JumboCode · tomasmaranga · Dec 10, 2024 · Dec 10, 2024 · Dec 11, 2024 · Dec 11, 2024
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -21,13 +21,15 @@
     "iconify": "^1.4.0",
     "next": "14.2.14",
     "next-auth": "^4.24.10",
+    "nodemailer": "^6.9.16",
     "prisma": "^5.20.0",
     "react": "^18",
     "react-dom": "^18"
   },
   "devDependencies": {
     "@types/bcryptjs": "^2.4.6",
     "@types/node": "^20",
+    "@types/nodemailer": "^6.4.17",
     "@types/react": "^18",
     "@types/react-dom": "^18",
     "eslint": "^8",

diff --git a/prisma/schema.prisma b/prisma/schema.prisma
@@ -26,6 +26,7 @@ model User {
   email              String             @unique
   password           String             @default("")
   volunteerDetails   VolunteerDetails?
+  code               Code?
   eventIds           String[]           @db.ObjectId
   events             Event[]            @relation(fields: [eventIds], references: [id])
 }
@@ -46,6 +47,14 @@ model VolunteerDetails {
   userId             String             @unique @db.ObjectId
 }
 
+model Code {
+  id                 String             @id @default(auto()) @map("_id") @db.ObjectId
+  codeString         String             @default("")
+  expire             DateTime           @default(now())
+  user               User               @relation(fields: [userId], references: [id])
+  userId             String             @unique @db.ObjectId
+}
+
 model Event {
   id                 String             @id @default(auto()) @map("_id") @db.ObjectId
   userIds            String[]           @db.ObjectId

diff --git a/src/app/api/auth/[...nextauth]/options.ts b/src/app/api/auth/[...nextauth]/options.ts
@@ -30,14 +30,20 @@ export const options: NextAuthOptions = {
         // Docs: https://next-auth.js.org/configuration/providers/credentials
 
         const user: User | null = await getUserByEmailServer(email);
-
+        
         // Check if user exists and if password matches
+        if (!user) {
+          throw new Error("Invalid user");
+        }
         if (user && (await compare(password, user.password))) {
           return user; // Authentication successful
         } else {
-          return null; // Authentication failed
+          throw new Error("Invalid password");
         }
       },
     }),
   ],
+  pages: {
+    signIn: "/public/signIn",
+  },
 };
diff --git a/src/app/api/password/route.client.ts b/src/app/api/password/route.client.ts
@@ -0,0 +1,23 @@
+export const sendForgotCode = async (email: string) => {
+  const response = await fetch("/api/password", {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ email }),
+  });
+
+  const json = await response.json();
+
+  return json;
+};
+
+export const updatePassword = async (email: string, password: string) => {
+  const response = await fetch("/api/password", {
+    method: "PUT",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ email, password }),
+  });
+
+  const json = await response.json();
+
+  return json;
+};
diff --git a/src/app/api/password/route.ts b/src/app/api/password/route.ts
@@ -0,0 +1,76 @@
+import { PrismaClient } from "@prisma/client";
+import { NextRequest, NextResponse } from "next/server";
+import { sendMail } from "../../../lib/nodemail";
+import bcrypt from "bcryptjs";
+
+const prisma = new PrismaClient();
+
+export const POST = async (request: NextRequest) => {
+  try {
+    const { email } = await request.json();
+    const user = await prisma.user.findUnique({
+      where: {
+        email,
+      },
+    });
+    if (!user) {
+      return NextResponse.json({
+        code: "ERROR",
+        message: "Email not found",
+      });
+    }
+
+    const codeString = Math.floor(Math.random() * 10000)
+      .toString()
+      .padStart(4, "6");
+    const expire = new Date(Date.now() + 1000 * 60);
+
+    await prisma.code.update({
+      where: { userId: user.id },
+      data: { codeString, expire },
+    });
+
+    await sendMail(email, codeString);
+
+    return NextResponse.json({
+      code: "SUCCESS",
+      message: "Forgot password email sent",
+    });
+  } catch (error) {
+    console.error("Error:", error);
+    return NextResponse.json({
+      code: "ERROR",
+      message: error,
+    });
+  }
+};
+
+export const PUT = async (request: NextRequest) => {
+  try {
+    const { email, password } = await request.json();
+
+    // Hash the user's new password
+    const saltRounds = 10;
+    const hashedPassword = await bcrypt.hash(password, saltRounds);
+
+    await prisma.user.update({
+      where: {
+        email,
+      },
+      data: {
+        password: hashedPassword,
+      },
+    });
+
+    return NextResponse.json({
+      code: "SUCCESS",
+      message: "Password successfully updated",
+    });
+  } catch (error) {
+    console.error("Error:", error);
+    return NextResponse.json({
+      code: "ERROR",
+      message: error,
+    });
+  }
+};
diff --git a/src/app/api/user/route.ts b/src/app/api/user/route.ts
@@ -33,6 +33,14 @@ export const POST = async (request: NextRequest) => {
       },
     });
 
+    await prisma.code.create({
+      data: {
+        codeString: "",
+        expire: new Date(),
+        userId: savedUser.id,
+      },
+    });
+
     return NextResponse.json({
       code: "SUCCESS",
       message: `User created with email: ${savedUser.email}`,

diff --git a/src/app/api/verify-code/route.client.ts b/src/app/api/verify-code/route.client.ts
@@ -0,0 +1,11 @@
+export const verifyCode = async (email: string, code: string) => {
+  const response = await fetch("/api/verify-code", {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ email, code }),
+  });
+
+  const json = await response.json();
+
+  return json;
+};
diff --git a/src/app/api/verify-code/route.ts b/src/app/api/verify-code/route.ts
@@ -0,0 +1,54 @@
+import { PrismaClient } from "@prisma/client";
+import { NextRequest, NextResponse } from "next/server";
+
+const prisma = new PrismaClient();
+
+export const POST = async (request: NextRequest) => {
+  try {
+    const { email, code } = await request.json();
+    const user = await prisma.user.findUnique({
+      where: {
+        email,
+      },
+    });
+
+    if (!user) {
+      return NextResponse.json({
+        code: "ERROR",
+        message: "Email not found",
+      });
+    }
+
+    const codeDetails = await prisma.code.findUnique({
+      where: { userId: user.id },
+    });
+
+    if (!codeDetails) {
+      return NextResponse.json({
+        code: "ERROR",
+        message: "Code Details not found",
+      });
+    }
+
+    if (
+      codeDetails.codeString !== code ||
+      codeDetails.expire < new Date(Date.now())
+    ) {
+      return NextResponse.json({
+        code: "ERROR",
+        message: "Code is not valid or code is expired",
+      });
+    }
+
+    return NextResponse.json({
+      code: "SUCCESS",
+      message: "Code is valid",
+    });
+  } catch (error) {
+    console.error("Error:", error);
+    return NextResponse.json({
+      code: "ERROR",
+      message: error,
+    });
+  }
+};
diff --git a/src/app/public/login/page.tsx → src/app/public/signIn/page.tsx b/src/app/public/login/page.tsx → src/app/public/signIn/page.tsx