From e9cee23c15d509d2562748b1b40b7db445004a46 Mon Sep 17 00:00:00 2001
From: Ephraim Atta-Duncan <ephraimduncan68@gmail.com>
Date: Mon, 5 Jun 2023 15:52:00 +0000
Subject: [PATCH] Error handling for invalid users

---
 apps/web/components/forgot-password.tsx    | 19 +++++++++++++++++++
 apps/web/pages/api/auth/forgot-password.ts | 21 ++++++++++++++-------
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/apps/web/components/forgot-password.tsx b/apps/web/components/forgot-password.tsx
index bb55bfb66..40d0af98a 100644
--- a/apps/web/components/forgot-password.tsx
+++ b/apps/web/components/forgot-password.tsx
@@ -29,9 +29,28 @@ export default function ForgotPassword() {
         loading: "Sending...",
         success: `Reset link sent. `,
         error: "Could not send reset link :/",
+      },
+      {
+        style: {
+          minWidth: "200px",
+        },
       }
     );
 
+    if (!response.ok) {
+      toast.dismiss();
+
+      if (response.status == 400 || response.status == 404) {
+        toast.error("Email address not found.");
+      }
+
+      if (response.status == 500) {
+        toast.error("Something went wrong.");
+      }
+
+      return;
+    }
+
     if (response.ok) {
       setResetSuccessful(true);
     }
diff --git a/apps/web/pages/api/auth/forgot-password.ts b/apps/web/pages/api/auth/forgot-password.ts
index e30eeed36..058a2d3b6 100644
--- a/apps/web/pages/api/auth/forgot-password.ts
+++ b/apps/web/pages/api/auth/forgot-password.ts
@@ -20,16 +20,23 @@ async function postHandler(req: NextApiRequest, res: NextApiResponse) {
   });
 
   if (!user) {
-    return res.status(400).json({ message: "No user found with this email." });
+    return res.status(404).json({ message: "No user found with this email." });
   }
 
   const token = crypto.randomBytes(64).toString("hex");
-  const passwordResetToken = await prisma.passwordResetToken.create({
-    data: {
-      token,
-      userId: user.id,
-    },
-  });
+
+  let passwordResetToken;
+
+  try {
+    passwordResetToken = await prisma.passwordResetToken.create({
+      data: {
+        token,
+        userId: user.id,
+      },
+    });
+  } catch (error) {
+    return res.status(500).json({ message: "Error saving token." });
+  }
 
   await sendResetPassword(user, passwordResetToken.token);