@@ -235,19 +235,17 @@ func (ac *AuthController) ResetPassword(ctx *gin.Context) {
235235passwordResetToken := utils .Encode (resetToken )
236236
237237var updatedUser models.User
238- result := ac .DB .First (& updatedUser ,"password_reset_token = ?" ,passwordResetToken )
238+ result := ac .DB .First (& updatedUser ,"password_reset_token = ? AND password_reset_at > ? " ,passwordResetToken , time . Now () )
239239if result .Error != nil {
240- ctx .JSON (http .StatusBadRequest , gin.H {"status" :"fail" ,"message" :"Invalid verification code or user doesn't exists " })
240+ ctx .JSON (http .StatusBadRequest , gin.H {"status" :"fail" ,"message" :"The reset token is invalid or has expired " })
241241return
242242}
243243
244244updatedUser .Password = hashedPassword
245245updatedUser .PasswordResetToken = ""
246246ac .DB .Save (& updatedUser )
247247
248- ctx .SetCookie ("access_token" ,"" ,- 1 ,"/" ,"localhost" ,false ,true )
249- ctx .SetCookie ("refresh_token" ,"" ,- 1 ,"/" ,"localhost" ,false ,true )
250- ctx .SetCookie ("logged_in" ,"" ,- 1 ,"/" ,"localhost" ,false ,true )
248+ ctx .SetCookie ("token" ,"" ,- 1 ,"/" ,"localhost" ,false ,true )
251249
252250ctx .JSON (http .StatusOK , gin.H {"status" :"success" ,"message" :"Password data updated successfully" })
253251}