forgot password and change password and verify otp

9 months ago · 0951776ec8
parent 845729fbb2
commit 0951776ec8
2 changed files with 250 additions and 36 deletions
--- a/src/handlers/userHandler.js
+++ b/src/handlers/userHandler.js
@ -308,61 +308,203 @@ exports.fieldCheck = async (req, reply) => {
 exports.verifyPhone = async (req, reply) => {
  console.log("-------------------------------------------------");
  try {
-    phone = req.body.phone;
-    phoneVerificationCode = req.body.phoneVerificationCode;
+    const { phone, phoneVerificationCode } = req.body;

-    // check if user exists in the system. If user exists , display message that
-    // username is not available
    console.log(
-      "this is the phone and verification code",
+      "Received phone and verification code:",
      phone,
      phoneVerificationCode
    );
-    userExists = await User.findOne({
-      phone: phone,
-      phoneVerified: false,
-      phoneVerificationCode: phoneVerificationCode,
+
+    // Check if the user exists
+    const userExists = await User.findOne({
+      phone,
+      phoneVerificationCode,
+     // phoneVerified: false,
    });
-    console.log(userExists);
+
+    console.log("Matching user:", userExists);
+
    if (userExists) {
-      // update the phoneVerified flag to true.
-      const filter = {
-        phone: phone,
-        phoneVerificationCode: phoneVerificationCode,
-      };
-      const update = { phoneVerified: true };
-      const doc = await User.findOneAndUpdate(filter, update);
-      updatedUser = await User.findOne({ phone: phone });
+      // Update the phoneVerified flag to true
+      const filter = { phone, phoneVerificationCode };
+      const update = { $set: { phoneVerified: true } };

-      if (updatedUser.phoneVerified) {
-        reply.send('{"armintatankdata":{"error":false,"verified": true}}');
+      const doc = await User.findOneAndUpdate(filter, update, { new: true });
+
+      console.log("Updated user:", doc);
+
+      if (doc && doc.phoneVerified) {
+        reply.send({ doc,
+          armintatankdata: {
+            error: false,
+            verified: true,
+          },
+        });
      } else {
-        error = {
+        reply.send({
          armintatankdata: {
            error: true,
            code: 10005,
            message: "10005 - Verification code entered cannot be validated.",
          },
-        };
-        req.body.regError = error;
-        reply.send(error);
+        });
      }
    } else {
-      error = {
+      reply.send({
        armintatankdata: {
          error: true,
          code: 10005,
          message: "10005 - Verification code entered cannot be validated.",
        },
+      });
+    }
+  } catch (err) {
+    console.error("Error in verifyPhone:", err);
+    throw boom.boomify(err);
+  }
 };
-      req.body.regError = error;
-      reply.send(error);
+
+exports.changePassword = async (req, reply) => {
+  try {
+    const { phone, newPassword, confirmPassword } = req.body;
+
+    // Check if newPassword and confirmPassword match
+    if (newPassword !== confirmPassword) {
+      return reply.send({
+        armintatankdata: {
+          error: true,
+          code: 10010,
+          message: "Passwords do not match.",
+        },
+      });
+    }
+
+    // Hash the new password
+    const hash = await bcryptPassword(newPassword);
+
+    // Check if user exists
+    const userExists = await User.findOne({ phone });
+    if (!userExists) {
+      return reply.send({
+        armintatankdata: {
+          error: true,
+          code: 10009,
+          message: "User not found.",
+        },
+      });
+    }
+
+    // Update the password in the database
+    const updateResult = await User.updateOne(
+      { phone },
+      {
+        $set: {
+          "services.password.bcrypt": hash,
+          oneTimePasswordSetFlag: false,
+        },
+      }
+    );
+
+    // Check the result of the update operation
+    if (updateResult.nModified > 0) {
+      // Fetch the updated user data
+      const updatedUser = await User.findOne({ phone });
+
+      return reply.send({
+        armintatankdata: {
+          error: false,
+          passwordChanged: true,
+          userData: updatedUser, // Include updated user data
+          message: "Password updated successfully.",
+        },
+      });
+    } else {
+      return reply.send({
+        armintatankdata: {
+          error: true,
+          code: 10011,
+          message: "Failed to update the password. Try again.",
+        },
+      });
    }
  } catch (err) {
+    console.error("Error in changePassword:", err);
    throw boom.boomify(err);
  }
 };

