From 4aa3e47842e62f2b296a0789c3c1516e7ed7b0ec Mon Sep 17 00:00:00 2001
From: Lowkik-Sai <lowkiksaipotnuru@gmail.com>
Date: Sun, 24 Mar 2024 18:11:48 +0530
Subject: [PATCH] Pull Request from branches

---
 .../Controllers/Update_Profile_Controller.js  |  32 +++--
 Backend/Controllers/otpController.js          |  42 +++++--
 Backend/Controllers/sample                    |   1 -
 Backend/Middleware/sample                     |   1 -
 Backend/Modules/Update_Profile_Module.js      |  90 +++++++++-----
 Backend/Modules/otpModule.js                  | 113 ++++++------------
 Backend/Modules/sample                        |   1 -
 Backend/Routers/Update_Profile_Router.js      |  11 +-
 Backend/Routers/sample                        |   1 -
 Backend/mainRouter.js                         |   2 +-
 Frontend/HTML/newPass.html                    |  75 ++++++++++++
 Frontend/HTML/otp.html                        |  71 +++++++++++
 Frontend/JavaScript/forgotPass.js             |  70 ++++++++---
 Frontend/JavaScript/index.js                  |   2 +-
 Frontend/JavaScript/newPass.js                |  91 ++++++++++++++
 Frontend/JavaScript/otp.js                    |  74 ++++++++++++
 16 files changed, 524 insertions(+), 153 deletions(-)
 delete mode 100644 Backend/Controllers/sample
 delete mode 100644 Backend/Middleware/sample
 delete mode 100644 Backend/Modules/sample
 delete mode 100644 Backend/Routers/sample
 create mode 100644 Frontend/HTML/newPass.html
 create mode 100644 Frontend/HTML/otp.html
 create mode 100644 Frontend/JavaScript/newPass.js
 create mode 100644 Frontend/JavaScript/otp.js

diff --git a/Backend/Controllers/Update_Profile_Controller.js b/Backend/Controllers/Update_Profile_Controller.js
index daf9223..7221e3c 100644
--- a/Backend/Controllers/Update_Profile_Controller.js
+++ b/Backend/Controllers/Update_Profile_Controller.js
@@ -1,14 +1,28 @@
 const Update_Profile_Module = require('../Modules/Update_Profile_Module');
 
-const Update_Profile_Controller = async(req, res) => {
-    const User_Name = req.params.User_Name;
-    const { Email, Access_Token } = req.body;
-    const Update_Profile_response = await Update_Profile_Module(User_Name, Email, Access_Token);
-    if(Update_Profile_response.responseCode == 200){
-        res.status(200).json(Update_Profile_response.responseBody);
-    }
-    else{
-        res.status(100).json(Update_Profile_response.responseBody);
+const Update_Profile_Controller = {
+    profile : async(req, res) => {
+        const User_Name = req.params.User_Name;
+        const { Email, Access_Token } = req.body;
+        const Update_Profile_response = await Update_Profile_Module.profile(User_Name, Email, Access_Token);
+        if(Update_Profile_response.responseCode == 200){
+            res.status(200).json(Update_Profile_response.responseBody);
+        }
+        else{
+            res.status(100).json(Update_Profile_response.responseBody);
+        }
+    },
+
+    password : async(req,res) => {
+        const User_Name = req.params.User_Name;
+        const { Password } = req.body;
+        const Update_Profile_response = await Update_Profile_Module.password(User_Name, Password);
+        if(Update_Profile_response.responseCode == 200){
+            res.status(200).json(Update_Profile_response.responseBody);
+        }
+        else{
+            res.status(100).json(Update_Profile_response.responseBody);
+        }
     }
 }
 
diff --git a/Backend/Controllers/otpController.js b/Backend/Controllers/otpController.js
index 6b996d0..b6cd4c7 100644
--- a/Backend/Controllers/otpController.js
+++ b/Backend/Controllers/otpController.js
@@ -1,23 +1,39 @@
 const {otpModule,otpGenerator} = require("../Modules/otpModule");
 
