fix(core): Use JWT as reset password token (#6714)

* use jwt to reset password

* increase expiration time to 1d

* drop user id query string

* refactor

* use service instead of package in tests

* sqlite migration

* postgres migration

* mysql migration

* remove unused properties

* remove userId from FE

* fix test for users.api

* move migration to the common folder

* move type assertion to the jwt.service

* Add jwt secret as a readonly property

* use signData instead of sign in user.controller

* remove base class

* remove base class

* add tests

packages/editor-ui/src/api/users.ts

@@ -67,14 +67,14 @@ export async function sendForgotPasswordEmail(
 
 export async function validatePasswordToken(
 	context: IRestApiContext,
-	params: { token: string; userId: string },
+	params: { token: string },
 ): Promise<void> {
 	await makeRestApiRequest(context, 'GET', '/resolve-password-token', params);
 }
 
 export async function changePassword(
 	context: IRestApiContext,
-	params: { token: string; password: string; userId: string },
+	params: { token: string; password: string },
 ): Promise<void> {
 	await makeRestApiRequest(context, 'POST', '/change-password', params);
 }

packages/editor-ui/src/stores/users.store.ts

@@ -226,15 +226,11 @@ export const useUsersStore = defineStore(STORES.USERS, {
 			const rootStore = useRootStore();
 			await sendForgotPasswordEmail(rootStore.getRestApiContext, params);
 		},
-		async validatePasswordToken(params: { token: string; userId: string }): Promise<void> {
+		async validatePasswordToken(params: { token: string }): Promise<void> {
 			const rootStore = useRootStore();
 			await validatePasswordToken(rootStore.getRestApiContext, params);
 		},
-		async changePassword(params: {
-			token: string;
-			password: string;
-			userId: string;
-		}): Promise<void> {
+		async changePassword(params: { token: string; password: string }): Promise<void> {
 			const rootStore = useRootStore();
 			await changePassword(rootStore.getRestApiContext, params);
 		},

packages/editor-ui/src/views/ChangePasswordView.vue

@@ -75,23 +75,15 @@ export default defineComponent({
 				},
 			],
 		};
-		const token =
-			!this.$route.query.token || typeof this.$route.query.token !== 'string'
-				? null
-				: this.$route.query.token;
-		const userId =
-			!this.$route.query.userId || typeof this.$route.query.userId !== 'string'
-				? null
-				: this.$route.query.userId;
+
+		const token = this.getResetToken();
+
 		try {
 			if (!token) {
 				throw new Error(this.$locale.baseText('auth.changePassword.missingTokenError'));
 			}
-			if (!userId) {
-				throw new Error(this.$locale.baseText('auth.changePassword.missingUserIdError'));
-			}
 
-			await this.usersStore.validatePasswordToken({ token, userId });
+			await this.usersStore.validatePasswordToken({ token });
 		} catch (e) {
 			this.showMessage({
 				title: this.$locale.baseText('auth.changePassword.tokenValidationError'),
@@ -118,20 +110,18 @@ export default defineComponent({
 				this.password = e.value;
 			}
 		},
+		getResetToken(): string | null {
+			return !this.$route.query.token || typeof this.$route.query.token !== 'string'
+				? null
+				: this.$route.query.token;
+		},
 		async onSubmit() {
 			try {
 				this.loading = true;
-				const token =
-					!this.$route.query.token || typeof this.$route.query.token !== 'string'
-						? null
-						: this.$route.query.token;
-				const userId =
-					!this.$route.query.userId || typeof this.$route.query.userId !== 'string'
-						? null
-						: this.$route.query.userId;
+				const token = this.getResetToken();
 
-				if (token && userId) {
-					await this.usersStore.changePassword({ token, userId, password: this.password });
+				if (token) {
+					await this.usersStore.changePassword({ token, password: this.password });
 
 					this.showMessage({
 						type: 'success',