fix password reset flow

user/domain/domain.go

@@ -117,7 +117,7 @@ func (domain *Domain) SavePasswordResetCode(ctx context.Context, userID, code st
 	return &pwcode, err
 }
 
-func (domain *Domain) DeletePasswordRestCode(ctx context.Context, userId, code string) error {
+func (domain *Domain) DeletePasswordResetCode(ctx context.Context, userId, code string) error {
 	_, err := domain.db.Delete(ctx, &db.DeleteRequest{
 		Table: "password-reset-codes",
 		Id:    userId + "-" + code,

user/handler/handler.go

@@ -335,8 +335,14 @@ func (s *User) ResetPassword(ctx context.Context, req *pb.ResetPasswordRequest,
 		return errors.BadRequest("user.resetpassword", "passwords do not match")
 	}
 
+	// look for an existing user
+	users, err := s.domain.Search(ctx, "", req.Email)
+	if err != nil {
+		return err
+	}
+
 	// check if a request was made to reset the password, we should have saved it
-	code, err := s.domain.ReadPasswordResetCode(ctx, req.Email, req.Code)
+	code, err := s.domain.ReadPasswordResetCode(ctx, users[0].Id, req.Code)
 	if err != nil {
 		return err
 	}
@@ -369,7 +375,7 @@ func (s *User) ResetPassword(ctx context.Context, req *pb.ResetPasswordRequest,
 	}
 
 	// delete our saved code
-	s.domain.DeletePasswordRestCode(ctx, req.Email, req.Code)
+	s.domain.DeletePasswordResetCode(ctx, users[0].Id, req.Code)
 
 	return nil
 }