Merge pull request #4 from CaptainAril/feat/password-change-reset

Feat/password change reset

Author: Ifechukwu001

src/api/constants/activity_types.py

@@ -17,6 +17,9 @@ class ActivityTypes(TypedDict):
     LIST_WITHDRAW_ACCOUNTS: str
     FETCH_WITHDRAW_ACCOUNT: str
     DELETE_WITHDRAW_ACCOUNT: str
+    CHANGE_PASSWORD: str
+    REQUEST_RESET_PASSWORD: str
+    CONFIRM_RESET_PASSWORD: str
     FETCH_NOK: str
     UPDATE_NOK: str
     FETCH_KYC: str
@@ -39,6 +42,9 @@ class ActivityTypes(TypedDict):
     "LIST_WITHDRAW_ACCOUNTS": "List withdraw accounts",
     "FETCH_WITHDRAW_ACCOUNT": "Get withdraw account",
     "DELETE_WITHDRAW_ACCOUNT": "Delete withdraw account",
+    "CHANGE_PASSWORD": "Change user password",
+    "REQUEST_RESET_PASSWORD": "Request for password reset",
+    "CONFIRM_RESET_PASSWORD": "Confirm password reset",
     "FETCH_NOK": "Fetch Next Of Kin",
     "UPDATE_NOK": "Update Next Of Kin",
     "FETCH_KYC": "Fetch KYC Information",

src/api/constants/messages.py

@@ -33,6 +33,8 @@ class UserMessages(TypedDict):
     NOT_ALLOWED: str
     PIN_EXISTS: str
     PIN_SET: str
+    INCORRECT_PASSWORD: str
+    PASSWORD_CHANGED: str
 
 
 class AccountMessages(TypedDict):
@@ -56,6 +58,14 @@ class CommonMessages(TypedDict):
     VALIDATION_ERROR: str
 
 
+class PasswordResetMessages(TypedDict):
+    EMAIL_SENT: str
+    INVALID_TOKEN: str
+    TOKEN_EXPIRED: str
+    PASSWORD_RESET: str
+    DOESNT_EXIST: str
+
+
 class Messages(TypedDict):
     REGISTRATION: RegistrationMessages
     AUTH: AuthMessages
@@ -65,6 +75,7 @@ class Messages(TypedDict):
     NOK: NextOfKinMessages
     KYC: KYCInformationMessages
     COMMON: CommonMessages
+    PASSWORD_RESET: PasswordResetMessages
 
 
 class DynamicCommonMessages(TypedDict):
@@ -78,9 +89,14 @@ class DynamicAccountMessages(TypedDict):
     EXISTS: Callable[[str], str]
 
 
+class DynamicPasswordResetMessages(TypedDict):
+    EMAIL_SENT: Callable[[str], str]
+
+
 class DynamicMessages(TypedDict):
     COMMON: DynamicCommonMessages
     ACCOUNT: DynamicAccountMessages
+    PASSWORD_RESET: DynamicPasswordResetMessages
 
 
 MESSAGES: Messages = {
@@ -112,6 +128,8 @@ class DynamicMessages(TypedDict):
         "PIN_EXISTS": "You already have a transaction PIN on your account!",
         "PIN_SET": "Transaction PIN set successfully",
         "NOT_ALLOWED": "Unauthorized request!",
+        "INCORRECT_PASSWORD": "Incorrect old password",
+        "PASSWORD_CHANGED": "Password changed successfully",
     },
     "ACCOUNT": {
         "SAVED": "Withdrawal account details saved succesfully",
@@ -130,6 +148,13 @@ class DynamicMessages(TypedDict):
         "JWT_GENERATED": "JWT was generated",
         "VALIDATION_ERROR": "Validation errors",
     },
+    "PASSWORD_RESET": {
+        "EMAIL_SENT": "Password reset email sent successfully to your email",
+        "PASSWORD_RESET": "Password reset successfully",
+        "INVALID_TOKEN": "Invalid password reset token!",
+        "DOESNT_EXIST": "You don't have an account with us yet!",
+        "TOKEN_EXPIRED": "Password reset token has expired!",
+    },
 }
 
 DYNAMIC_MESSAGES: DynamicMessages = {
@@ -142,6 +167,9 @@ class DynamicMessages(TypedDict):
     "ACCOUNT": {
         "EXISTS": lambda x: f"You already have an account with the account number {x}!"
     },
+    "PASSWORD_RESET": {
+        "EMAIL_SENT": lambda x: f"Password reset email has been sent to {x}",
+    },
 }
 
