feat(auth): add resetPasswordByEmail method

added password/email and password/reset router

Author: neverovski

src/modules/auth/auth.controller.ts

@@ -14,6 +14,7 @@ import {
   AuthPlatformRequest,
   AuthRefreshToken,
   AuthRefreshTokenRequest,
+  AuthResetPasswordByEmailRequest,
 } from './auth.type';
 import { AuthTokenDto } from './dto';
 import { IAuthController, IAuthService } from './interface';
@@ -188,33 +189,32 @@ export class AuthController extends ControllerCore implements IAuthController {
     return this.sendJson(res, data);
   }
 
-  // /**
-  //  * @openapi
-  //  * /api/auth/password/reset:
-  //  *   post:
-  //  *      tags: [Auth]
-  //  *      summary: Reset password
-  //  *      description: ''
-  //  *      requestBody:
-  //  *        $ref: '#/components/requestBodies/ResetPasswordRequest'
-  //  *      responses:
-  //  *        200:
-  //  *          $ref: '#/components/responses/HttpOk'
-  //  *        422:
-  //  *          $ref: '#/components/responses/HttpUnprocessableEntity'
-  //  *        500:
-  //  *          $ref: '#/components/responses/HttpInternalServerError'
-  //  */
-  // async resetPassword(
-  //   req: Request<any, any, ResetPasswordRequest>,
-  //   res: Response,
-  // ) {
-  //   await this.service.resetPassword(req.body);
-
-  //   this.response(res, {
-  //     data: Exception.getOk(HttpCode.OK, {
-  //       message: i18n()['message.passwordReset.successfully'],
-  //     }),
-  //   });
-  // }
+  /**
+   * @openapi
+   * /api/auth/password/reset:
+   *   post:
+   *      tags: [Auth]
+   *      summary: Reset password
+   *      description: ''
+   *      requestBody:
+   *        $ref: '#/components/requestBodies/ResetPasswordRequest'
+   *      responses:
+   *        200:
+   *          $ref: '#/components/responses/HttpOk'
+   *        422:
+   *          $ref: '#/components/responses/HttpUnprocessableEntity'
+   *        500:
+   *          $ref: '#/components/responses/HttpInternalServerError'
+   */
+  async resetPasswordByEmail(
+    req: AuthResetPasswordByEmailRequest,
+    res: ExpressResponse,
+  ) {
+    await this.service.resetPasswordByEmail(req.body);
+    const message = this.getMessage(
+      i18n()['message.passwordReset.successfully'],
+    );
+
+    return this.sendJson(res, message);
+  }
 }

src/modules/auth/auth.router.ts

@@ -58,15 +58,20 @@ export class AuthRouter extends RouterCore {
       ),
     );
 
-    // this.router.post(
-    //   '/password/email',
-    //   ValidateMiddleware.handler(ForgotPasswordSchema),
-    //   AsyncMiddleware(this.controller.forgotPassword.bind(this.controller)),
-    // );
-    // this.router.post(
-    //   '/password/reset',
-    //   ValidateMiddleware.handler(ResetPasswordSchema),
-    //   AsyncMiddleware(this.controller.resetPassword.bind(this.controller)),
-    // );
+    this.router.post(
+      AuthRouterLink.PASSWORD_EMAIL,
+      this.validateMiddleware.handler(this.schema.forgotPasswordByEmail()),
+      this.asyncMiddleware.handler(
+        this.controller.forgotPasswordByEmail.bind(this.controller),
+      ),
+    );
+
+    this.router.post(
+      AuthRouterLink.PASSWORD_RESET,
+      this.validateMiddleware.handler(this.schema.resetPasswordByEmail()),
+      this.asyncMiddleware.handler(
+        this.controller.resetPasswordByEmail.bind(this.controller),
+      ),
+    );
   }
 }

src/modules/auth/auth.schema.ts

@@ -64,17 +64,18 @@ export class AuthSchema extends SchemaCore implements IAuthSchema {
     };
   }
 
