diff --git a/README.md b/README.md index bc35048..eeee919 100644 --- a/README.md +++ b/README.md @@ -68,17 +68,11 @@ PORT=5000 # Database Configuration MONGO_URI=mongodb://localhost:27017/rbac +JWT_SECRET=your-secret-key +RESEND_API_KEY=your-resend-api-key -# JWT Configuration -JWT_SECRET=your-super-secret-jwt-key-here -JWT_EXPIRY=1d - -# Refresh Token Configuration -REFRESH_TOKEN_SECRET=your-super-secret-refresh-token-key-here -REFRESH_TOKEN_EXPIRY=7d - -# CORS Configuration -CORS_URL=http://localhost:3000 +🔑 Note: The RESEND_API_KEY can be obtained by creating an account on Resend Mail + and generating an API key. ``` ### 4️⃣ Run the Project diff --git a/package-lock.json b/package-lock.json index 3b10e3a..3463871 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,8 @@ "jsonwebtoken": "^9.0.2", "mongoose": "^8.19.1", "nodemon": "^3.1.10", - "readdirp": "^4.1.2" + "readdirp": "^4.1.2", + "resend": "^6.1.3" }, "devDependencies": { "@commitlint/cli": "^19.1.0", @@ -3188,6 +3189,23 @@ "node": ">=0.10.0" } }, + "node_modules/resend": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/resend/-/resend-6.1.3.tgz", + "integrity": "sha512-vHRdmU3q+nS5x7cYHZpAQ5zpZE+DV+7q6axIUiRcxYsoUpjBuW50zwdrOz+8O6vUbjGFIz4r2qkt4s+2G0y4GA==", + "license": "MIT", + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "@react-email/render": "*" + }, + "peerDependenciesMeta": { + "@react-email/render": { + "optional": true + } + } + }, "node_modules/resolve-from": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", diff --git a/package.json b/package.json index e9d7631..b5ca97c 100644 --- a/package.json +++ b/package.json @@ -26,6 +26,7 @@ "jsonwebtoken": "^9.0.2", "mongoose": "^8.19.1", "nodemon": "^3.1.10", - "readdirp": "^4.1.2" + "readdirp": "^4.1.2", + "resend": "^6.1.3" } } diff --git a/src/controllers/authController.js b/src/controllers/authController.js index 2b2a487..a3528bd 100644 --- a/src/controllers/authController.js +++ b/src/controllers/authController.js @@ -1,4 +1,7 @@ -import { registerUserService, loginUserService, refreshTokenService, logoutService } from '../services/authService.js'; +import { User } from '../models/user.model.js'; +import { registerUserService, loginUserService } from '../services/authService.js'; +import jwt from 'jsonwebtoken' +import { sendEmail } from '../utils/sendEmail.js'; export const registerUser = async (req, res) => { try { @@ -17,6 +20,7 @@ export const registerUser = async (req, res) => { export const loginUser = async (req, res) => { try { const { email, password } = req.body; + const result = await loginUserService({ email, password }); return res.status(200).json({ @@ -33,42 +37,98 @@ export const loginUser = async (req, res) => { } }; -export const refreshToken = async (req, res) => { +export const forgotPassword = async (req, res) => { + const { email } = req.body; + try { - const { refreshToken } = req.body; - const result = await refreshTokenService(refreshToken); + const user = await User.findOne({ email }); + + if (!user) { + return res.status(401).json({ + success: false, + message: "User not found" + }) + } + + const resetToken = jwt.sign( + { id: user._id }, + process.env.JWT_SECRET, + { + expiresIn: '1h' + } + ); + + + user.refreshToken = resetToken; + await user.save(); + + const resetUrl = `http://localhost:5000/api/auth/resetPassword/${resetToken}` + + const html = ` +

Hello ${user.fullname},

+

You requested a password reset. Click below to reset your password:

+ ${resetUrl} +

This link will expire in 1 hour.