 __all__ = ["DYNAMIC_MESSAGES", "MESSAGES"]

src/api/controllers/PasswordResetController.py

@@ -5,8 +5,12 @@
 
 from src.utils.svcs import Service
 from src.utils.logger import Logger
+from src.api.utils.response_format import success_response
 from src.api.services.PasswordResetService import PasswordResetService
-from src.api.models.payload.requests.PasswordResetRequest import PasswordResetRequest
+from src.api.models.payload.requests.PasswordResetRequest import (
+    PasswordResetRequest,
+    ConfirmPasswordResetRequest,
+)
 
 
 @Service()
@@ -19,12 +23,14 @@ def __init__(
         self.logger = logger
         self.password_reset_service = password_reset_service
 
-    async def request_password_reset(self, user_data: PasswordResetRequest) -> dict:
+    async def request_password_reset(self, user_data: PasswordResetRequest) -> tuple:
         try:
             sent_request = await self.password_reset_service.request_password_reset(
                 user_data
             )
-            return {"message": sent_request["message"]}
+            return success_response(
+                message=sent_request["message"], status_code=HTTPStatus.OK
+            )
         except Exception as exc:
             if isinstance(exc, HttpError):
                 raise
@@ -36,3 +42,25 @@ async def request_password_reset(self, user_data: PasswordResetRequest) -> dict:
                 }
             )
             raise HttpError(HTTPStatus.INTERNAL_SERVER_ERROR, "Something went wrong")
+
+    async def confirm_password_reset(
+        self, user_data: ConfirmPasswordResetRequest
+    ) -> tuple:
+        try:
+            sent_request = await self.password_reset_service.confirm_password_reset(
+                user_data
+            )
+            return success_response(
+                message=sent_request["message"], status_code=HTTPStatus.OK
+            )
+        except Exception as exc:
+            if isinstance(exc, HttpError):
+                raise
+            self.logger.error(
+                {
+                    "activity_type": "Confirm password reset",
+                    "message": str(exc),
+                    "metadata": user_data.model_dump(),
+                }
+            )
+            raise HttpError(HTTPStatus.INTERNAL_SERVER_ERROR, "Something went wrong")

src/api/controllers/UserController.py

@@ -7,7 +7,10 @@
 from src.api.services.UserService import UserService
 from src.api.utils.response_format import error_response, success_response
 from src.api.models.payload.requests.Pin import Pin
-from src.api.models.payload.requests.UpdateUserRequest import UpdateUserRequest
+from src.api.models.payload.requests.UpdateUserRequest import (
+    UpdateUserRequest,
+    ChangeUserPasswordRequest,
+)
 
 
 @Service()
@@ -52,3 +55,16 @@ async def set_account_pin(self, id: str, user_pin: Pin) -> tuple:
         return success_response(
             message=updated_pin["message"], status_code=HTTPStatus.OK
         )
+
+    async def change_password(
+        self, id: str, user_data: ChangeUserPasswordRequest
+    ) -> tuple:
+        updated_password = await self.user_service.change_password(id, user_data)
+        if not updated_password["is_success"]:
+            return error_response(
+                message=updated_password["message"], status_code=HTTPStatus.BAD_REQUEST
+            )
+        return success_response(
+            message=updated_password["message"],
+            status_code=HTTPStatus.OK,
+        )

src/api/middlewares/AppMiddleware.py

@@ -1,5 +1,8 @@
+from http import HTTPStatus
+
 import jwt
 from django.http import HttpRequest
+from ninja.errors import HttpError
 from ninja.security import HttpBearer
 
 from src.env import jwt_config
@@ -18,6 +21,20 @@ def authenticate(self, request: HttpRequest, token: str) -> str:
             algorithms=["HS256"],
             options={"verify_signature": False},
         )
+
+        email = jwt_data.get("email")
+        user_id = jwt_data.get("user_id")
+        if not email or not user_id:
+            message = "Invalid authentication token"
+            self.logger.error(
+                {
+                    "activity_type": "Authenticate User",
+                    "message": message,
+                    "metadata": {"token": token},
+                }
+            )
+            raise HttpError(HTTPStatus.UNAUTHORIZED, message)
+
         self.logger.debug(
             {
                 "activity_type": "Authenticate User",

