add: reset password backend api

dioveath · Dec 30, 2022 · 0e549e7 · 0e549e7
1 parent 0151027
commit 0e549e7
Show file tree

Hide file tree

Showing 5 changed files with 175 additions and 12 deletions.
diff --git a/PROJECT_TRACKER.org b/PROJECT_TRACKER.org
@@ -25,18 +25,20 @@
 ** DONE Tournament Fixture creator based on number of players registered
 ** DONE Create a Match Card with 2 players details 
 
-** TODO Create a Profile Page showing achievements & all 
+** TODO Integrate Forgot password in backend
+** TODO Create Forgot password flow in frontend
 
-** TODO Rank System, 
-** TODO Clips share system seo optimized for facebook share
+** TODO Improvise for mobile responsive UI - Simplify & Animate
+** TODO Great Incoming user experience 
+** TODO Create a Profile Page showing achievements & all
 
-** TODO Great Incoming user experience 
 ** TODO Create a TourneyView for users
+
+** TODO Rank System, 
+** TODO Clips share system seo optimized for facebook share
 
 ** TODO Use redux to manage tourney_data from tourney ???
 
-
-
 * Tournament Organizer
 ** Tournament Dashboard Create all UIs without states
 ** Basic tournament fixture generator based on no. of players

diff --git a/client/package-lock.json b/client/package-lock.json
diff --git a/routes/api/v1/users/reset-password.js b/routes/api/v1/users/reset-password.js
@@ -0,0 +1,66 @@
+const Router = require("express").Router;
+const jwt = require("jsonwebtoken");
+
+const config = require("../../../../config");
+const UserAccess = require('../../../../data-access/user-db');
+
+const resetRouter = new Router();
+
+resetRouter.get("/:email", async (req, res) => {
+ try {
+ const user = await UserAccess.findUserBy('email', req.params.email);
+ if(!user) throw new Error('There is no such user!');
+
+ const secret = user.password + config.process.env.JWT_SECRET;
+ const token = jwt.sign(
+ {
+ sub: user.id,
+ iss: config.JWT_ISSUER,
+ },
+ secret,
+ {
+ expiresIn: "15m",
+ }
+ );
+
+ return res.send({
+ status: "success",
+ reset_token: token
+ });
+ } catch (e) {
+ return res.send({
+ status: "fail",
+ errorList: [e.message],
+ }); 
+ }
+
+
+
+});
+
+resetRouter.get("/:email/confirm", async (req, res) => {
+ try {
+ const { reset_token, password } = req.body;
+ if(!password) throw new Error('Please give proper credentials!');
+
+ const user = UserAccess.findUserById('email', req.body.email);
+ const secret = user.password + config.process.env.JWT_SECRET; 
+
+ const data = jwt.verify(reset_token, secret);
+ if(data.sub !== user.id) throw new Error('Token didnt match!');
+
+ const updatedUser = UserAccess.updateUser(user.id, { password });
+
+ return res.send({
+ status: 'success',
+ updatedUser
+ });
+
+ } catch(e){
+ return res.send({
+ status: "fail",
+ errorList: [e.message],
+ }); 
+ }
+
+});
diff --git a/routes/auth/index.js b/routes/auth/index.js
@@ -6,8 +6,10 @@ const bcrypt = require("bcrypt");
 const config = require("../../config");
 const UserAccess = require("../../data-access/user-db");
 
+const resetRouter = require('./reset');
 const authRouter = new Router();
 
+authRouter.use('/reset', resetRouter);
 
 authRouter.post("/login", async (req, res) => {
  if (!req.body.email || !req.body.password)

diff --git a/routes/auth/reset.js b/routes/auth/reset.js
@@ -0,0 +1,71 @@
+const Router = require("express").Router;
+const jwt = require("jsonwebtoken");
+
+const config = require("../../config");
+const UserAccess = require('../../data-access/user-db');
+
+const resetRouter = new Router();
+
+resetRouter.get("/:email", async (req, res) => {
+ try {
+ const user = await UserAccess.findUserBy('email', req.params.email);
+ if(!user) throw new Error('There is no such user!');
+
+ const secret = user.password + config.JWT_SECRET;
+ const token = jwt.sign(
+ {
+ sub: user.id,
+ iss: config.JWT_ISSUER,
+ },
+ secret,
+ {
+ expiresIn: "15m",
+ }
+ );
+
+ return res.send({
+ status: "success",
+ reset_token: token
+ });
+ } catch (e) {
+ return res.send({
+ status: "fail",
+ errorList: [e.message],
+ }); 
+ }
+
+
+
+});
+
+resetRouter.post("/:email", async (req, res) => {
+ try {
+ const reset_token = req.headers['authorization'].split(' ')[1];
+ const user = await UserAccess.findUserBy('email', req.params.email);
+
+ if(!user) throw new Error('No user found with email: ' + req.params.email);
+
+ const secret = user.password + config.JWT_SECRET; 
+ const data = jwt.verify(reset_token, secret);
+
+ const { password } = req.body;
+ if(!password) throw new Error('Please give proper credentials!');
+
+ const updatedUser = UserAccess.updateUser(user.id, { password });
+
+ return res.send({
+ status: 'success',
+ updatedUser
+ });
+
+ } catch(e){
+ return res.send({
+ status: "fail",
+ errorList: [e.message],
+ }); 
+ }
+
+});
+
+
+module.exports = resetRouter;