-  resetPassword(): JsonSchemaOptions {
+  resetPasswordByEmail(): JsonSchemaOptions {
     return {
       body: {
-        $id: this.getIdKey('resetPassword'),
+        $id: this.getIdKey('resetPasswordByEmail'),
         $schema: 'http://json-schema.org/draft-07/schema#',
         type: 'object',
         additionalProperties: false,
-        required: ['token', 'newPassword'],
+        required: ['token', 'password', 'email'],
         properties: {
+          ...this.getEmail(),
           ...this.getPassword('token'),
-          ...this.getPassword('newPassword'),
+          ...this.getPassword('password'),
         },
       },
     };

src/modules/auth/auth.type.ts

@@ -9,7 +9,10 @@ export type AuthPlatform = { platform: PlatformName; token: string };
 export type AuthRefreshToken = { refreshToken: Token };
 
 export type AuthForgotPasswordByEmail = { email: Email };
-export type AuthResetPassword = { newPassword: Password; token: Token };
+export type AuthResetPasswordByEmail = AuthForgotPasswordByEmail & {
+  password: Password;
+  token: Token;
+};
 
 export type AuthVerifyEmail = { token: Token };
 
@@ -38,6 +41,11 @@ export type AuthForgotPasswordByEmailRequest = ExpressRequest<
   unknown,
   AuthForgotPasswordByEmail
 >;
+export type AuthResetPasswordByEmailRequest = ExpressRequest<
+  unknown,
+  unknown,
+  AuthResetPasswordByEmail
+>;
 
 //email/verify - GET send link to email
 //email/verify/{token} - GET

src/modules/auth/interface/auth.controller.interface.ts

@@ -6,6 +6,7 @@ import {
   AuthLogoutRequest,
   AuthPlatformRequest,
   AuthRefreshTokenRequest,
+  AuthResetPasswordByEmailRequest,
 } from '../auth.type';
 
 export interface IAuthController {
@@ -20,4 +21,8 @@ export interface IAuthController {
     req: AuthRefreshTokenRequest,
     res: ExpressResponse,
   ): Promise<void>;
+  resetPasswordByEmail(
+    req: AuthResetPasswordByEmailRequest,
+    res: ExpressResponse,
+  ): Promise<void>;
 }

src/modules/auth/interface/auth.schema.interface.ts

@@ -5,5 +5,5 @@ export interface IAuthSchema {
   login(): JsonSchemaOptions;
   platform(): JsonSchemaOptions;
   refreshToken(): JsonSchemaOptions;
-  resetPassword(): JsonSchemaOptions;
+  resetPasswordByEmail(): JsonSchemaOptions;
 }

src/modules/auth/interface/service/auth.service.interface.ts

@@ -5,6 +5,7 @@ import {
   AuthLogout,
   AuthPlatform,
   AuthRefreshToken,
+  AuthResetPasswordByEmail,
   AuthToken,
 } from '../../auth.type';
 
@@ -14,5 +15,5 @@ export interface IAuthService {
   logout(data: AuthLogout): Promise<void>;
   platform(data: AuthPlatform, ctx?: AuthCtx): Promise<AuthToken>;
   refreshToken(data: AuthRefreshToken, ctx?: AuthCtx): Promise<AuthToken>;
-  // resetPassword(data: AuthResetPassword): Promise<void>;
+  resetPasswordByEmail(data: AuthResetPasswordByEmail): Promise<void>;
 }

src/modules/auth/service/auth.service.ts

@@ -1,7 +1,11 @@
 import { inject as Inject, injectable as Injectable } from 'tsyringe';
 
