From 4bd163b790e67614524505f7ce772c70c24bc571 Mon Sep 17 00:00:00 2001
From: Nikita Lutsenko <nlutsenko@me.com>
Date: Tue, 1 Mar 2016 23:04:47 -0800
Subject: [PATCH] Remove direct mongo collection access from
 UserController.checkResetTokenValidity.

---
 src/Controllers/UserController.js | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js
index 35da9a1f..290f2d25 100644
--- a/src/Controllers/UserController.js
+++ b/src/Controllers/UserController.js
@@ -69,20 +69,19 @@ export class UserController extends AdaptableController {
   }
   
   checkResetTokenValidity(username, token) {
-    return new Promise((resolve, reject) => {
-      return this.config.database.collection('_User').then(coll => {
-        return coll.findOne({
-          username: username,
-          _perishable_token: token,
-        }, (err, doc) => {
-          if (err || !doc) {
-            reject(err);
-          } else {
-            resolve(doc);
-          }
-        });
+    return this.config.database.adaptiveCollection('_User')
+      .then(collection => {
+          return collection.find({
+            username: username,
+            _perishable_token: token
+          }, { limit: 1 });
+        })
+      .then(results => {
+        if (results.length != 1) {
+          return Promise.reject();
+        }
+        return results[0];
       });
-    });
   }
   
   getUserIfNeeded(user) {