Reset password resp (#242)

porcellus · Mihaly Lengyel · Rishabh · web-flow · commit d07022618e00 · 2022-01-31T13:05:31.000+05:30
* Adding userId to the reset password consume API response

* Fixed core version reference

* Updated changelog

* Reverted accidental update

* Updated changelog and version references

* sends optional user ID from API recipe function as well

* adds 2.12 CDI version support and adds test

* small bug fix in types

Co-authored-by: Mihaly Lengyel &lt;mihaly.lengyel@tresorit.com&gt;
Co-authored-by: Rishabh &lt;rishabh@supertokens.io&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+### Changed
+
+-   Added userId as an optional property to the response of `recipe/user/password/reset`.
 -   Fixes https://github.com/supertokens/supertokens-node/issues/244 - throws an error if a user tries to update email / password of a third party login user.
 -   add workflow to verify if pr title follows conventional commits
 
diff --git a/coreDriverInterfaceSupported.json b/coreDriverInterfaceSupported.json
@@ -1,4 +1,4 @@
 {
     "_comment": "contains a list of core-driver interfaces branch names that this core supports",
-    "versions": ["2.8", "2.9", "2.10", "2.11"]
+    "versions": ["2.8", "2.9", "2.10", "2.11", "2.12"]
 }
diff --git a/lib/build/recipe/emailpassword/api/passwordReset.js b/lib/build/recipe/emailpassword/api/passwordReset.js
@@ -73,7 +73,14 @@ function passwordReset(apiImplementation, options) {
             });
         }
         let result = yield apiImplementation.passwordResetPOST({ formFields, token, options });
-        utils_1.send200Response(options.res, result);
+        utils_1.send200Response(
+            options.res,
+            result.status === "OK"
+                ? {
+                      status: "OK",
+                  }
+                : result
+        );
         return true;
     });
 }
diff --git a/lib/build/recipe/emailpassword/index.d.ts b/lib/build/recipe/emailpassword/index.d.ts
@@ -45,9 +45,15 @@ export default class Wrapper {
     static resetPasswordUsingToken(
         token: string,
         newPassword: string
-    ): Promise<{
-        status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-    }>;
+    ): Promise<
+        | {
+              status: "OK";
+              userId?: string | undefined;
+          }
+        | {
+              status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+          }
+    >;
     static updateEmailOrPassword(input: {
         userId: string;
         email?: string;
diff --git a/lib/build/recipe/emailpassword/types.d.ts b/lib/build/recipe/emailpassword/types.d.ts
@@ -204,9 +204,19 @@ export declare type RecipeInterface = {
     resetPasswordUsingToken(input: {
         token: string;
         newPassword: string;
-    }): Promise<{
-        status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-    }>;
+    }): Promise<
+        | {
+              status: "OK";
+              /**
+               * The id of the user whose password was reset.
+               * Defined for Core versions 3.9 or later
+               */
+              userId?: string;
+          }
+        | {
+              status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+          }
+    >;
     updateEmailOrPassword(input: {
         userId: string;
         email?: string;
@@ -254,9 +264,15 @@ export declare type APIInterface = {
               }[];
               token: string;
               options: APIOptions;
-          }) => Promise<{
-              status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    userId?: string;
+                }
+              | {
+                    status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+                }
+          >);
     signInPOST:
         | undefined
         | ((input: {
diff --git a/lib/build/recipe/thirdpartyemailpassword/index.d.ts b/lib/build/recipe/thirdpartyemailpassword/index.d.ts
@@ -65,9 +65,15 @@ export default class Wrapper {
     static resetPasswordUsingToken(
         token: string,
         newPassword: string
-    ): Promise<{
-        status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-    }>;
+    ): Promise<
+        | {
+              status: "OK";
+              userId?: string | undefined;
+          }
+        | {
+              status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+          }
+    >;
     static updateEmailOrPassword(input: {
         userId: string;
         email?: string;
diff --git a/lib/build/recipe/thirdpartyemailpassword/types.d.ts b/lib/build/recipe/thirdpartyemailpassword/types.d.ts
@@ -206,9 +206,19 @@ export declare type RecipeInterface = {
     resetPasswordUsingToken(input: {
         token: string;
         newPassword: string;
-    }): Promise<{
-        status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-    }>;
+    }): Promise<
+        | {
+              status: "OK";
+              /**
+               * The id of the user whose password was reset.
+               * Defined for Core versions 3.9 or later
+               */
+              userId?: string;
+          }
+        | {
+              status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+          }
+    >;
     updateEmailOrPassword(input: {
         userId: string;
         email?: string;
@@ -258,9 +268,15 @@ export declare type APIInterface = {
               }[];
               token: string;
               options: EmailPasswordAPIOptions;
-          }) => Promise<{
-              status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    userId?: string;
+                }
+              | {
+                    status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+                }
+          >);
     thirdPartySignInUpPOST:
         | undefined
         | ((input: {
diff --git a/lib/build/version.js b/lib/build/version.js
diff --git a/lib/ts/recipe/emailpassword/api/implementation.ts b/lib/ts/recipe/emailpassword/api/implementation.ts
@@ -84,9 +84,17 @@ export default function getAPIImplementation(): APIInterface {
             }[];
             token: string;
             options: APIOptions;
-        }): Promise<{
-            status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-        }> {
+        }): Promise<
+            | {
+                  status: "OK";
+                  /**
+                   * The id of the user whose password was reset.
+                   * Defined for Core versions 3.9 or later
+                   */
+                  userId?: string;
+              }
+            | { status: "RESET_PASSWORD_INVALID_TOKEN_ERROR" }
+        > {
             let newPassword = formFields.filter((f) => f.id === "password")[0].value;
 
