forgot password / confirm reset password flow (#51)

* forgot password / confirm reset password flow * style: removed TODO comments from auth module --------- Co-authored-by: Harrison Kim <[email protected]>
Code-4-Community · Mar 12, 2024 · 85fdaad · 85fdaad
1 parent 403b0ba
commit 85fdaad
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 6 deletions.
diff --git a/apps/backend/src/auth/auth.controller.ts b/apps/backend/src/auth/auth.controller.ts
@@ -20,6 +20,8 @@ import { User } from '../users/user.entity';
 import { SignInResponseDto } from './dtos/sign-in.response.dto';
 import { CurrentUserInterceptor } from '../interceptors/current-user.interceptor';
 import { AuthGuard } from '@nestjs/passport';
+import { ForgotPasswordRequestDto } from './dtos/forgot-password.request.dto';
+import { ConfirmResetPasswordDto } from './dtos/confirm-reset-password.request.dto';
 import { UserStatus } from '../users/types';
 
 @Controller('auth')
@@ -72,10 +74,6 @@ export class AuthController {
     return this.authService.signin(signInDto);
   }
 
-  // TODO implement change/forgotPassword endpoint (service methods are already implemented)
-  // But this won't be necessary if we use Google OAuth
-  // https://dev.to/fstbraz/authentication-with-aws-cognito-passport-and-nestjs-part-iii-2da5
-
   @Post('/delete/:userId')
   @UseGuards(AuthGuard('jwt'))
   async delete(
@@ -96,4 +94,26 @@ export class AuthController {
 
     this.usersService.remove(req.user, user.id);
   }
+
+  @Post('/forgotPassword')
+  async forgotPassword(@Body() body: ForgotPasswordRequestDto) {
+    try {
+      await this.authService.forgotPassword(body.email);
+    } catch (e) {
+      throw new BadRequestException(e.message);
+    }
+  }
+
+  @Post('/confirmResetPassword')
+  async confirmResetPassword(@Body() body: ConfirmResetPasswordDto) {
+    try {
+      await this.authService.confirmPassword(
+        body.email,
+        body.verificationCode,
+        body.newPassword,
+      );
+    } catch (e) {
+      throw new BadRequestException(e.message);
+    }
+  }
 }
diff --git a/apps/backend/src/auth/auth.service.ts b/apps/backend/src/auth/auth.service.ts
@@ -123,7 +123,6 @@ export class AuthService {
     });
   }
 
-  // TODO not currently used
   forgotPassword(email: string): Promise<unknown> {
     return new Promise((resolve, reject) => {
       return new CognitoUser({
@@ -140,7 +139,6 @@ export class AuthService {
     });
   }
 
-  // TODO not currently used
   confirmPassword(
     email: string,
     verificationCode: string,

diff --git a/apps/backend/src/auth/dtos/confirm-reset-password.request.dto.ts b/apps/backend/src/auth/dtos/confirm-reset-password.request.dto.ts
@@ -0,0 +1,12 @@
+import { IsEmail, IsNumberString, IsString } from 'class-validator';
+
+export class ConfirmResetPasswordDto {
+  @IsEmail()
+  email: string;
+
+  @IsNumberString()
+  verificationCode: string;
+
+  @IsString()
+  newPassword: string;
+}
diff --git a/apps/backend/src/auth/dtos/forgot-password.request.dto.ts b/apps/backend/src/auth/dtos/forgot-password.request.dto.ts
@@ -0,0 +1,6 @@
+import { IsEmail } from 'class-validator';
+
+export class ForgotPasswordRequestDto {
+  @IsEmail()
+  email: string;
+}