-hug.md b/.changeset/hip-owls-hug.md
new file mode 100644
index 00000000000..0e2d3b76be8
--- /dev/null
+++ b/.changeset/hip-owls-hug.md
@@ -0,0 +1,5 @@
+---
+"@reactioncommerce/api-plugin-authentication": minor
+---
+
+Allow dynamic password reset URL in the email
diff --git a/packages/api-plugin-authentication/src/config.js b/packages/api-plugin-authentication/src/config.js
index 6062fa57f68..5390814196a 100644
--- a/packages/api-plugin-authentication/src/config.js
+++ b/packages/api-plugin-authentication/src/config.js
@@ -5,6 +5,7 @@ const { str } = envalid;
 export default envalid.cleanEnv(
   process.env,
   {
+    PASSWORD_RESET_PATH_FRAGMENT: str({ default: "?resetToken=" }),
     STORE_URL: str({ devDefault: "http://localhost:4000" }),
     TOKEN_SECRET: str({ default: "UPDATE_THIS_SECRET" })
   },
diff --git a/packages/api-plugin-authentication/src/util/accountServer.js b/packages/api-plugin-authentication/src/util/accountServer.js
index 628b191272f..d22bce2ab47 100644
--- a/packages/api-plugin-authentication/src/util/accountServer.js
+++ b/packages/api-plugin-authentication/src/util/accountServer.js
@@ -14,7 +14,7 @@ export default async (app) => {
   if (accountsServer && accountsGraphQL) {
     return { accountsServer, accountsGraphQL };
   }
-  const { MONGO_URL, STORE_URL, TOKEN_SECRET } = config;
+  const { MONGO_URL, PASSWORD_RESET_PATH_FRAGMENT, STORE_URL, TOKEN_SECRET } = config;
   const { context } = app;
 
   const client = await mongoConnectWithRetry(MONGO_URL);
@@ -38,7 +38,7 @@ export default async (app) => {
       sendMail: async ({ to, text }) => {
         const query = text.split("/");
         const token = query[query.length - 1];
-        const url = `${STORE_URL}/?resetToken=${token}`;
+        const url = `${STORE_URL}/${PASSWORD_RESET_PATH_FRAGMENT}${token}`;
         await context.mutations.sendResetAccountPasswordEmail(context, {
           email: to,
           url