Add send email to get placeholder reset password page

Author: njxue

backend/user-service/controller/auth-controller.js

@@ -4,7 +4,6 @@ import { formatUserResponse } from "./user-controller.js";
 import { jwtConfig, REFRESH_TOKEN_COOKIE_KEY, refreshTokenCookieOptions } from "../config/authConfig.js";
 import TokenService from "../services/tokenService.js";
 import { BadRequestError, NotFoundError, UnauthorisedError } from "../utils/httpErrors.js";
-import { decode } from "jsonwebtoken";
 
 export async function handleLogin(req, res, next) {
   const { email, password } = req.body;
@@ -93,3 +92,11 @@ export async function refresh(req, res, next) {
     next(err);
   }
 }
+
+export async function sendResetPasswordLinkToEmail(req, res, next) {
+  try {
+
+  } catch (err) {
+    next(err);
+  }
+}

backend/user-service/controller/user-controller.js

@@ -15,6 +15,8 @@ import {
 } from "../model/repository.js";
 import { BadRequestError, ConflictError, NotFoundError } from "../utils/httpErrors.js";
 import TokenService from "../services/tokenService.js";
+import { sendEmail } from "../services/emailService.js";
+import redisService from "../services/redisService.js";
 
 export async function createUser(req, res, next) {
   try {
@@ -42,12 +44,11 @@ export async function createUser(req, res, next) {
       data: { accessToken, user: { ...formatUserResponse(createdUser) } },
     });
   } catch (err) {
-    console.error('Error creating user:', err);
+    console.error("Error creating user:", err);
     next(err);
   }
 }
 
-
 export async function getUser(req, res, next) {
   try {
     const userId = req.params.id;
@@ -162,6 +163,25 @@ export async function deleteUser(req, res, next) {
   }
 }
 
+export async function forgetPassword(req, res, next) {
+  try {
+    const { email } = req.body;
+    const emailToken = TokenService.generateEmailToken(email);
+    redisService.setKeyWithExpiration(email, emailToken, 300);
+
+    const resetPasswordLink = `http://localhost:3000/reset-password/${emailToken}`;
+    await sendEmail({
+      to: email,
+      subject: "Reset password",
+      html: `Click <a href=${resetPasswordLink}>here</a> to reset your password`,
+    });
+
+    res.sendStatus(204);
+  } catch (err) {
+    next(err);
+  }
+}
+
 export function formatUserResponse(user) {
   return {
     _id: user.id,

backend/user-service/package-lock.json

@@ -23,6 +23,7 @@
     "express": "^4.19.2",
     "jsonwebtoken": "^9.0.2",
     "mongoose": "^8.5.4",
+    "nodemailer": "^6.9.16",
     "redis": "^4.7.0",
     "swagger-jsdoc": "^6.2.8",
     "swagger-ui-express": "^5.0.1",

backend/user-service/package.json

@@ -2,6 +2,7 @@ import express from "express";
 import {
   createUser,
   deleteUser,
+  forgetPassword,
   getAllUsers,
   getUser,
   updateUser,
@@ -180,4 +181,6 @@ router.patch("/:id/privilege", verifyAccessToken, verifyIsAdmin, updateUserPrivi
  */
 router.delete("/:id", verifyAccessToken, verifyIsOwnerOrAdmin, deleteUser);
 
+router.post("/forgetPassword", forgetPassword);
+
 export default router;

backend/user-service/routes/user-routes.js

@@ -0,0 +1,31 @@
+import nodemailer from "nodemailer";
+import dotenv from "dotenv";
+
+dotenv.config();
+
+const transporter = nodemailer.createTransport({
+  host: process.env.SMTP_HOST,
+  port: Number(process.env.SMTP_PORT),
+  auth: {
+    user: process.env.SMTP_USER,
+    pass: process.env.SMTP_PASSWORD,
+  },
+});
+
+transporter.verify(function (error, success) {
+  if (error) {
+    console.log(error);
+  } else {
+    console.log("Email server is ready to take our messages");
+  }
+});
+
+export const sendEmail = async ({ to, subject, text, html }) => {
+  const emailOptions = { from: process.env.SMTP_USER, to, subject, text, html };
+  try {
+    const res = await transporter.sendMail(emailOptions);
+  } catch (err) {
+    console.error(err);
+    throw err;
+  }
+};

backend/user-service/services/emailService.js

@@ -20,6 +20,7 @@ class RedisService {
   async setKeyWithExpiration(key, value, expiration) {
     try {
       await this.redisClient.set(key, value, { EX: expiration });
+      console.log(`Set ${key}: ${value}`);
     } catch (error) {
       console.error("Error setting key in Redis:", error);
     }

backend/user-service/services/redisService.js

@@ -14,6 +14,11 @@ class TokenService {
     return accessToken;
   }
 
+  static generateEmailToken(email) {
+    const emailToken = jwt.sign({ email, jti: uuidv4() }, jwtConfig.accessTokenSecret, { expiresIn: "5m" }); // TODO: change
+    return emailToken;
+  }
+
   static generateRefreshToken(user) {
     const refreshToken = jwt.sign(
       { id: user.id, jti: uuidv4() },

backend/user-service/services/tokenService.js

@@ -29,10 +29,14 @@ export class UserImpl implements IUser {
     async verifyToken(): Promise<any> {
         return this.dataSource.verifyToken();
     }
-    
+
     async getUser(userId: string): Promise<any> {
         return this.dataSource.getUser(userId);
     }
+
+    async forgetPassword(email: string): Promise<any> {
+        return this.dataSource.forgetPassword(email);
+    }
 }
 
 export const userImpl = new UserImpl();

frontend/src/data/users/UserImpl.ts

@@ -51,6 +51,9 @@ export class UserRemoteDataSource extends BaseApi {
         return await this.protectedGet<any>(`/users/${userId}`);
     }
 
+    async forgetPassword(email: string) {
+        return await this.post<any>("/users/forgetPassword", { email });
+    }
 }
 
 export const userRemoteDataSource = new UserRemoteDataSource();