             let response = await options.recipeImplementation.resetPasswordUsingToken({ token, newPassword });
diff --git a/lib/ts/recipe/emailpassword/api/passwordReset.ts b/lib/ts/recipe/emailpassword/api/passwordReset.ts
@@ -50,6 +50,13 @@ export default async function passwordReset(apiImplementation: APIInterface, opt
 
     let result = await apiImplementation.passwordResetPOST({ formFields, token, options });
 
-    send200Response(options.res, result);
+    send200Response(
+        options.res,
+        result.status === "OK"
+            ? {
+                  status: "OK",
+              }
+            : result
+    );
     return true;
 }
diff --git a/lib/ts/recipe/emailpassword/recipeImplementation.ts b/lib/ts/recipe/emailpassword/recipeImplementation.ts
@@ -96,7 +96,17 @@ export default function getRecipeInterface(querier: Querier): RecipeInterface {
         }: {
             token: string;
             newPassword: string;
-        }): Promise<{ status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR" }> {
+        }): Promise<
+            | {
+                  status: "OK";
+                  /**
+                   * The id of the user whose password was reset.
+                   * Defined for Core versions 3.9 or later
+                   */
+                  userId?: string;
+              }
+            | { status: "RESET_PASSWORD_INVALID_TOKEN_ERROR" }
+        > {
             let response = await querier.sendPostRequest(new NormalisedURLPath("/recipe/user/password/reset"), {
                 method: "token",
                 token,
diff --git a/lib/ts/recipe/emailpassword/types.ts b/lib/ts/recipe/emailpassword/types.ts
@@ -200,7 +200,17 @@ export type RecipeInterface = {
     resetPasswordUsingToken(input: {
         token: string;
         newPassword: string;
-    }): Promise<{ status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR" }>;
+    }): Promise<
+        | {
+              status: "OK";
+              /**
+               * The id of the user whose password was reset.
+               * Defined for Core versions 3.9 or later
+               */
+              userId?: string;
+          }
+        | { status: "RESET_PASSWORD_INVALID_TOKEN_ERROR" }
+    >;
 
     updateEmailOrPassword(input: {
         userId: string;
@@ -251,9 +261,15 @@ export type APIInterface = {
               }[];
               token: string;
               options: APIOptions;
-          }) => Promise<{
-              status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    userId?: string;
+                }
+              | {
+                    status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+                }
+          >);
 
