fix(core): Use JWT as reset password token (#6714)

* use jwt to reset password

* increase expiration time to 1d

* drop user id query string

* refactor

* use service instead of package in tests

* sqlite migration

* postgres migration

* mysql migration

* remove unused properties

* remove userId from FE

* fix test for users.api

* move migration to the common folder

* move type assertion to the jwt.service

* Add jwt secret as a readonly property

* use signData instead of sign in user.controller

* remove base class

* remove base class

* add tests

packages/editor-ui/src/views/ChangePasswordView.vue

@@ -75,23 +75,15 @@ export default defineComponent({
 				},
 			],
 		};
-		const token =
-			!this.$route.query.token || typeof this.$route.query.token !== 'string'
-				? null
-				: this.$route.query.token;
-		const userId =
-			!this.$route.query.userId || typeof this.$route.query.userId !== 'string'
-				? null
-				: this.$route.query.userId;
+
+		const token = this.getResetToken();
+
 		try {
 			if (!token) {
 				throw new Error(this.$locale.baseText('auth.changePassword.missingTokenError'));
 			}
-			if (!userId) {
-				throw new Error(this.$locale.baseText('auth.changePassword.missingUserIdError'));
-			}
 
-			await this.usersStore.validatePasswordToken({ token, userId });
+			await this.usersStore.validatePasswordToken({ token });
 		} catch (e) {
 			this.showMessage({
 				title: this.$locale.baseText('auth.changePassword.tokenValidationError'),
@@ -118,20 +110,18 @@ export default defineComponent({
 				this.password = e.value;
 			}
 		},
+		getResetToken(): string | null {
+			return !this.$route.query.token || typeof this.$route.query.token !== 'string'
+				? null
+				: this.$route.query.token;
+		},
 		async onSubmit() {
 			try {
 				this.loading = true;
-				const token =
-					!this.$route.query.token || typeof this.$route.query.token !== 'string'
-						? null
-						: this.$route.query.token;
-				const userId =
-					!this.$route.query.userId || typeof this.$route.query.userId !== 'string'
-						? null
-						: this.$route.query.userId;
+				const token = this.getResetToken();
 
-				if (token && userId) {
-					await this.usersStore.changePassword({ token, userId, password: this.password });
+				if (token) {
+					await this.usersStore.changePassword({ token, password: this.password });
 
 					this.showMessage({
 						type: 'success',