Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
import nextConnect from 'next-connect';
import formidable from 'formidable';
import { v2 as cloudinary } from 'cloudinary';
import middleware from '../../../middlewares/middleware';
const handler = nextConnect();
handler.use(middleware);
handler.put((req, res) => {
if (!req.user) return res.status(401).send('You need to be logged in.');
const form = new formidable.IncomingForm();
return form.parse(req, (err, fields, files) => cloudinary.uploader
.upload(files.profilePicture.path, {
width: 512,
height: 512,
crop: 'fill',
})
.then(image => req.db
.collection('users')
.updateOne(
{ _id: req.user._id },
import nextConnect from 'next-connect';
import database from '../../../../../middlewares/database';
const handler = nextConnect();
handler.use(database);
handler.get(async (req, res) => {
const { token } = req.query;
const { value: tokenDoc } = await req.db
.collection('tokens')
.findOneAndDelete({ token, type: 'emailVerify' });
if (!tokenDoc) return res.status(401).send('This link may have been expired.');
await req.db
.collection('users')
.updateOne({ _id: tokenDoc.userId }, { $set: { emailVerified: true } });
return res.send(
import nextConnect from 'next-connect';
import middleware from '../../middlewares/middleware';
const handler = nextConnect();
handler.use(middleware);
handler.get((req, res) => {
if (req.user) {
const {
name, email, bio, profilePicture, emailVerified,
} = req.user;
return res.status(200).send({
status: 'ok',
data: {
isLoggedIn: true,
user: {
name,
email,
bio,
import crypto from 'crypto';
import sgMail from '@sendgrid/mail';
import nextConnect from 'next-connect';
import middleware from '../../../../../middlewares/middleware';
sgMail.setApiKey(process.env.SENDGRID_API_KEY);
const handler = nextConnect();
handler.use(middleware);
handler.post(async (req, res) => {
if (!req.user) return res.status(401).send('You need to be logged in.');
const token = crypto.randomBytes(32).toString('hex');
await req.db.collection('tokens').insertOne({
token,
userId: req.user._id,
type: 'emailVerify',
expireAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
});
const msg = {
to: req.user.email,
from: process.env.EMAIL_FROM,
templateId: process.env.SENDGRID_TEMPLATEID_EMAILVERIFY,
import nextConnect from 'next-connect';
import bcrypt from 'bcryptjs';
import middleware from '../../../../middlewares/middleware';
const handler = nextConnect();
handler.use(middleware);
handler.put(async (req, res) => {
if (!req.user) return res.status(401).send('You need to be logged in.');
const { oldPassword, newPassword } = req.body;
if (!(await bcrypt.compare(oldPassword, req.user.password))) {
return res.status(401).json({
status: 'error',
message: 'The password you has entered is incorrect',
});
}
const password = await bcrypt.hash(newPassword);
await req.db
.collection('users')
.updateOne({ _id: req.user._id }, { $set: { password } });
return res.json({ message: 'Your password has been updated.' });
import sgMail from '@sendgrid/mail';
import crypto from 'crypto';
import nextConnect from 'next-connect';
import database from '../../../../../middlewares/database';
sgMail.setApiKey(process.env.SENDGRID_API_KEY);
const handler = nextConnect();
handler.use(database);
handler.post(async (req, res) => {
const user = await req.db
.collection('users')
.findOne({ email: req.body.email });
if (!user) {
return res.status(200).json({
status: 'error',
message:
'This email is not associated with any account or has not been verified.',
});
}
import nextConnect from 'next-connect';
import isEmail from 'validator/lib/isEmail';
import bcrypt from 'bcryptjs';
import middleware from '../../middlewares/middleware';
const handler = nextConnect();
handler.use(middleware);
handler.post(async (req, res) => {
const { email, name, password } = req.body;
if (!isEmail(email)) {
return res.send({
status: 'error',
message: 'The email you entered is invalid.',
});
}
return req.db
.collection('users')
.countDocuments({ email })
.then((count) => {
import nextConnect from 'next-connect';
import database from './database';
import session from './session';
import passport from '../lib/passport';
const middleware = nextConnect();
middleware.use(database);
middleware.use(session);
middleware.use(passport.initialize());
middleware.use(passport.session());
export default middleware;
import nextConnect from 'next-connect';
import middleware from '../../middlewares/middleware';
import passport from '../../lib/passport';
const handler = nextConnect();
handler.use(middleware);
handler.post(passport.authenticate('local', {
failureRedirect: '/login?fail=1',
successRedirect: '/',
}));
export default handler;
import nextConnect from 'next-connect';
import middleware from '../../../middlewares/middleware';
const handler = nextConnect();
handler.use(middleware);
handler.patch((req, res) => {
if (!req.user) return res.status(401).send('You need to be logged in.');
const { name, bio } = req.body;
return req.db
.collection('users')
.updateOne({ _id: req.user._id }, { $set: { name, bio } })
.then(() => res.json({
message: 'Profile updated successfully',
data: { name, bio },
}))
.catch(error => res.send({
status: 'error',
message: error.toString(),