 const otpController={
-    otpGenerate:async(req,res)=>{
-        const otpGenerate=await otpGenerator(req.params.User_Name);
-        if(otpGenerate.responseCode==200){
-            res.status(200).json(otpGenerate.responseBody)
-        }else{
-            //Email not exists or OTP sending failed
-            res.status(404).json(otpGenerate.responseBody)
+    otpGenerate: async (req, res) => {
+        try {
+            const otpGenerateResponse = await otpGenerator(req.params.User_Name);
+            console.log("OTP Generate Response :", otpGenerateResponse);
+
+            if (otpGenerateResponse.responseCode === 200) {
+                res.status(200).json(otpGenerateResponse);
+            } else {
+                res.status(404).json(otpGenerateResponse);
+            }
+        } 
+        catch (error) {
+            console.error(error);
+            res.status(500).json({ responseBody: "Internal Server Error" });
         }
     },
     otpVerify:async(req,res)=>{
-        const otpResponse = await otpModule(req)
-        if(otpResponse.responseCode == 200){
-            res.status(200).json(otpResponse.responseBody);
-        }
-        else{
-            res.status(100).json(otpResponse.responseBody);
+        try {
+            const otpResponse = await otpModule(req)
+            console.log("OTP Verify Response :", otpResponse);
+
+            if(otpResponse.responseCode == 200){
+                res.status(200).json(otpResponse);
+            }
+            else{
+                res.status(100).json(otpResponse);
+            }
+        } 
+        catch (error) {
+            console.error(error);
+            res.status(500).json({ responseBody: "Internal Server Error" });
         }
+        
     }
 }
 
diff --git a/Backend/Controllers/sample b/Backend/Controllers/sample
deleted file mode 100644
index 8b13789..0000000
--- a/Backend/Controllers/sample
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/Backend/Middleware/sample b/Backend/Middleware/sample
deleted file mode 100644
index 8b13789..0000000
--- a/Backend/Middleware/sample
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/Backend/Modules/Update_Profile_Module.js b/Backend/Modules/Update_Profile_Module.js
index f03349e..8602acf 100644
--- a/Backend/Modules/Update_Profile_Module.js
+++ b/Backend/Modules/Update_Profile_Module.js
@@ -1,4 +1,5 @@
 const AWS = require('aws-sdk');
+const crypto = require('crypto');
 require('dotenv').config();
 
 AWS.config.update({
@@ -12,35 +13,68 @@ const docClient = new AWS.DynamoDB.DocumentClient();
 let responseCode = 200;
 let responseBody = "";
 
-const Update_Profile = async(User_Name, Email, Access_Token) => {
-    const params = {
-        TableName: "Auth",
-        Key: {
-            "User_Name": User_Name
-        },
-        UpdateExpression: "set Email = :x, Access_Token = :y",
-        ExpressionAttributeValues: {
-            ":x": Email,
-            ":y": Access_Token
-        }    
-    };
+const Update_Profile = {
+    profile : async(User_Name, Email, Access_Token) => {
+        const params = {
+            TableName: "Auth",
+            Key: {
+                "User_Name": User_Name
+            },
+            UpdateExpression: "set Email = :x, Access_Token = :y",
+            ExpressionAttributeValues: {
+                ":x": Email,
+                ":y": Access_Token
+            }    
+        };
+    
+        docClient.update(params, function(err, data) {
+            if(err){
+                responseCode = 100;
+                responseBody = "Error in Updating Profile";
+            }
+            else{
+                responseBody = "Successfully Updated Profile";
+            }
+        });
+    
+        const response = {
+            responseCode,
+            responseBody
+        };
+    
+        return response;
+    },
 