+exports.verifyOldNewPassword = async (req, reply) => {
+  try {
+    const { phone, oldPassword, newPassword } = req.body;
+
+    // Check if the user exists with the provided mobile number
+    const user = await User.findOne({ phone });
+    if (!user) {
+      return reply.send({
+        armintatankdata: {
+          error: true,
+          code: 10009,
+          message: "User not found.",
+        },
+      });
+    }
+
+    // Verify the old password
+    const isOldPasswordCorrect = await bcrypt.compare(oldPassword, user.services.password.bcrypt);
+    if (!isOldPasswordCorrect) {
+      return reply.send({
+        armintatankdata: {
+          error: true,
+          code: 10012,
+          message: "Old password is incorrect.",
+        },
+      });
+    }
+
+    // Hash the new password
+    const hashedNewPassword = await bcrypt.hash(newPassword, 10); // Ensure you use bcrypt.hash here
+
+    // Update the password in the database
+    const updateResult = await User.updateOne(
+      { phone },
+      {
+        $set: {
+          "services.password.bcrypt": hashedNewPassword,
+          oneTimePasswordSetFlag: false,
+        },
+      }
+    );
+
+    // Check if the update was successful
+    if (updateResult.nModified > 0) {
+      // Fetch the updated user details to send back in the response
+      const updatedUser = await User.findOne({ phone }).select('-services.password.bcrypt'); // Exclude the password
+
+      return reply.send({
+        armintatankdata: {
+          error: false,
+          message: "Password changed successfully.",
+          updatedUser, // Include the updated user details
+        },
+      });
+    } else {
+      return reply.send({
+        armintatankdata: {
+          error: true,
+          code: 10011,
+          message: "Failed to update the password. Try again.",
+        },
+      });
+    }
+  } catch (err) {
+    console.error("Error in changePassword:", err);
+    throw boom.boomify(err);
+  }
+};
+
+
+
 exports.sendPhoneVerificationCode = async (req, reply) => {
  // Setting a regError in request so a user is not sent a verificaiton code if registration is not successful
  // checkign if regError property is available in the req body, if it exists , do not send the message
@ -603,7 +745,7 @@ exports.resetPassword = async (req, reply) => {

    userExists = await User.findOne({
      phone: phone,
-     // phoneVerificationCode: phoneVerificationCode,
+      phoneVerificationCode: phoneVerificationCode,
    });
    console.log("userExists===", userExists);
    if (userExists) {
@ -611,7 +753,7 @@ exports.resetPassword = async (req, reply) => {

      const filter = {
        phone: phone,
-        //phoneVerificationCode: phoneVerificationCode,
+        phoneVerificationCode: phoneVerificationCode,
      };
      console.log("filter", filter);

--- a/src/routes/usersRoute.js
+++ b/src/routes/usersRoute.js
@ -215,6 +215,82 @@ module.exports = function (fastify, opts, next) {
    handler: validationHandler.verifyPhone,
  });

+  fastify.route({
+    method: "POST",
+    url: "/api/forgot-change-password",
+    schema: {
+      tags: ["User"],
+      description: "After OTP validation Change user password using mobile number and confirmation.",
+      summary: "After OTP validation Change user password using mobile number and confirmation.",
+      body: {
+        type: "object",
+        required: ["phone", "newPassword", "confirmPassword"],
+        properties: {
+          phone: { type: "string" },
+          newPassword: { type: "string" },
+          confirmPassword: { type: "string"},
+        },
+      },
+      security: [
+        {
+          basicAuth: [],
+        },
+      ],
+    },
+    handler: validationHandler.changePassword,
+  });
+  
+
+  fastify.route({
+    method: "POST",
+    url: "/api/change-password",
+    schema: {
+      tags: ["User"],
+      description: "Users to change their password using mobile number, old password, and new password.",
+      summary: "Users to change their password using mobile number, old password, and new password.",
+      body: {
+        type: "object",
+        required: ["phone", "oldPassword", "newPassword"],
+        properties: {
+          phone: { type: "string"},
+          oldPassword: { type: "string"},
+          newPassword: { type: "string" },
+          //confirmPassword: { type: "string", minLength: 6 },
+        },
+      },
+    },
+    handler: validationHandler.verifyOldNewPassword, // Adjust the path to your handler
+  });
+  
+
+  // fastify.route({
+  //   method: "POST",
+  //   url: "/api/forgotpassword",
+  //   schema: {
+  //     tags: ["User"],
+  //     description: "This is for forget password for the User.",
+  //     summary: "This is for forget User Password.",
+  //     body: {
+  //       type: "object",
+  //       required: ["phone"],
+  //       properties: {
+  //         phone: { type: "string" },
+  //       },
+  //     },
+  //     security: [
+  //       {
+  //         basicAuth: [],
+  //       },
+  //     ],
+  //   },
+  //   // preHandler: [validationHandler.],
+  //   handler: userController.forgotPassword,
+  //   onResponse: (request, reply) => {
+  //     validationHandler.sendPasswordResetCode(request, reply);
+  //   },
+  // });
+  
+
  fastify.route({
    method: "POST",
    url: "/api/forgotpassword",
@ -235,11 +311,7 @@ module.exports = function (fastify, opts, next) {
        },
      ],
    },
-    // preHandler: [validationHandler.],
    handler: userController.forgotPassword,
-    onResponse: (request, reply) => {
-      validationHandler.sendPasswordResetCode(request, reply);
-    },
  });
  

@ -279,10 +351,10 @@ module.exports = function (fastify, opts, next) {
      summary: "This is for Reset User Password.",
      body: {
        type: "object",
-        required: ["phone", "resetPasswordCode", "newPassword"],
+        //required: ["phone", "passwordResetCode", "newPassword"],
        properties: {
          phone: { type: "string" },
-          resetPasswordCode: { type: "string" },
+          phoneVerificationCode: { type: "string" },
          newPassword: { type: "string" },
        },
      },