+ + ` + await sendEmail(user.email,html); + + console.log(resetUrl); return res.status(200).json({ success: true, - message: 'Token refreshed successfully', - accessToken: result.accessToken, - user: result.user, - }); + message: 'Password reset link sent' + }) } catch (error) { - console.error('Error in refreshToken:', error); - const status = error.statusCode || 401; - return res.status(status).json({ - success: false, - message: error.message || 'Token refresh failed' - }); + console.error(error) + return res.status(500).json({ + success: false, + message: 'server error' + }) + } -}; +} -export const logout = async (req, res) => { + +export const resetPassword = async (req, res) => { try { - const { refreshToken } = req.body; - const result = await logoutService(refreshToken); + const { token } = req.params; + const { password } = req.body; - return res.status(200).json({ - success: true, - message: result.message, - }); + if (!password) { + return res.status(400).json({ + success: false, + message: 'Password is required' + }) + } + + let decoded; + try { + decoded = jwt.verify(token, process.env.JWT_SECRET) + } catch (error) { + + return res.status(400).json({ + success: false, + message: 'Invalid or expired token' + }) + } + + + + const user = await User.findById(decoded.id); + console.log(user) + if (!user || user.refreshToken !== token) { + return res.status(400).json({ success: false, message: 'Invalid or expired token' }); + } + user.password = password; + + + user.refreshToken = undefined; + await user.save(); + return res.status(200).json({ success: true, message: 'Password reset successful' }); } catch (error) { - console.error('Error in logout:', error); - const status = error.statusCode || 400; - return res.status(status).json({ - success: false, - message: error.message || 'Logout failed' - }); + + return res.status(500).json({ success: false, message: 'Server error' }); + } -}; \ No newline at end of file +} diff --git a/src/routes/authRoutes.js b/src/routes/authRoutes.js index c5e7075..669790d 100644 --- a/src/routes/authRoutes.js +++ b/src/routes/authRoutes.js @@ -1,11 +1,12 @@ import express from 'express'; -import { registerUser, loginUser, refreshToken, logout } from '../controllers/authController.js'; +import { registerUser,loginUser, forgotPassword, resetPassword } from '../controllers/authController.js'; +import { authMiddleware } from '../middlewares/auth.middleware.js'; const router = express.Router(); router.post('/register', registerUser); router.post('/login', loginUser); -router.post('/refresh', refreshToken); -router.post('/logout', logout); +router.post('/forgotPassword',forgotPassword); +router.post('/resetPassword/:token',resetPassword); export default router; diff --git a/src/services/authService.js b/src/services/authService.js index 11bcd36..02ee093 100644 --- a/src/services/authService.js +++ b/src/services/authService.js @@ -53,14 +53,17 @@ export const loginUserService = async ({ email, password }) => { } const user = await User.findOne({ email }).populate('role'); + if (!user) { const err = new Error('Invalid credentials'); err.statusCode = 401; throw err; } + - const isMatch = bcrypt.compare(password, user.password); - + const isMatch = await bcrypt.compare(password, user.password); + + if (!isMatch) { const err = new Error('Invalid credentials'); err.statusCode = 401; diff --git a/src/utils/sendEmail.js b/src/utils/sendEmail.js new file mode 100644 index 0000000..c6d5b6c --- /dev/null +++ b/src/utils/sendEmail.js @@ -0,0 +1,21 @@ +import { Resend } from "resend"; +import dotenv from "dotenv"; +dotenv.config(); +const resend = new Resend(process.env.RESEND_API_KEY); + +export const sendEmail = async (to,html) => { + try { + const response = await resend.emails.send({ + from: "Acme ", + to: [to], + subject:"Password reset Link", + html, + }); + + console.log("Email sent successfully:", response); + return response; + } catch (error) { + console.error("Error sending email:", error); + throw new Error("Failed to send email"); + } +} \ No newline at end of file