reset password

Vizzuality · Sep 21, 2024 · d5350a0 · d5350a0
1 parent 77e59e1
commit d5350a0
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 11 deletions.
diff --git a/api/src/modules/auth/authentication/authentication.controller.ts b/api/src/modules/auth/authentication/authentication.controller.ts
@@ -42,14 +42,19 @@ export class AuthenticationController {
   @UseGuards(AuthGuard(ResetPassword))
   @TsRestHandler(authContract.resetPassword)
   async resetPassword(@GetUser() user: User): Promise<ControllerResponse> {
-    return tsRestHandler(authContract.resetPassword, async () => {
-      const userWithAccessToken =
-        await this.passwordRecovery.resetPassword(user);
-      return {
-        body: userWithAccessToken,
-        status: 201,
-      };
-    });
+    return tsRestHandler(
+      authContract.resetPassword,
+      async ({ body: { password } }) => {
+        const userWithAccessToken = await this.passwordRecovery.resetPassword(
+          user,
+          password,
+        );
+        return {
+          body: userWithAccessToken,
+          status: 201,
+        };
+      },
+    );
   }
 
   @TsRestHandler(authContract.requestPasswordRecovery)

diff --git a/api/src/modules/auth/services/password-recovery.service.ts b/api/src/modules/auth/services/password-recovery.service.ts
@@ -7,6 +7,7 @@ import { PasswordRecoveryRequestedEvent } from '@api/modules/events/user-events/
 import { ApiConfigService } from '@api/modules/config/app-config.service';
 import { TOKEN_TYPE_ENUM } from '@shared/schemas/auth/token-type.schema';
 import { User } from '@shared/entities/users/user.entity';
+import * as bcrypt from 'bcrypt';
 
 @Injectable()
 export class PasswordRecoveryService {
@@ -40,7 +41,8 @@ export class PasswordRecoveryService {
     this.eventBus.publish(new PasswordRecoveryRequestedEvent(email, user.id));
   }
 
-  async resetPassword(user: User): Promise<void> {
-    throw new NotImplementedException();
+  async resetPassword(user: User, newPassword: string): Promise<void> {
+    const newHashedPassword = await bcrypt.hash(newPassword, 10);
+    await this.users.updatePassword(user, newHashedPassword);
   }
 }
diff --git a/api/src/modules/users/users.service.ts b/api/src/modules/users/users.service.ts
@@ -26,4 +26,9 @@ export class UsersService {
     }
     return this.repo.save(createUserDto);
   }
+
+  async updatePassword(user: User, newPassword: string) {
+    user.password = newPassword;
+    return this.repo.save(user);
+  }
 }
diff --git a/shared/contracts/auth/auth.contract.ts b/shared/contracts/auth/auth.contract.ts
@@ -36,7 +36,7 @@ export const authContract = contract.router({
       201: null,
       401: null,
     },
-    body: LogInSchema,
+    body: z.object({ password: z.string() }),
   },
   requestPasswordRecovery: {
     method: "POST",