SQUASH: I think I got it working

server/auth/password-recover.js

@@ -25,13 +25,13 @@ const route = async (req, res) => {
 	}
 
 	//save the token
-	recovery.upsert({
+	await recovery.upsert({
 		email: req.body.email,
 		token: token
 	});
 
 	//finally
-	res.status(200).send("Validation email sent!");
+	res.status(200).send("Recovery email sent!");
 	return null;
 };
 
@@ -57,7 +57,7 @@ const validateDetails = async (body) => {
 };
 
 const sendRecoveryEmail = async (email, token) => {
-	const addr = `${process.env.WEB_PROTOCOL}://${process.env.WEB_ADDRESS}/auth/validation?token=${token}`;
+	const addr = `${process.env.WEB_PROTOCOL}://${process.env.WEB_ADDRESS}/auth/reset?token=${token}`;
 	const msg = `Hello,
 
 Please visit the following link to reset your password: ${addr}

server/auth/password-redirect.js

@@ -3,8 +3,10 @@ const { accounts, recovery } = require('../database/models');
 //auth/reset
 const route = async (req, res) => {
 	//verify the recovery record exists
-	const record = recovery.findOne({
+	const record = await recovery.findOne({
-		token: req.query.token
+		where: {
+			token: req.query.token
+		}
 	});
 
 	if (!record) {
@@ -12,7 +14,7 @@ const route = async (req, res) => {
 	}
 
 	//redirect to the front-end
-	res.redirect(`${process.env.WEB_PROTOCOL}${process.env.WEB_RESET_ADDRESS}?email=${record.email}&token=${record.token}`);
+	res.redirect(`${process.env.WEB_PROTOCOL}://${process.env.WEB_RESET_ADDRESS}?email=${record.email}&token=${record.token}`);
 	return null;
 };
 

server/auth/password-reset.js

@@ -15,7 +15,7 @@ const route = async (req, res) => {
 	const hash = await bcrypt.hash(req.body.password, await bcrypt.genSalt(11));
 
 	//update the account data
-	accounts.update({
+	await accounts.update({
 		hash: hash
 	}, {
 		where: {
@@ -24,20 +24,23 @@ const route = async (req, res) => {
 	})
 
 	//delete from the recovery table
-	recovery.destroy({
+	await recovery.destroy({
 		where: {
 			email: req.query.email
 		}
 	});
 
+	res.status(200).end();
 	return null;
 };
 
 const validateDetails = async (query, body) => {
 	//verify the recovery record exists
-	const record = recovery.findOne({
+	const record = await recovery.findOne({
-		email: query.email,
+		where: {
-		token: query.token
+			email: query.email,
+			token: query.token
+		}
 	});
 
 	if (!record) {
@@ -56,4 +59,4 @@ const validateDetails = async (query, body) => {
 	return null;
 };
 
-module.exports = route;
+module.exports = route;

server/server.js

@@ -1,32 +1,32 @@
-//environment variables
+//environment variables
-require('dotenv').config();
+require('dotenv').config();
-
+
-//create the server
+//create the server
-const express = require('express');
+const express = require('express');
-const app = express();
+const app = express();
-const server = require('http').Server(app);
+const server = require('http').Server(app);
-const cors = require('cors');
+const cors = require('cors');
-
+
-//config
+//config
-app.use(express.json());
+app.use(express.json());
-app.use(cors());
+app.use(cors());
-
+
-//database connection
+//database connection
-const database = require('./database');
+const database = require('./database');
-
+
-//access the admin
+//access the admin
-app.use('/admin', require('./admin'));
+app.use('/admin', require('./admin'));
-
+
-//access the auth
+//access the auth
-app.use('/auth', require('./auth'));
+app.use('/auth', require('./auth'));
-
+
-//error on access
+//error on access
-app.get('*', (req, res) => {
+app.get('*', (req, res) => {
-	res.redirect('https://github.com/krgamestudios/auth-server');
+	res.redirect('https://github.com/krgamestudios/auth-server');
-});
+});
-
+
-//startup
+//startup
-server.listen(process.env.WEB_PORT || 3200, async (err) => {
+server.listen(process.env.WEB_PORT || 3200, async (err) => {
-	await database.sync();
+	await database.sync();
-	console.log(`listening to localhost:${process.env.WEB_PORT || 3200}`);
+	console.log(`listening to localhost:${process.env.WEB_PORT || 3200}`);
-});
+});