(WIP) Added pw reset token row, added checks to reset function

2024-10-29 22:49:21 +01:00
parent 5a36d10f0e
commit a4e96f9ede
7 changed files with 73 additions and 16 deletions
--- a/src/services/userService.ts
+++ b/src/services/userService.ts
@ -1,8 +1,9 @@
 import bcrypt from 'bcryptjs'
 import UserRepository from '../repositories/userRepository'
 import prisma from '../utilities/prisma'
-import { User } from '@prisma/client'
+import { User, PasswordResetToken } from '@prisma/client'
 import config from '../utilities/config'
+import NodeMailer from 'nodemailer'

 /**
 * User service
@ -59,10 +60,27 @@ class UserService {
   * Reset password
   * @param email
   */
-  async resetPassword(email: string): Promise<boolean | User> {
-    const nodemailer = require("nodemailer");
+  async resetPassword(email: string): Promise<boolean | undefined> {

-    const transporter = nodemailer.createTransport({
+    const user = await UserRepository.getByEmail(email)
+    if ( !user ) return
+    const token = await bcrypt.genSalt(10)
+
+    //Check if password reset has been requested recently
+    if (await prisma.passwordResetToken.findFirst({
+      where: {
+        userId: user.id
+      },
+    })) return
+
+    prisma.passwordResetToken.create({
+      data: {
+        userId: user.id,
+        token: token,
+      }
+    });
+
+    const transporter = NodeMailer.createTransport({
      host: config.SMTP_HOST,
      port: config.SMTP_PORT,
      secure: false,
@ -76,12 +94,15 @@ class UserService {
      from: config.SMTP_USER,
      to: email,
      subject: "Reset your password",
-      text: "A password reset has been requested, reset your password here: ", // Plain text body
-      html: "<p>A password reset has been requested, reset your password here: </p>", // Html body
+      text: "A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/" + token, // Plain text body
+      html: "<p>A password reset has been requested, reset your password here: " + config.CLIENT_URL + "/" + token + "</p>", // Html body
    });
    console.log("Message sent: %s", info.messageId);

-    return info.messageId
+
+    if (info) {
+      return true
+    }
  }
 }

--- a/src/utilities/config.ts
+++ b/src/utilities/config.ts
@ -7,6 +7,7 @@ class config {
  static REDIS_URL: string = process.env.REDIS_URL || 'redis://@127.0.0.1:6379/4'
  static HOST: string = process.env.HOST || '0.0.0.0'
  static PORT: number = process.env.PORT ? parseInt(process.env.PORT) : 6969
+  static CLIENT_URL: string = process.env.CLIENT_URL ? process.env.CLIENT_URL : 'https://sylvan.quest/'
  static JWT_SECRET: string = process.env.JWT_SECRET || 'secret'

  static ALLOW_DIAGONAL_MOVEMENT: boolean = process.env.ALLOW_DIAGONAL_MOVEMENT === 'true'
--- a/src/utilities/http.ts
+++ b/src/utilities/http.ts
@ -73,9 +73,9 @@ async function addHttpRoutes(app: Application) {
    }

    const userService = new UserService()
-    const user = await userService.resetPassword( email )
+    const sentEmail = await userService.resetPassword( email )

-    if (user) {
+    if (sentEmail) {
      return res.status(200).json({ message: 'Email has been sent' })
    }