From 982b8947f34dd8949010354a5528937f0d42c864 Mon Sep 17 00:00:00 2001 From: Varun Date: Fri, 31 Jan 2025 11:40:45 +0530 Subject: [PATCH] change password --- src/controllers/userController.js | 70 +++++++++++++++ src/handlers/userHandler.js | 136 +++++++++++++++--------------- src/routes/usersRoute.js | 69 ++++++++++----- 3 files changed, 187 insertions(+), 88 deletions(-) diff --git a/src/controllers/userController.js b/src/controllers/userController.js index f99d7dc2..ff80d789 100644 --- a/src/controllers/userController.js +++ b/src/controllers/userController.js @@ -645,6 +645,76 @@ exports.forgotPassword = async (req, reply) => { }; + + +exports.changePassword = async (req, reply) => { + try { + const {phone, oldPassword, newPassword } = req.body; + + + if (!oldPassword || !newPassword) { + return reply.send({ + armintatankdata: { + error: true, + code: 10008, + message: "10008 - Old password and new password are required", + }, + }); + } + + // Find user by phone + const user = await User.findOne({ phone }); + + if (!user) { + return reply.send({ + armintatankdata: { + error: true, + code: 10006, + message: "10006 - User not found. Please check the phone number.", + }, + }); + } + + // Verify old password + const isMatch = await bcrypt.compare(oldPassword, user.services.password.bcrypt); + + if (!isMatch) { + return reply.send({ + armintatankdata: { + error: true, + code: 10009, + message: "10009 - Incorrect old password", + }, + }); + } + + // Hash new password + const hashedPassword = await bcrypt.hash(newPassword, 10); + + // Update password + await User.updateOne( + { phone }, + { + $set: { + "services.password.bcrypt": hashedPassword, + oneTimePasswordSetFlag: false, // Reset OTP flag after password change + }, + } + ); + + reply.send({ + armintatankdata: { + error: false, + message: "Password changed successfully", + }, + }); + } catch (err) { + throw boom.boomify(err); + } +}; + + + exports.forgotPasswordSupplier = async (req, reply) => { try { // Create a new Supplier object from the request body diff --git a/src/handlers/userHandler.js b/src/handlers/userHandler.js index ebbef9c0..f6671c0e 100644 --- a/src/handlers/userHandler.js +++ b/src/handlers/userHandler.js @@ -462,74 +462,74 @@ exports.changePassword = async (req, reply) => { }; -exports.verifyOldNewPassword = async (req, reply) => { - try { - const { phone, oldPassword, newPassword } = req.body; - - // Check if the user exists with the provided mobile number - const user = await User.findOne({ phone }); - if (!user) { - return reply.send({ - armintatankdata: { - error: true, - code: 10009, - message: "User not found.", - }, - }); - } - - // Verify the old password - const isOldPasswordCorrect = await bcrypt.compare(oldPassword, user.services.password.bcrypt); - if (!isOldPasswordCorrect) { - return reply.send({ - armintatankdata: { - error: true, - code: 10012, - message: "Old password is incorrect.", - }, - }); - } - - // Hash the new password - const hashedNewPassword = await bcrypt.hash(newPassword, 10); // Ensure you use bcrypt.hash here - - // Update the password in the database - const updateResult = await User.updateOne( - { phone }, - { - $set: { - "services.password.bcrypt": hashedNewPassword, - oneTimePasswordSetFlag: false, - }, - } - ); - - // Check if the update was successful - if (updateResult.nModified > 0) { - // Fetch the updated user details to send back in the response - const updatedUser = await User.findOne({ phone }).select('-services.password.bcrypt'); // Exclude the password - - return reply.send({ - armintatankdata: { - error: false, - message: "Password changed successfully.", - updatedUser, // Include the updated user details - }, - }); - } else { - return reply.send({ - armintatankdata: { - error: true, - code: 10011, - message: "Failed to update the password. Try again.", - }, - }); - } - } catch (err) { - console.error("Error in changePassword:", err); - throw boom.boomify(err); - } -}; +// exports.verifyOldNewPassword = async (req, reply) => { +// try { +// const { phone, oldPassword, newPassword } = req.body; + +// // Check if the user exists with the provided mobile number +// const user = await User.findOne({ phone }); +// if (!user) { +// return reply.send({ +// armintatankdata: { +// error: true, +// code: 10009, +// message: "User not found.", +// }, +// }); +// } + +// // Verify the old password +// const isOldPasswordCorrect = await bcrypt.compare(oldPassword, user.services.password.bcrypt); +// if (!isOldPasswordCorrect) { +// return reply.send({ +// armintatankdata: { +// error: true, +// code: 10012, +// message: "Old password is incorrect.", +// }, +// }); +// } + +// // Hash the new password +// const hashedNewPassword = await bcrypt.hash(newPassword, 10); // Ensure you use bcrypt.hash here + +// // Update the password in the database +// const updateResult = await User.updateOne( +// { phone }, +// { +// $set: { +// "services.password.bcrypt": hashedNewPassword, +// oneTimePasswordSetFlag: false, +// }, +// } +// ); + +// // Check if the update was successful +// if (updateResult.nModified > 0) { +// // Fetch the updated user details to send back in the response +// const updatedUser = await User.findOne({ phone }).select('-services.password.bcrypt'); // Exclude the password + +// return reply.send({ +// armintatankdata: { +// error: false, +// message: "Password changed successfully.", +// updatedUser, // Include the updated user details +// }, +// }); +// } else { +// return reply.send({ +// armintatankdata: { +// error: true, +// code: 10011, +// message: "Failed to update the password. Try again.", +// }, +// }); +// } +// } catch (err) { +// console.error("Error in changePassword:", err); +// throw boom.boomify(err); +// } +// }; diff --git a/src/routes/usersRoute.js b/src/routes/usersRoute.js index 2583ab63..156e6c31 100644 --- a/src/routes/usersRoute.js +++ b/src/routes/usersRoute.js @@ -241,26 +241,26 @@ module.exports = function (fastify, opts, next) { }); - fastify.route({ - method: "POST", - url: "/api/change-password", - schema: { - tags: ["User"], - description: "Users to change their password using mobile number, old password, and new password.", - summary: "Users to change their password using mobile number, old password, and new password.", - body: { - type: "object", - required: ["phone", "oldPassword", "newPassword"], - properties: { - phone: { type: "string"}, - oldPassword: { type: "string"}, - newPassword: { type: "string" }, - //confirmPassword: { type: "string", minLength: 6 }, - }, - }, - }, - handler: validationHandler.verifyOldNewPassword, // Adjust the path to your handler - }); + // fastify.route({ + // method: "POST", + // url: "/api/change-password", + // schema: { + // tags: ["User"], + // description: "Users to change their password using mobile number, old password, and new password.", + // summary: "Users to change their password using mobile number, old password, and new password.", + // body: { + // type: "object", + // required: ["phone", "oldPassword", "newPassword"], + // properties: { + // phone: { type: "string"}, + // oldPassword: { type: "string"}, + // newPassword: { type: "string" }, + // //confirmPassword: { type: "string", minLength: 6 }, + // }, + // }, + // }, + // handler: validationHandler.verifyOldNewPassword, // Adjust the path to your handler + // }); // fastify.route({ @@ -342,6 +342,35 @@ module.exports = function (fastify, opts, next) { }, }); + + + fastify.route({ + method: "POST", + url: "/api/changePassword", + schema: { + tags: ["User"], + description: "This is to change password of user", + summary: "This is to change password of user", + body: { + type: "object", + required: ["phone"], + properties: { + phone: { type: "string" }, + oldPassword: { type: "string" }, + newPassword: { type: "string" }, + }, + }, + security: [ + { + basicAuth: [], + }, + ], + }, + // preHandler: [validationHandler.], + handler: userController.changePassword, + + }); + fastify.route({ method: "POST", url: "/api/resetpassword",