Fix password update (#71)

* Fix password update
* Use next or callback params for retro-compatibility

packages/features/auth/src/components/password-reset-request-container.tsx

@@ -20,6 +20,7 @@ import { If } from '@kit/ui/if';
 import { Input } from '@kit/ui/input';
 import { Trans } from '@kit/ui/trans';
 
+import { useCaptchaToken } from '../captcha/client';
 import { AuthErrorAlert } from './auth-error-alert';
 
 const PasswordResetSchema = z.object({
@@ -31,6 +32,8 @@ export function PasswordResetRequestContainer(params: {
 }) {
   const { t } = useTranslation('auth');
   const resetPasswordMutation = useRequestResetPassword();
+  const { captchaToken, resetCaptchaToken } = useCaptchaToken();
+
   const error = resetPasswordMutation.error;
   const success = resetPasswordMutation.data;
 
@@ -55,11 +58,20 @@ export function PasswordResetRequestContainer(params: {
         <Form {...form}>
           <form
             onSubmit={form.handleSubmit(({ email }) => {
-              return resetPasswordMutation.mutateAsync({
-                email,
-                redirectTo: new URL(params.redirectPath, window.location.origin)
-                  .href,
-              });
+              const redirectTo = new URL(
+                params.redirectPath,
+                window.location.origin,
+              ).href;
+
+              return resetPasswordMutation
+                .mutateAsync({
+                  email,
+                  redirectTo,
+                  captchaToken,
+                })
+                .catch(() => {
+                  resetCaptchaToken();
+                });
             })}
             className={'w-full'}
           >

packages/supabase/src/auth-callback.service.ts

@@ -48,11 +48,12 @@ class AuthCallbackService {
 
     const token_hash = searchParams.get('token_hash');
     const type = searchParams.get('type') as EmailOtpType | null;
-    const callbackParam = searchParams.get('callback');
+    const callbackParam = searchParams.get('next') ?? searchParams.get('callback');
 
     let nextPath: string | null = null;
     const callbackUrl = callbackParam ? new URL(callbackParam) : null;
 
+    // if we have a callback url, we check if it has a next path
     if (callbackUrl) {
       // if we have a callback url, we check if it has a next path
       const callbackNextPath = callbackUrl.searchParams.get('next');

packages/supabase/src/hooks/use-request-reset-password.ts

@@ -2,9 +2,10 @@ import { useMutation } from '@tanstack/react-query';
 
 import { useSupabase } from './use-supabase';
 
-interface Params {
+interface RequestPasswordResetMutationParams {
   email: string;
   redirectTo: string;
+  captchaToken?: string;
 }
 
 /**
@@ -18,11 +19,12 @@ export function useRequestResetPassword() {
   const client = useSupabase();
   const mutationKey = ['auth', 'reset-password'];
 
-  const mutationFn = async (params: Params) => {
+  const mutationFn = async (params: RequestPasswordResetMutationParams) => {
     const { error, data } = await client.auth.resetPasswordForEmail(
       params.email,
       {
         redirectTo: params.redirectTo,
+        captchaToken: params.captchaToken,
       },
     );