-    docClient.update(params, function(err, data) {
-        if(err){
-            responseCode = 100;
-            responseBody = "Error in Updating Profile";
-        }
-        else{
-            responseBody = "Successfully Updated Profile";
-        }
-    });
-
-    const response = {
-        responseCode,
-        responseBody
-    };
-
-    return response;
+    password : async(User_Name, Password) => {
+        const hashedPassword = crypto.createHash('sha256').update(Password).digest('hex');
+        const params = {
+            TableName: "Auth",
+            Key: {
+                "User_Name": User_Name
+            },
+            UpdateExpression: "set Password = :x",
+            ExpressionAttributeValues: {
+                ":x": hashedPassword
+            }    
+        };
+    
+        docClient.update(params, function(err, data) {
+            if(err){
+                responseCode = 100;
+                responseBody = "Error in Updating Password";
+            }
+            else{
+                responseBody = "Successfully Updated Password";
+            }
+        });
+    
+        const response = {
+            responseCode,
+            responseBody
+        };
+    
+        return response;
+    },
 }
 
 module.exports = Update_Profile;
\ No newline at end of file
diff --git a/Backend/Modules/otpModule.js b/Backend/Modules/otpModule.js
index 059e528..e6f99a5 100644
--- a/Backend/Modules/otpModule.js
+++ b/Backend/Modules/otpModule.js
@@ -21,8 +21,9 @@ AWS.config.update({
 var ddb = new AWS.DynamoDB({ apiVersion: "2012-08-10" });
 const docClient = new AWS.DynamoDB.DocumentClient();
 
-let responseCode = 200;
-let responseBody = "";
+let responseCode = 100;
+let responseBody = "Something went wrong";
+let userName = "";
 
 
   
@@ -38,8 +39,6 @@ async function sendOTP(email,otp){
     .then(msg => console.log(msg)) // logs response data
     .catch(err => console.log(err)); // logs any error
 
-     
-
 }
 
 async function otpGenerator(User_Name){
@@ -63,41 +62,22 @@ async function otpGenerator(User_Name){
 
         let email=""
 
-        await ddb.getItem(parameters, (err, data) => {
-            if(err){
-                console.log(err);
-                responseCode = 404;
-                responseBody = "Error in Reading Database";
-                const response = {
-                    responseCode,
-                    responseBody
-                };
-                return response;
-            }
-            console.log(data)
-            if(data.Item.User_Name.S === User_Name){
-                email=data.Item.Email.S
-                        
-                sendOTP(email,otp)//Send OTP through Mailer
-                
-            }else{
-                responseCode = 420;
-                responseBody = "No User Exists with Given User Name";
-                const response = {
-                    responseCode,
-                    responseBody
-                };
-                return response;
-            }
-        })
+        const data = await ddb.getItem(parameters).promise();
         
+        if (!data.Item || !data.Item.Email) {
+            
+            return {
+                userName: User_Name,
+                responseCode: 404,
+                responseBody: "No User Exists with Given User Name"
+            };
+        }
 
-
-
-
+        email = data.Item.Email.S;
+        sendOTP(email, otp); // Send OTP through Mailer
 
         const hashedOTP = await hash.create(otp);
-        console.log(`OTP : ${otp} and HashOTP : ${hashedOTP}`)
+        console.log(`OTP : ${otp} and HashOTP : ${hashedOTP}`);
 
         const params = {
             TableName: "Auth",
@@ -107,20 +87,16 @@ async function otpGenerator(User_Name){
             UpdateExpression: "set OTP = :x",
             ExpressionAttributeValues: {
                 ":x": hashedOTP
-            }    
-        };
-    
-        await docClient.update(params, function(err, data) {
-            if(err){
-                responseCode = 100;
-                responseBody = "Error in Updating OTP";
-                return false;
             }
-            else{
-                responseBody = "Successfully Updated OTP ";
-                responseCode = 200;
-            }
-        });
+        };
+
+        await docClient.update(params).promise();
+
+        return {
+            userName: User_Name,
+            responseCode: 200,
+            responseBody: "Successfully Updated OTP"
+        };
     
