Merged first and second waterfall steps into one, added var secrets = require('../config/secrets');, and mongoose query now returns a user object instead of an array

controllers/reset.js

@@ -14,7 +14,7 @@ exports.getReset = function(req, res) {
   }
 
   User
-    .where('resetPasswordToken', req.params.token)
+    .findOne({ resetPasswordToken: req.params.token })
     .where('resetPasswordExpires').gt(Date.now())
     .exec(function(err, user) {
       if (!user) {
@@ -46,17 +46,14 @@ exports.postReset = function(req, res, next) {
   async.waterfall([
     function(done) {
       User
-        .where('resetPasswordToken', req.params.token)
+        .findOne({ resetPasswordToken: req.params.token })
         .where('resetPasswordExpires').gt(Date.now())
         .exec(function(err, user) {
           if (!user) {
-            req.flash('errors', { msg: 'Password reset request is invalid.  It may have expired.' });
+            req.flash('errors', { msg: 'Password reset token is invalid or has expired.' });
             return res.redirect('back');
           }
-          done(err, user);
+
-        });
-    },
-    function(user, done) {
           user.password = req.body.password;
           user.resetPasswordToken = undefined;
           user.resetPasswordExpires = undefined;
@@ -67,6 +64,7 @@ exports.postReset = function(req, res, next) {
               done(err, user);
             });
           });
+        });
     },
     function(user, done) {
       var smtpTransport = nodemailer.createTransport('SMTP', {