apps/api: add /reset-password method

2024-01-17 17:40:30 +03:00 · 2024-01-17 17:40:30 +03:00 · 01f4378e11
commit 01f4378e11
parent 76c1e0f8d1
5 changed files with 52 additions and 3 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -14,8 +14,8 @@
  "editor.formatOnSave": true,
  "editor.codeActionsOnSave": {
    "source.fixAll": true,
-    "source.fixAll.eslint": true,
-    "source.removeUnusedImports": true
+    "source.fixAll.eslint": true
+    // "source.removeUnusedImports": true
  },
  "workbench.editor.labelFormat": "short",
  "eslint.workingDirectories": [
--- a/apps/api/src/account/account.controller.ts
+++ b/apps/api/src/account/account.controller.ts
@ -3,6 +3,7 @@
 /* eslint-disable import/no-extraneous-dependencies */
 import { AccountService } from './account.service';
 import { CreateAccountDto } from './dto/create-account.dto';
+import { ResetPasswordDto } from './dto/reset-password.dto';
 import {
  Body,
  Controller,
@ -84,6 +85,21 @@ export class AccountController {
    }
  }

+  @Post('/reset-password')
+  @ApiResponse({
+    status: HttpStatus.OK,
+    type: Account,
+  })
+  async resetPassword(@Body() resetPasswordDto: ResetPasswordDto, @Res() reply: FastifyReply) {
+    try {
+      const updatedAccount = await this.accountService.resetPassword(resetPasswordDto);
+
+      return reply.status(HttpStatus.OK).send(updatedAccount);
+    } catch (error) {
+      throw new HttpException(error, HttpStatus.BAD_REQUEST);
+    }
+  }
+
  @Post('/login')
  async login(@Body() credentials: Credentials, @Res() reply: FastifyReply) {
    try {
--- a/apps/api/src/account/account.service.ts
+++ b/apps/api/src/account/account.service.ts
@ -1,4 +1,5 @@
 import type { CreateAccountDto } from './dto/create-account.dto';
+import type { ResetPasswordDto } from './dto/reset-password.dto';
 import { BadRequestException, Injectable, UnauthorizedException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import { InjectModel } from '@nestjs/mongoose';
@ -53,11 +54,20 @@ export class AccountService {
        throw new BadRequestException(`Prop ${field} is not allowed`);
    });

-    this.accountModel.findOneAndUpdate({ username }, props).exec();
+    await this.accountModel.findOneAndUpdate({ username }, props).exec();

    return this.accountModel.findOne({ username });
  }

+  public async resetPassword({ username }: ResetPasswordDto): Promise<Account> {
+    const account = await this.accountModel.findOne({ username });
+    if (!account) throw new UnauthorizedException('Account not found');
+
+    const new_password = generatePassword();
+
+    return { password: new_password, username };
+  }
+
  public async login({ login, password }: Credentials) {
    try {
      const account = await this.accountModel.findOne({ username: login });
--- a/apps/api/src/account/dto/reset-password.dto.ts
+++ b/apps/api/src/account/dto/reset-password.dto.ts
@ -0,0 +1,9 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, IsString } from 'class-validator';
+
+export class ResetPasswordDto {
+  @ApiProperty()
+  @IsString()
+  @IsNotEmpty()
+  public readonly username: string;
+}
--- a/apps/api/src/schemas/account.schema.ts
+++ b/apps/api/src/schemas/account.schema.ts
@ -35,3 +35,17 @@ AccountSchema.pre('save', async function (next) {
    return next(error);
  }
 });
+
+AccountSchema.pre('findOneAndUpdate', async function (next) {
+  try {
+    const password = this.get('password');
+    if (password) {
+      const hash = await bcrypt.hash(password, 10);
+      this.set('password', hash);
+    }
+
+    return next();
+  } catch (error) {
+    return next(error);
+  }
+});