Remove tokens on successful password reset

2023-06-05 17:15:41 +00:00
parent 3a0648c85d
commit 79bd410687
1 changed files with 2 additions and 2 deletions
--- a/apps/web/pages/api/auth/reset-password.ts
+++ b/apps/web/pages/api/auth/reset-password.ts
@@ -48,9 +48,9 @@ async function postHandler(req: NextApiRequest, res: NextApiResponse) {
        password: hashedPassword,
      },
    }),
-    prisma.passwordResetToken.delete({
+    prisma.passwordResetToken.deleteMany({
      where: {
-        token,
+        userId: foundToken.userId,
      },
    }),
  ]);