From d5cd829834f223bf461006f1ac53cc3294ce6cbe Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Fri, 4 Nov 2022 15:52:07 +0100
Subject: [PATCH] Fix: Remove password reset token after successful reset
 (#248)

Signed-off-by: Knut Ahlers <knut@ahlers.me>

Signed-off-by: Knut Ahlers <knut@ahlers.me>
---
 routes/api/users.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes/api/users.js b/routes/api/users.js
index e2e5b2b..9683538 100644
--- a/routes/api/users.js
+++ b/routes/api/users.js
@@ -289,7 +289,7 @@ router.post('/password_reset_requests/:confirm_token/confirm', function(req, res
         bcrypt.genSalt(10, (err, salt) => {
           bcrypt.hash(password, salt, function(err, hash) {
             user.password_hash = hash;
-            user.password_token = null;
+            user.password_reset_token = null;
             user.save().then(function(updatedUser) {
               res.sendStatus(201);
             });