 
     }catch(error){
@@ -128,6 +104,7 @@ async function otpGenerator(User_Name){
         responseCode = 400;
     }
     const response = {
+        userName,
         responseCode,
         responseBody
     };
@@ -144,38 +121,22 @@ const otpModule = async(req) =>{
         },
         TableName: "Auth"
     };
-
-    await ddb.getItem(params, async function(err, data) {
-        if(err){
-            console.log(err);
-            responseCode = 404;
-            responseBody = "Error in Reading Database";
-            const response = {
-                responseCode,
-                responseBody
-            };
-            return response;
-        }
-        else{
-            console.log(data.Item.OTP.S+" OTP : "+req.body.otp);
-            const isMatch = await hash.verify(data.Item.OTP.S,req.body.otp);
-            if(isMatch){
-                responseCode=200;
-                responseBody="Successfully Verified"
-            }
-            else{
-                responseCode=404;
-                responseBody="Invalid OTP"
-            }
-            console.log(responseBody)
-        }
-    });
-
+    const data = await ddb.getItem(params).promise();
+    console.log(data.Item.OTP.S+" OTP : "+req.body.otp);
+    const isMatch = await hash.verify(data.Item.OTP.S,req.body.otp);
+    if(isMatch){
+        responseCode=200;
+        responseBody="Successfully Verified"
+    }
+    else{
+        responseCode=404;
+        responseBody="Invalid OTP"
+    }
     const response = {
         responseCode,
         responseBody
     };
-
+        
     return response;
 }
 
diff --git a/Backend/Modules/sample b/Backend/Modules/sample
deleted file mode 100644
index 8b13789..0000000
--- a/Backend/Modules/sample
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/Backend/Routers/Update_Profile_Router.js b/Backend/Routers/Update_Profile_Router.js
index a2bf56e..191f2e5 100644
--- a/Backend/Routers/Update_Profile_Router.js
+++ b/Backend/Routers/Update_Profile_Router.js
@@ -1,10 +1,15 @@
 const Update_Profile_Controller = require('../Controllers/Update_Profile_Controller');
-const express = require('express');
 
+const express = require('express');
 const router = express.Router();
 
-router.post("/updateprofile/:User_Name", (req, res) => {
-    Update_Profile_Controller(req, res);
+router.post("/updateprofile/:type/:User_Name", (req, res) => {
+    const type = req.params.type;
+    if(type=="profile"){
+        Update_Profile_Controller.profile(req, res);
+    }else if(type=="password"){
+        Update_Profile_Controller.password(req, res);
+    }
 })
 
 module.exports = router;
\ No newline at end of file
diff --git a/Backend/Routers/sample b/Backend/Routers/sample
deleted file mode 100644
index 8b13789..0000000
--- a/Backend/Routers/sample
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/Backend/mainRouter.js b/Backend/mainRouter.js
index d852037..b13cd7e 100644
--- a/Backend/mainRouter.js
+++ b/Backend/mainRouter.js
@@ -10,7 +10,7 @@ const Update_Profile = require('./Routers/Update_Profile_Router');
 const Login = require('./Routers/Login_Router');
 const Register = require('./Routers/Register_Router');
 const commit = require('./Routers/Commit_Route');
-const otp = require("./Routers/otpRoute")
+const otp = require("./Routers/otpRoute");
 
