Merge remote-tracking branch 'origin/master'

2026-02-20 15:58:47 +03:00
parent 4ca8abb52f
commit 47ca23f970
5 changed files with 29 additions and 13 deletions
--- a/svc/routes/password_reset_validate.go
+++ b/svc/routes/password_reset_validate.go
@@ -1,9 +1,8 @@
 package routes

 import (
-	"crypto/sha256"
+	"bssapp-backend/internal/security"
 	"database/sql"
-	"encoding/hex"
 	"net/http"
 	"time"

@@ -21,8 +20,7 @@ func ValidatePasswordResetTokenHandler(db *sql.DB) http.HandlerFunc {
 		}

 		// 🔐 plain token -> hash
-		h := sha256.Sum256([]byte(token))
-		tokenHash := hex.EncodeToString(h[:])
+		tokenHash := security.HashToken(token)

 		var (
 			userID    int64
@@ -31,8 +29,8 @@ func ValidatePasswordResetTokenHandler(db *sql.DB) http.HandlerFunc {
 		)

 		err := db.QueryRow(`
-			SELECT user_id, expires_at, used_at
-			FROM password_reset_tokens
+			SELECT dfusr_id, expires_at, used_at
+			FROM dfusr_password_reset
 			WHERE token_hash = $1
 			LIMIT 1
 		`, tokenHash).Scan(&userID, &expiresAt, &usedAt)