From 85fdaad8f59350f1fc9400604efaf6c2646d0e58 Mon Sep 17 00:00:00 2001 From: Jonathan Chen Date: Tue, 12 Mar 2024 13:59:05 -0400 Subject: [PATCH] forgot password / confirm reset password flow (#51) * forgot password / confirm reset password flow * style: removed TODO comments from auth module --------- Co-authored-by: Harrison Kim --- apps/backend/src/auth/auth.controller.ts | 28 ++++++++++++++++--- apps/backend/src/auth/auth.service.ts | 2 -- .../confirm-reset-password.request.dto.ts | 12 ++++++++ .../auth/dtos/forgot-password.request.dto.ts | 6 ++++ 4 files changed, 42 insertions(+), 6 deletions(-) create mode 100644 apps/backend/src/auth/dtos/confirm-reset-password.request.dto.ts create mode 100644 apps/backend/src/auth/dtos/forgot-password.request.dto.ts diff --git a/apps/backend/src/auth/auth.controller.ts b/apps/backend/src/auth/auth.controller.ts index dac6dff..d621e3a 100644 --- a/apps/backend/src/auth/auth.controller.ts +++ b/apps/backend/src/auth/auth.controller.ts @@ -20,6 +20,8 @@ import { User } from '../users/user.entity'; import { SignInResponseDto } from './dtos/sign-in.response.dto'; import { CurrentUserInterceptor } from '../interceptors/current-user.interceptor'; import { AuthGuard } from '@nestjs/passport'; +import { ForgotPasswordRequestDto } from './dtos/forgot-password.request.dto'; +import { ConfirmResetPasswordDto } from './dtos/confirm-reset-password.request.dto'; import { UserStatus } from '../users/types'; @Controller('auth') @@ -72,10 +74,6 @@ export class AuthController { return this.authService.signin(signInDto); } - // TODO implement change/forgotPassword endpoint (service methods are already implemented) - // But this won't be necessary if we use Google OAuth - // https://dev.to/fstbraz/authentication-with-aws-cognito-passport-and-nestjs-part-iii-2da5 - @Post('/delete/:userId') @UseGuards(AuthGuard('jwt')) async delete( @@ -96,4 +94,26 @@ export class AuthController { this.usersService.remove(req.user, user.id); } + + @Post('/forgotPassword') + async forgotPassword(@Body() body: ForgotPasswordRequestDto) { + try { + await this.authService.forgotPassword(body.email); + } catch (e) { + throw new BadRequestException(e.message); + } + } + + @Post('/confirmResetPassword') + async confirmResetPassword(@Body() body: ConfirmResetPasswordDto) { + try { + await this.authService.confirmPassword( + body.email, + body.verificationCode, + body.newPassword, + ); + } catch (e) { + throw new BadRequestException(e.message); + } + } } diff --git a/apps/backend/src/auth/auth.service.ts b/apps/backend/src/auth/auth.service.ts index 9436d5a..897a396 100644 --- a/apps/backend/src/auth/auth.service.ts +++ b/apps/backend/src/auth/auth.service.ts @@ -123,7 +123,6 @@ export class AuthService { }); } - // TODO not currently used forgotPassword(email: string): Promise { return new Promise((resolve, reject) => { return new CognitoUser({ @@ -140,7 +139,6 @@ export class AuthService { }); } - // TODO not currently used confirmPassword( email: string, verificationCode: string, diff --git a/apps/backend/src/auth/dtos/confirm-reset-password.request.dto.ts b/apps/backend/src/auth/dtos/confirm-reset-password.request.dto.ts new file mode 100644 index 0000000..e2ce22c --- /dev/null +++ b/apps/backend/src/auth/dtos/confirm-reset-password.request.dto.ts @@ -0,0 +1,12 @@ +import { IsEmail, IsNumberString, IsString } from 'class-validator'; + +export class ConfirmResetPasswordDto { + @IsEmail() + email: string; + + @IsNumberString() + verificationCode: string; + + @IsString() + newPassword: string; +} diff --git a/apps/backend/src/auth/dtos/forgot-password.request.dto.ts b/apps/backend/src/auth/dtos/forgot-password.request.dto.ts new file mode 100644 index 0000000..a0c44b4 --- /dev/null +++ b/apps/backend/src/auth/dtos/forgot-password.request.dto.ts @@ -0,0 +1,6 @@ +import { IsEmail } from 'class-validator'; + +export class ForgotPasswordRequestDto { + @IsEmail() + email: string; +}