-import { OtpType, TokenType } from '@common/enums';
+import { OtpType, TemplatePath, TokenType } from '@common/enums';
 import { ServiceCore } from '@core/service';
+import {
+  INotificationService,
+  NotificationInject,
+} from '@modules/notification';
 import { IOtpService, OtpInject } from '@modules/otp';
 import { IPlatformService, PlatformInject } from '@modules/platform';
 import {
@@ -23,6 +27,7 @@ import {
   AuthLogout,
   AuthPlatform,
   AuthRefreshToken,
+  AuthResetPasswordByEmail,
   AuthToken,
 } from '../auth.type';
 import { IAuthService, IAuthTokenService } from '../interface';
@@ -33,6 +38,8 @@ export class AuthService extends ServiceCore implements IAuthService {
     @Inject(AuthInject.TOKEN_SERVICE)
     private authTokenService: IAuthTokenService,
     @Inject(LoggerInject.SERVICE) protected readonly logger: ILoggerService,
+    @Inject(NotificationInject.SERVICE)
+    private readonly notificationService: INotificationService,
     @Inject(OtpInject.SERVICE) private otpService: IOtpService,
     @Inject(PlatformInject.SERVICE) private platformService: IPlatformService,
     @Inject(RefreshTokenInject.SERVICE)
@@ -82,6 +89,28 @@ export class AuthService extends ServiceCore implements IAuthService {
     return this.getTokens(user);
   }
 
+  async resetPasswordByEmail({
+    email,
+    token,
+    password,
+  }: AuthResetPasswordByEmail) {
+    const user = await this.userService.getOne({ email });
+
+    if (user) {
+      await this.otpService.verifyCode({
+        code: token,
+        type: OtpType.RESET_PASSWORD_BY_EMAIL,
+        user,
+      });
+      await this.userService.update({ id: user.id }, { password });
+
+      this.notificationService.send(
+        { email },
+        { templatePath: TemplatePath.PASSWORD_CHANGED },
+      );
+    }
+  }
+
   protected async getTokens(user: FullUser): Promise<AuthToken> {
     const [accessToken, refreshToken] = await Promise.all([
       this.authTokenService.getAccessToken(user.id, user.getPayload()),
@@ -94,45 +123,4 @@ export class AuthService extends ServiceCore implements IAuthService {
       refreshToken,
     };
   }
-
-  // async resetPassword({ password, token }: ResetPasswordRequest) {
-  //   const { jti, email } = await Crypto.verifyJwt<JwtPayload>(
-  //     token,
-  //     JwtConfig.secretToken,
-  //   );
-
-  // await this.userService.update({ id: user.id }, { password: password });
-
-  //   void this.notificationService.send(query, {
-  //     template: TemplateType.PASSWORD_CHANGED,
-  //   });
-
-  //   try {
-  //     await this.userService.update(
-  //       { email, resetPasswordCode: jti },
-  //       { password: password },
-  //     );
-  //     void this.notificationService.addToQueue({
-  //       email,
-  //       template: TemplateType.PASSWORD_CHANGED,
-  //     });
-  //   } catch {
-  //     throw Exception.getError(HttpCode.UNPROCESSABLE_ENTITY, {
-  //       errors: { token: i18n()['validate.token.resetPassword'] },
-  //     });
-  //   }
-  // }
 }
-
-// Создаем таблице OTP (one time password) для хранения временных кодов
-// для восстановления пароля, подтверждения email, подтверждения телефона, подтверждения смены email и т.д.
-// В таблице должны быть поля: id, user_id, code, type, expired_at, created_at, updated_at.
-// Поле type должно быть enum со значениями: reset_password, confirm_email, confirm_phone, change_email.
-// Поле code должно содержать код, который будет отправляться на email или телефон.
-// Поле expired_at должно содержать время, когда код перестанет быть действительным.
-// Отправлять код на email будем как jwt токен, в котором будет зашифрован id пользователя, код и тип кода.
-// Далее добавить env OTP_RESET_PASSWORD_EXPIRED_AT, OTP_CONFIRM_EMAIL_EXPIRED_AT, OTP_CONFIRM_PHONE_EXPIRED_AT, OTP_CHANGE_EMAIL_EXPIRED_AT и тд
-// В сервисе Auth добавить методы: forgotPasswordByEmail, resetPasswordByEmail
-// В методе forgotPasswordByEmail создаем код, сохраняем его в таблицу OTP и отправляем на email.
-// В методе resetPasswordByEmail проверяем код, если код не найден или просрочен, то выкидываем ошибку.
-// Если код найден и не просрочен, то обновляем пароль пользователя и удаляем код из таблицы OTP.