fix reset password, register, search, suggest

3 files changed, 26 insertions, 13 deletions

diff --git a/src/pages/api/shop/search.js b/src/pages/api/shop/search.js
index ef070dcd..bab96237 100644
--- a/src/pages/api/shop/search.js
+++ b/src/pages/api/shop/search.js
@@ -15,19 +15,19 @@ export default async function handler(req, res) {
     limit = 30
   } = req.query
 
-  let paramOrderBy = ''
+  let paramOrderBy = 'product_rating_f DESC'
   switch (orderBy) {
     case 'price-asc':
-      paramOrderBy = ', price_discount_f ASC'
+      paramOrderBy += ', price_discount_f ASC'
       break
     case 'price-desc':
-      paramOrderBy = ', price_discount_f DESC'
+      paramOrderBy += ', price_discount_f DESC'
       break
     case 'popular':
-      paramOrderBy = ', search_rank_i DESC'
+      paramOrderBy += ', search_rank_i DESC'
       break
     case 'stock':
-      paramOrderBy = ', stock_total_f DESC'
+      paramOrderBy += ', stock_total_f DESC'
       break
   }
 
@@ -37,12 +37,13 @@ export default async function handler(req, res) {
     'facet.field=category_name',
     'facet=true',
     'indent=true',
-    `facet.query=${q}`,
+    `facet.query=${escapeSolrQuery(q)}`,
     `q.op=${operation}`,
     `q=${escapeSolrQuery(q)}`,
+    'qf=name_s',
     `start=${offset}`,
     `rows=${limit}`,
-    `sort=product_rating_f DESC ${paramOrderBy}`,
+    `sort=${paramOrderBy}`,
     `fq=price_discount_f:[${priceFrom == '' ? '*' : priceFrom} TO ${priceTo == '' ? '*' : priceTo}]`
   ]
 
@@ -68,9 +69,18 @@ export default async function handler(req, res) {
 }
 
 const escapeSolrQuery = (query) => {
-  const specialChars = /[\]\[{}()"\\]/g
-  const escapedQuery = query.replace(specialChars, '\\$&')
-  return escapedQuery
+  if (query == '*') return query
+
+  const specialChars = /([\+\-\!\(\)\{\}\[\]\^"~\*\?:\\\/])/g
+  const words = query.split(/\s+/)
+  const escapedWords = words.map((word) => {
+    if (specialChars.test(word)) {
+      return `"${word.replace(specialChars, '\\$1')}"`
+    }
+    return word
+  })
+
+  return escapedWords.join(' ')
 }
 
 const productResponseMap = (products) => {
diff --git a/src/pages/api/shop/suggest.js b/src/pages/api/shop/suggest.js
index 5a1b559a..83ab69d4 100644
--- a/src/pages/api/shop/suggest.js
+++ b/src/pages/api/shop/suggest.js
@@ -5,7 +5,7 @@ export default async function handler(req, res) {
 
   let result = await axios(
     process.env.SOLR_HOST +
-      `/solr/product/suggest?suggest=true&suggest.dictionary=mySuggester&suggest.q=${q}`
+      `/solr/product/suggest?suggest=true&suggest.dictionary=mySuggester&q=${q}`
   )
   try {
     res.status(200).json(result.data.suggest.mySuggester[q])
diff --git a/src/pages/reset-password.jsx b/src/pages/reset-password.jsx
index a4aa2201..0bf6f31e 100644
--- a/src/pages/reset-password.jsx
+++ b/src/pages/reset-password.jsx
@@ -46,7 +46,7 @@ const FormComponent = () => {
   const checkValidPassword = () => {
     const passwordVal = password.current.value
     const retypePasswordVal = retypePassword.current.value
-    if (passwordVal == retypePasswordVal) {
+    if (passwordVal && passwordVal == retypePasswordVal) {
       setIsValidPassword(true)
     } else {
       setIsValidPassword(false)
@@ -56,7 +56,10 @@ const FormComponent = () => {
   const resetPasswordRequest = async (e) => {
     e.preventDefault()
     setIsLoading(true)
-    const result = await odooApi('POST', '/api/v1/user/reset-password', { token })
+    const result = await odooApi('POST', '/api/v1/user/reset-password', {
+      token,
+      password: password.current.value
+    })
     setIsLoading(false)
     password.current.value = ''
     retypePassword.current.value = ''