src/api/models/payload/requests/PasswordResetRequest.py

@@ -1,5 +1,12 @@
 from pydantic import EmailStr, BaseModel
 
+from src.api.typing.PasswordValidator import IsStrongPassword
+
 
 class PasswordResetRequest(BaseModel):
     email: EmailStr
+
+
+class ConfirmPasswordResetRequest(BaseModel):
+    reset_token: str
+    new_password: IsStrongPassword

src/api/models/payload/requests/UpdateUserRequest.py

@@ -2,10 +2,17 @@
 
 from pydantic import Field, BaseModel
 
+from src.api.typing.PasswordValidator import IsStrongPassword
+
 
 class UpdateUserRequest(BaseModel):
     first_name: str | None = None
     last_name: str | None = None
     address: str | None = None
     phone_number: str | None = None
     state_lga_id: Annotated[int, Field(default=None, ge=1)]
+
+
+class ChangeUserPasswordRequest(BaseModel):
+    old_password: str
+    new_password: IsStrongPassword

src/api/repositories/UserRepository.py

@@ -39,3 +39,7 @@ async def update_by_id(cls, id: str, updates: dict | None = None) -> User | None
                 setattr(user, key, value)
             await user.asave()
         return user
+
+    @classmethod
+    async def find_by_reset_token(cls, reset_token: str) -> User | None:
+        return await cls.manager.filter(password_reset_token=reset_token).afirst()

src/api/routes/PasswordReset.py

@@ -1,17 +1,51 @@
+from http import HTTPStatus
+
 from ninja import Router
 from django.http import HttpRequest
 
 from src.utils.svcs import ADepends
 from src.api.controllers.PasswordResetController import PasswordResetController
+from src.api.models.payload.responses.ErrorResponse import (
+    ErrorResponse,
+    ServerErrorResponse,
+)
 from src.api.models.payload.responses.SuccessResponse import SuccessResponse
-from src.api.models.payload.requests.PasswordResetRequest import PasswordResetRequest
+from src.api.models.payload.requests.PasswordResetRequest import (
+    PasswordResetRequest,
+    ConfirmPasswordResetRequest,
+)
 
 router = Router()
 
 
-@router.post("/", response=SuccessResponse)
+@router.post(
+    "/",
+    response={
+        HTTPStatus.OK: SuccessResponse,
+        HTTPStatus.BAD_REQUEST: ErrorResponse,
+        HTTPStatus.INTERNAL_SERVER_ERROR: ServerErrorResponse,
+    },
+)
 async def reset_password(
     request: HttpRequest, credentials: PasswordResetRequest
-) -> dict:
+) -> tuple:
     reset_controller = await ADepends(PasswordResetController)
     return await reset_controller.request_password_reset(credentials)
+
+
+# TODO: Implement router for password reset confirm and change password
+
+
+@router.post(
+    "/confirm",
+    response={
+        HTTPStatus.OK: SuccessResponse,
+        HTTPStatus.BAD_REQUEST: ErrorResponse,
+        HTTPStatus.INTERNAL_SERVER_ERROR: ServerErrorResponse,
+    },
+)
+async def confirm_password_reset(
+    request: HttpRequest, credentials: ConfirmPasswordResetRequest
+) -> tuple:
+    reset_controller = await ADepends(PasswordResetController)
+    return await reset_controller.confirm_password_reset(credentials)

src/api/routes/User.py

@@ -12,7 +12,10 @@
     ServerErrorResponse,
 )
 from src.api.models.payload.responses.SuccessResponse import SuccessResponse
-from src.api.models.payload.requests.UpdateUserRequest import UpdateUserRequest
+from src.api.models.payload.requests.UpdateUserRequest import (
+    UpdateUserRequest,
+    ChangeUserPasswordRequest,
+)
 
 router = Router()
 
@@ -57,3 +60,19 @@ async def update_user(request: HttpRequest, user_data: UpdateUserRequest) -> tup
     user_id = getattr(request, "auth_id", "")
     user_controller = await ADepends(UserController)
     return await user_controller.update_user(user_id, user_data)
+
+
+@router.put(
+    "/change-password",
+    response={
+        HTTPStatus.OK: SuccessResponse,
+        HTTPStatus.BAD_REQUEST: ErrorResponse,
+        HTTPStatus.INTERNAL_SERVER_ERROR: ServerErrorResponse,
+    },
+)
+async def update_password(
+    request: HttpRequest, user_data: ChangeUserPasswordRequest
+) -> tuple:
+    user_id = getattr(request, "auth_id", "")
+    user_controller = await ADepends(UserController)
+    return await user_controller.change_password(user_id, user_data)