resetPasswordWithCode static method
Verify reset code and change password
Implementation
static Future<bool> resetPasswordWithCode({
required String email,
required String code,
required String newPassword,
}) async {
await Auth.ensureFrameworkTablesExist();
if (newPassword.length < Auth.config.passwordMinLength) {
throw AuthException(
'Password must be at least ${Auth.config.passwordMinLength} characters.');
}
final codeHash = Hashing().hash(code);
// Look for valid code
final record = await QueryBuilder(table: 'password_reset_tokens')
.where('email', '=', email)
.where('token', '=', codeHash)
.where('expires_at', '>', DateTime.now().toIso8601String())
.first();
if (record == null) {
print('❌ Invalid or expired password reset code for $email');
throw AuthException('Invalid or expired reset code.');
}
// Hash new password
final newHashedPassword = Hashing().hash(newPassword);
// Update user password
await QueryBuilder(table: Auth.config.table)
.where(Auth.config.emailColumn, '=', email)
.update({
Auth.config.passwordColumn: newHashedPassword,
'updated_at': DateTime.now().toIso8601String(),
});
// 🧹 Remove used reset token
await QueryBuilder(table: 'password_reset_tokens')
.where('email', '=', email)
.delete();
print('✅ Password successfully reset for $email');
return true;
}