 //Middlewares
 const webTokenValidator = require('./Middleware/webTokenValidator');
diff --git a/Frontend/HTML/newPass.html b/Frontend/HTML/newPass.html
new file mode 100644
index 0000000..cf33c01
--- /dev/null
+++ b/Frontend/HTML/newPass.html
@@ -0,0 +1,75 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>New Password  - CodeMover</title>
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+    <link rel="stylesheet" href="../Styles/Login.css">
+    <script type="module" src="../JavaScript/newPass.js"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/three.js/r121/three.min.js"></script>
+    <script src="https://cdn.jsdelivr.net/npm/vanta@latest/dist/vanta.clouds.min.js"></script>
+</head>
+
+<body>
+    <div class="container" id="container">
+        <div class="screen">
+            <div class="screen__content">
+                <form class="login">
+                    <div class="login__field">
+                        <i class="login__icon fa fa-user"></i>
+                        <input type="text" class="login__input" name="username" readonly>
+                    </div>
+                    <div class="login__field">
+                        <i class="login__icon fa fa-user"></i>
+                        <input type="password" name="password" class="login__input" placeholder="New Password">
+                    </div>
+                    <div class="login__field">
+                        <i class="login__icon fa fa-user"></i>
+                        <input type="password" name="confirmPassword" class="login__input" placeholder="Confirm New Password">
+                    </div>
+                    <button class="button login__submit">
+                        <span class="button__text">Reset Password</span>
+                        <i class="button__icon fa fa-chevron-right"></i>
+                    </button>				
+                </form>
+            </div>
+            <div class="screen__background">
+                <span class="screen__background__shape screen__background__shape4"></span>
+                <span class="screen__background__shape screen__background__shape3"></span>		
+                <span class="screen__background__shape screen__background__shape2"></span>
+                <span class="screen__background__shape screen__background__shape1"></span>
+            </div>		
+        </div>
+    </div>
+
+    <div id="error">
+        <div class="content">
+
+        </div>
+        <div class="error-border">
+            Border
+        </div>
+    </div>
+
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/three.js/r121/three.min.js"></script>
+    <script src="https://cdn.jsdelivr.net/npm/vanta@latest/dist/vanta.waves.min.js"></script>
+    <script>
+    document.addEventListener('DOMContentLoaded', function () {
+        VANTA.WAVES({
+            el: "#container",
+            mouseControls: true,
+            touchControls: true,
+            gyroControls: false,
+            minHeight: 200.00,
+            minWidth: 200.00,
+            scale: 1.00,
+            scaleMobile: 1.00,
+            color: 0x0,
+            shininess: 66.00
+        })
+    });
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/Frontend/HTML/otp.html b/Frontend/HTML/otp.html
new file mode 100644
index 0000000..3a319d1
--- /dev/null
+++ b/Frontend/HTML/otp.html
@@ -0,0 +1,71 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>OTP  - CodeMover</title>
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+    <link rel="stylesheet" href="../Styles/Login.css">
+    <script type="module" src="../JavaScript/otp.js"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/three.js/r121/three.min.js"></script>
+    <script src="https://cdn.jsdelivr.net/npm/vanta@latest/dist/vanta.clouds.min.js"></script>
+</head>
+
+<body>
+    <div class="container" id="container">
+        <div class="screen">
+            <div class="screen__content">
+                <form class="login">
+                    <div class="login__field">
+                        <i class="login__icon fa fa-user"></i>
+                        <input type="text" class="login__input" name="username" readonly>
+                    </div>
+                    <div class="login__field">
+                        <i class="login__icon fa fa-user"></i>
+                        <input type="password" class="login__input" placeholder="Enter OTP">
+                    </div>
+                    <button class="button login__submit">
+                        <span class="button__text">Verify</span>
+                        <i class="button__icon fa fa-chevron-right"></i>
+                    </button>				
+                </form>
+            </div>
+            <div class="screen__background">
+                <span class="screen__background__shape screen__background__shape4"></span>
+                <span class="screen__background__shape screen__background__shape3"></span>		
+                <span class="screen__background__shape screen__background__shape2"></span>
+                <span class="screen__background__shape screen__background__shape1"></span>
+            </div>		
+        </div>
+    </div>
+
+    <div id="error">
+        <div class="content">
+
+        </div>
+        <div class="error-border">
+            Border
+        </div>
+    </div>
+
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/three.js/r121/three.min.js"></script>
+    <script src="https://cdn.jsdelivr.net/npm/vanta@latest/dist/vanta.waves.min.js"></script>
+    <script>
+    document.addEventListener('DOMContentLoaded', function () {
+        VANTA.WAVES({
+            el: "#container",
+            mouseControls: true,
+            touchControls: true,
+            gyroControls: false,
+            minHeight: 200.00,
+            minWidth: 200.00,
+            scale: 1.00,
+            scaleMobile: 1.00,
+            color: 0x0,
+            shininess: 66.00
+        })
+    });
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/Frontend/JavaScript/forgotPass.js b/Frontend/JavaScript/forgotPass.js
index 37b6121..3559c31 100644
--- a/Frontend/JavaScript/forgotPass.js
+++ b/Frontend/JavaScript/forgotPass.js
@@ -1,32 +1,66 @@
-document.addEventListener("DOMContentLoaded",function(){
+document.addEventListener('DOMContentLoaded', function () {
+
     const form = document.querySelector('.login');
 