     signInPOST:
         | undefined
diff --git a/lib/ts/recipe/thirdpartyemailpassword/types.ts b/lib/ts/recipe/thirdpartyemailpassword/types.ts
@@ -205,7 +205,17 @@ export type RecipeInterface = {
     resetPasswordUsingToken(input: {
         token: string;
         newPassword: string;
-    }): Promise<{ status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR" }>;
+    }): Promise<
+        | {
+              status: "OK";
+              /**
+               * The id of the user whose password was reset.
+               * Defined for Core versions 3.9 or later
+               */
+              userId?: string;
+          }
+        | { status: "RESET_PASSWORD_INVALID_TOKEN_ERROR" }
+    >;
 
     updateEmailOrPassword(input: {
         userId: string;
@@ -259,9 +269,15 @@ export type APIInterface = {
               }[];
               token: string;
               options: EmailPasswordAPIOptions;
-          }) => Promise<{
-              status: "OK" | "RESET_PASSWORD_INVALID_TOKEN_ERROR";
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    userId?: string;
+                }
+              | {
+                    status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
+                }
+          >);
 
     thirdPartySignInUpPOST:
         | undefined
diff --git a/lib/ts/version.ts b/lib/ts/version.ts
@@ -14,4 +14,4 @@
  */
 export const version = "8.5.0";
 
-export const cdiSupported = ["2.8", "2.9", "2.10", "2.11"];
+export const cdiSupported = ["2.8", "2.9", "2.10", "2.11", "2.12"];
diff --git a/test/emailpassword/passwordreset.test.js b/test/emailpassword/passwordreset.test.js
@@ -30,6 +30,7 @@ let passwordReset = require("../../lib/build/recipe/emailpassword/api/passwordRe
 const express = require("express");
 const request = require("supertest");
 let { middleware, errorHandler } = require("../../framework/express");
+let { maxVersion } = require("../../lib/build/utils");
 
 /**
  * TODO: (later) in passwordResetFunctions.ts:
@@ -333,6 +334,7 @@ describe(`passwordreset: ${printPath("[test/emailpassword/passwordreset.test.js]
     it("test valid token input and passoword has changed", async function () {
         await startST();
 
+        let passwordResetUserId = undefined;
         let token = "";
         STExpress.init({
             supertokens: {
@@ -345,6 +347,20 @@ describe(`passwordreset: ${printPath("[test/emailpassword/passwordreset.test.js]
             },
             recipeList: [
                 EmailPassword.init({
+                    override: {
+                        apis: (oI) => {
+                            return {
+                                ...oI,
+                                passwordResetPOST: async function (input) {
+                                    let resp = await oI.passwordResetPOST(input);
+                                    if (resp.userId !== undefined) {
+                                        passwordResetUserId = resp.userId;
+                                    }
+                                    return resp;
+                                },
+                            };
+                        },
+                    },
                     resetPasswordUsingTokenFeature: {
                         createAndSendCustomEmail: (user, passwordResetURLWithToken) => {
                             token = passwordResetURLWithToken.split("?")[1].split("&")[0].split("=")[1];
@@ -410,6 +426,13 @@ describe(`passwordreset: ${printPath("[test/emailpassword/passwordreset.test.js]
                 })
         );
 
+        let currCDIVersion = await Querier.getNewInstanceOrThrowError(undefined).getAPIVersion();
+        if (maxVersion(currCDIVersion, "2.12") === currCDIVersion) {
+            assert(passwordResetUserId !== undefined && passwordResetUserId === userInfo.id);
+        } else {
+            assert(passwordResetUserId === undefined);
+        }
+
         let failureResponse = await new Promise((resolve) =>
             request(app)
                 .post("/auth/signin")

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`	`1`	`{`
`2`	`2`	`"_comment": "contains a list of core-driver interfaces branch names that this core supports",`
`3`		`- "versions": ["2.8", "2.9", "2.10", "2.11"]`
	`3`	`+ "versions": ["2.8", "2.9", "2.10", "2.11", "2.12"]`
`4`	`4`	`}`