exports.tokenPost = function(req, res, next) { let password = req.body.passwo

1. exports.tokenPost = function(req, res, next) {
2.  
3. let password = req.body.password;
4. let password_confirm = req.body.password_confirm;
5.  
6. if(password != password_confirm) return res.status(400).json({message: 'Error passwords don't match. Please make sure they match'});
7.  
8. async.waterfall([
9. function(done) {
10. User
11. .findOne({ resetPasswordToken: req.params.token })
12. .where('resetPasswordExpires').gt(Date.now())
13. .exec(function(err, user) {
14. if(err){
15. console.log(err);
16. }
17. if (!user) {
18. return res.status(400).json({success: false, message: 'We can't find a user with that reset token. Please try resetting your password again or contact customer support.'});
19. }
20.  
21. user.password = password;
22. // user.resetPasswordToken = undefined;
23. // user.resetPasswordExpires = undefined;
24.  
25. user.save(function(err) {
26. if (err) console.log(err);
27. if (err) return next(err);
28. });
29. });
30. },
31. function(user, done) {
32. console.log('This code is not being run);
33. let message = 'Hello,nn' + 'this is a confirmation that the password for your account ' + user.email + ' has just been changed.n';
34. sendEmail(`"Company Name" ${config.noreply}`, req.body.email, 'Password changed', message);
35. res.status(200).json({success: true, message: 'Success your password has been changed.'});
36. }
37. ], function(err) {
38. console.log(err);
39. if (err) return next(err);
40.  
41. });
42. };