-    const sendOTP = form.querySelector('.login__submit');
+    const sendOtp = form.querySelector('.login__submit');
 
 
-    sendOTP.addEventListener("click",function(event){
+    sendOtp.addEventListener('click', function (event) {
         event.preventDefault();
-        const value = document.querySelector('.login__input[type="text"]').value;
 
-        if(value.endsWith(".com")){ 
-            //Method : Email 
+        const username = document.querySelector('.login__input[type="text"]').value;
 
-            let data = {
-                "eMail" : value
-            }
+        if (!username.trim()) {
             var x = document.getElementById("error");
             x.className = "show";
-            if(data == ""){
-                x.innerText = "Invalid Email";
+            x.innerText = "Enter User Name";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            return;
+        }
+        
+        const data = {
+            User_Name: username
+        };
+        
+        console.log(username);
+        fetch(`https://codemover-backend-73adc6530796.herokuapp.com/otp/generate/${data.User_Name}`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json'
             }
-            else{
-                x.innerText = errorData.message;
+        })
+        .then(response => {
+            if (!response.ok) {
+                return response.json().then(errorData => {
+                    console.log(errorData.responseBody);
+                    var x = document.getElementById("error");
+                    x.className = "show";
+                    x.innerText = errorData.responseBody;
+                    setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+                });
             }
-            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            console.log("Response in forgotPass:")
+            console.log(response);
+            return response.json();
+        })
+        .then(data => {
+            console.log(data);
 
-        }
-            //Method : Username
+            const username = data.userName;
+
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Redirecting to OTP page...";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 1000);
 
+            sessionStorage.setItem('User_Name', username);
+            setTimeout(function(){
+                window.location.href = 'otp.html';
+            },200)
+        })
+        .catch(error => {
+            console.error('Error:', error);
+        });
+    });
 
-    })
-})
\ No newline at end of file
+});
diff --git a/Frontend/JavaScript/index.js b/Frontend/JavaScript/index.js
index 9acc76c..4238649 100644
--- a/Frontend/JavaScript/index.js
+++ b/Frontend/JavaScript/index.js
@@ -239,7 +239,7 @@ saveButton.addEventListener('click', async function(){
     let newEmail = Emaildiv.value;
     let newAccessToken = AccessTokendiv.value;
 
-    let UpdateProfileurl = 'https://codemover-backend-73adc6530796.herokuapp.com/updateprofile/';
+    let UpdateProfileurl = 'https://codemover-backend-73adc6530796.herokuapp.com/updateprofile/profile';
 
