Add email existence validation to forgot password feature

html-proof · html-proof · commit fd99d9f87ac5 · 2026-01-30T20:10:09.000+05:30
diff --git a/src/app/auth/forgot-password/page.tsx b/src/app/auth/forgot-password/page.tsx
@@ -1,7 +1,7 @@
 "use client";
 
 import { useState } from "react";
-import { resetPassword } from "@/lib/firebase/auth";
+import { resetPassword, checkEmailExists } from "@/lib/firebase/auth";
 import Link from "next/link";
 import { Mail, ArrowLeft } from "lucide-react";
 import { useToast } from "@/context/ToastContext";
@@ -24,10 +24,20 @@ export default function ForgotPasswordPage() {
         }
 
         try {
+            // Check if email exists
+            const emailExists = await checkEmailExists(email);
+
+            if (!emailExists) {
+                addToast("No account found with this email address.", "error");
+                setLoading(false);
+                return;
+            }
+
+            // Send password reset email
             await resetPassword(email);
             addToast("Password reset email sent! Check your inbox.", "success");
         } catch (err: any) {
-            addToast("Can't reset password. Please check the email and try again.", "error");
+            addToast("Can't reset password. Please try again.", "error");
             console.error(err);
         } finally {
             setLoading(false);
diff --git a/src/lib/firebase/auth.ts b/src/lib/firebase/auth.ts
@@ -7,7 +7,8 @@ import {
     updateProfile,
     User,
     sendPasswordResetEmail,
-    sendEmailVerification
+    sendEmailVerification,
+    fetchSignInMethodsForEmail
 } from "firebase/auth";
 import { useEffect, useState } from "react";
 import { isAllowedEmail } from "../config";
@@ -59,6 +60,17 @@ export const signUp = async (name: string, email: string, pass: string) => {
 // Sign Out
 export const signOut = () => firebaseSignOut(auth);
 
+// Check if email exists
+export const checkEmailExists = async (email: string): Promise<boolean> => {
+    try {
+        const methods = await fetchSignInMethodsForEmail(auth, email);
+        return methods.length > 0;
+    } catch (error) {
+        console.error("Error checking email:", error);
+        return false;
+    }
+};
+
 // Password Reset
 export const resetPassword = (email: string) =>
     sendPasswordResetEmail(auth, email);
