ilk

svc/routes/password_reset_validate.go

@@ -0,0 +1,63 @@
+package routes
+
+import (
+	"crypto/sha256"
+	"database/sql"
+	"encoding/hex"
+	"net/http"
+	"time"
+
+	"github.com/gorilla/mux"
+)
+
+// GET /api/password/reset/validate/{token}
+func ValidatePasswordResetTokenHandler(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		token := mux.Vars(r)["token"]
+		if token == "" {
+			http.NotFound(w, r)
+			return
+		}
+
+		// 🔐 plain token -> hash
+		h := sha256.Sum256([]byte(token))
+		tokenHash := hex.EncodeToString(h[:])
+
+		var (
+			userID    int64
+			expiresAt time.Time
+			usedAt    sql.NullTime
+		)
+
+		err := db.QueryRow(`
+			SELECT user_id, expires_at, used_at
+			FROM password_reset_tokens
+			WHERE token_hash = $1
+			LIMIT 1
+		`, tokenHash).Scan(&userID, &expiresAt, &usedAt)
+
+		if err != nil {
+			// ❗ bilgi sızdırma yok
+			http.NotFound(w, r)
+			return
+		}
+
+		// ⏰ Süre kontrolü
+		if time.Now().After(expiresAt) {
+			http.NotFound(w, r)
+			return
+		}
+
+		// 🔁 Tek kullanımlık
+		if usedAt.Valid {
+			http.Error(w, "token already used", http.StatusGone)
+			return
+		}
+
+		// ✅ TOKEN GEÇERLİ
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte(`{"valid":true}`))
+	}
+}