     UpdateProfileurl += sessionStorage.getItem('User_Name');
 
diff --git a/Frontend/JavaScript/newPass.js b/Frontend/JavaScript/newPass.js
new file mode 100644
index 0000000..bafcecc
--- /dev/null
+++ b/Frontend/JavaScript/newPass.js
@@ -0,0 +1,91 @@
+document.addEventListener('DOMContentLoaded', function () {
+
+    const form = document.querySelector('.login');
+
+    const sendOtp = form.querySelector('.login__submit');
+
+    const usernameInput = document.querySelector('.login__input[name="username"]');
+    const storedUsername = sessionStorage.getItem('User_Name');
+    if (usernameInput) {
+        if (storedUsername) {
+            usernameInput.setAttribute('readonly', ''); // or 'readonly="readonly"'
+            usernameInput.value = storedUsername;
+        }
+    }
+
+    
+    
+    sendOtp.addEventListener('click', function (event) {
+        event.preventDefault();
+        
+        const password = document.querySelector('.login__input[name="password"]').value;
+        const confirmPassword = document.querySelector('.login__input[name="confirmPassword"]').value;
+        if (!password.trim()) {
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Enter New Password";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            return;
+        }
+        if (!confirmPassword.trim()) {
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Enter Confirm Password";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            return;
+        }
+
+        if(password!==confirmPassword){
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Password and Confirm Password are not matched!";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            return;
+        }
+        
+        const data = {
+            Password: password
+        };
+
+        fetch(`https://codemover-backend-73adc6530796.herokuapp.com/updateprofile/password/${storedUsername}`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(data)
+        })
+        .then(response => {
+            if (!response.ok) {
+                return response.json().then(errorData => {
+                    console.log(errorData.responseBody);
+                    var x = document.getElementById("error");
+                    x.className = "show";
+                    x.innerText = errorData.responseBody;
+                    setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+                });
+            }
+            console.log("Response in New Password:")
+            console.log(response);
+            return response.json();
+        })
+        .then(data => {
+            console.log(data);
+
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Successfully Changed Password";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 1000);
+            setTimeout(function(){
+                window.location.href = 'Login.html';
+            },200)
+        })
+        .catch(error => {
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Something went wrong!";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            console.error('Error:', error);
+        });
+    });
+
+});
diff --git a/Frontend/JavaScript/otp.js b/Frontend/JavaScript/otp.js
new file mode 100644
index 0000000..ee5efee
--- /dev/null
+++ b/Frontend/JavaScript/otp.js
@@ -0,0 +1,74 @@
+document.addEventListener('DOMContentLoaded', function () {
+
+    const form = document.querySelector('.login');
+
+    const sendOtp = form.querySelector('.login__submit');
+
+    const usernameInput = document.querySelector('.login__input[type="text"]');
+    const storedUsername = sessionStorage.getItem('User_Name');
+    if (usernameInput) {
+        if (storedUsername) {
+            usernameInput.setAttribute('readonly', ''); // or 'readonly="readonly"'
+            usernameInput.value = storedUsername;
+        }
+    }
+
+
+    sendOtp.addEventListener('click', function (event) {
+        event.preventDefault();
+
+        const OTP = document.querySelector('.login__input[type="password"]').value;
+        if (!OTP.trim()) {
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Enter OTP";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            return;
+        }
+        
+        const data = {
+            otp: OTP
+        };
+
+        fetch(`https://codemover-backend-73adc6530796.herokuapp.com/otp/verify/${storedUsername}`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(data)
+        })
+        .then(response => {
+            if (!response.ok) {
+                return response.json().then(errorData => {
+                    console.log(errorData.responseBody);
+                    var x = document.getElementById("error");
+                    x.className = "show";
+                    x.innerText = errorData.responseBody;
+                    setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+                });
+            }
+            console.log("Response in OTP:")
+            console.log(response);
+            return response.json();
+        })
+        .then(data => {
+            console.log(data);
+
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Change Password...";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 1000);
+            setTimeout(function(){
+                window.location.href = 'newPass.html';
+            },200)
+        })
+        .catch(error => {
+            var x = document.getElementById("error");
+            x.className = "show";
+            x.innerText = "Invalid OTP";
+            setTimeout(function(){ x.className = x.className.replace("show", ""); }, 3000);
+            console.error('Error:', error);
+        });
+    });
+
+});