|
|
@@ -187,18 +187,24 @@ async def forgot_password(request: schemas.ForgotPassword, lang: str = "en"):
|
|
|
return {"message": "Reset instructions sent to your email"}
|
|
|
|
|
|
@router.api_route("/verify-reset-token", methods=["GET", "POST"])
|
|
|
-async def verify_reset_token(
|
|
|
- token: Optional[str] = Query(None),
|
|
|
- data: Optional[schemas.TokenVerify] = Body(None)
|
|
|
-):
|
|
|
- target_token = token
|
|
|
- if data and data.token:
|
|
|
- target_token = data.token
|
|
|
+async def verify_reset_token(request: Request):
|
|
|
+ # Try Query param first (GET or POST)
|
|
|
+ token = request.query_params.get("token")
|
|
|
|
|
|
- if not target_token:
|
|
|
+ # Try Body if POST and token still missing
|
|
|
+ if request.method == "POST":
|
|
|
+ try:
|
|
|
+ body = await request.json()
|
|
|
+ if body and body.get("token"):
|
|
|
+ token = body.get("token")
|
|
|
+ except Exception:
|
|
|
+ # Fallback if body is not JSON or empty
|
|
|
+ pass
|
|
|
+
|
|
|
+ if not token:
|
|
|
raise HTTPException(status_code=400, detail="Token required")
|
|
|
|
|
|
- user_id = token_service.verify_reset_token(target_token)
|
|
|
+ user_id = token_service.verify_reset_token(token)
|
|
|
if not user_id:
|
|
|
raise HTTPException(status_code=400, detail="Invalid or expired reset token")
|
|
|
return {"message": "Token is valid"}
|
unknown