#84 added change password end points

33a7f579 · Евгений Положенцев · 1721c38d · 1721c38d · 33a7f579 · 33a7f579
Commit 33a7f579 authored Dec 02, 2022 by Евгений Положенцев
7 changed files
--- a/.env
+++ b/.env
-export const FRONTEND_URL  = 'localhost:3000'
\ No newline at end of file
--- a/planner-api/src/helpers.ts
+++ b/planner-api/src/helpers.ts
@@ -82,12 +82,16 @@ export const taskFinderById = async (taskId:string):Promise<null | Task>=>{


 export let  transporter = nodemailer.createTransport({
-    host: "smtp.yandex.ru",
-    port: 465,
-    secure: true, // true for 465, false for other ports
+    service:'Yandex',
+    // host: "smtp.yandex.ru",
+    // port: 465,
+    // secure: true, // true for 465, false for other ports
    auth: {
-      user: "planner45", // generated ethereal user
+      user: "planner45@yandex.ru", // generated ethereal user
      pass: "newPlannerProject123" // generated ethereal password
    }
  })
  
+
+
+  export const FRONTEND_URL  = 'localhost:3000'
\ No newline at end of file
--- a/planner-api/src/models/PasswordRecovery.ts
+++ b/planner-api/src/models/PasswordRecovery.ts
@@ -5,6 +5,7 @@ import {
    BaseEntity,
    OneToOne,
    CreateDateColumn,
+    JoinColumn,
  } from 'typeorm';
 import { User } from './User';
  
@@ -23,13 +24,14 @@ import { User } from './User';
    @CreateDateColumn({ name: 'created_at', type: Date, default: new Date() })
    createdAt!: Date;

-    @Column({ name: 'token', type:String, nullable:false})
+    @Column({ name: 'token', type: 'varchar',length:100, unique: true, nullable:true })
    token!: string;  

-    @OneToOne(()=>User, (user:{passwordRecovery:PasswordRecovery})=>user.passwordRecovery)
+    @OneToOne(()=>User,{nullable: false, eager:true})
+    @JoinColumn()
    user!:User;

-    @Column({ name: 'enabled', type:'boolean', default:false})
+    @Column({ name: 'enabled', type:'boolean', default:true})
    enabled!: boolean;

  }
\ No newline at end of file
--- a/planner-api/src/models/Task.ts
+++ b/planner-api/src/models/Task.ts
@@ -50,7 +50,7 @@ import { DateTimeTask } from './DateTimeTask';
    dateTimeDeadLine!: Date;
    @Column({ name: 'dateTimeFactDeadLine', type: Date,nullable: true })
    dateTimeFactDeadLine!: Date;
-    @Column({ name: 'archive', type: 'varchar', length:50,nullable: false, default:false })
+    @Column({ name: 'archive', type: 'boolean',nullable: false, default:false })
    archive!: boolean

    @Column({

--- a/planner-api/src/models/User.ts
+++ b/planner-api/src/models/User.ts
@@ -17,7 +17,7 @@ import {Task} from './Task';
 import {Member} from './Member';
 import { PasswordRecovery } from './PasswordRecovery';

-const SALT_WORK_FACTOR= 10;
+export const SALT_WORK_FACTOR= 10;


 export enum UserRole  {USER="user" ,DIRECTOR= "director",SUPERUSER="superuser"}
@@ -34,7 +34,6 @@ interface IUser {
  createdAt: Date;
  createdTasks:Task[];
  members: Member[];
-  passwordRecovery:PasswordRecovery;
 }


@@ -84,8 +83,7 @@ export class User extends BaseEntity implements IUser {
  @OneToMany(() => Member, (member: { user: User }) => member.user)
  members!: Member[];

-  @OneToOne(()=>PasswordRecovery, (passwordRecovery:{user:User})=>passwordRecovery.user)
-    passwordRecovery!:PasswordRecovery;
+

  @BeforeInsert()
  protected async beforeInserthashPassword():Promise<void>  {

--- a/planner-api/src/routers/passwordRecovery.ts
+++ b/planner-api/src/routers/passwordRecovery.ts
@@ -4,7 +4,9 @@ import {myDataSource} from '../app-data-source';
 import { nanoid } from 'nanoid';
 import { PasswordRecovery } from '../models/PasswordRecovery';
 import { transporter } from '../helpers';
-
+import {FRONTEND_URL} from "../helpers";
+import {SALT_WORK_FACTOR} from "../models/User";
+import bcrypt from 'bcrypt';
 const router:Router = express.Router();
 const dataSource = myDataSource;

@@ -21,12 +23,12 @@ router.post ('/', async (req:Request, res:Response):Promise<void |Response>=>{
    })
    if (!user) return res.status(404).send({message:'user not found'})
    const token = nanoid();
-    const url = `${process.env.FRONTEND_URL}/reset-password/${token}`;
    try{
-        const passwordRecovery =  await new PasswordRecovery()
-        passwordRecovery.user= user
-        passwordRecovery.token=token
-        passwordRecovery.save()
+        const passwordRecovery = new PasswordRecovery()
+        passwordRecovery.user= user;
+        passwordRecovery.token=token;
+        await passwordRecovery.save()
+        const url = `${FRONTEND_URL}/reset-password/${token}`;
        await transporter.sendMail({
            from:"planner45@yandex.com",
            to: `${email}`,
@@ -34,27 +36,54 @@ router.post ('/', async (req:Request, res:Response):Promise<void |Response>=>{
            text:`Вы отправили запрос на восстановление пароля, 
            перейдите по ссылке плз:{url}`,
            html:`Вы отправили запрос на восстановление пароля,
-             перейдите по ссылке плз: <br><a> href="${url} ">${url}</a>`});
-            return res.send({message:'Email succeffuly send'})
+             перейдите по ссылке плз: <br><a> href="${url}">${url}</a>`});
+            return res.send({message:'Email successffuly send'})
    } catch (e){
        console.log(e)
-        res.status(502).send({message:'mail got stuck'})
+        res.status(502).send({message:'mail got stuck in ', e })
    }
 })

-/**validate token t*/
-router.get("/validate", async(req: Request, res: Response):Promise<Response>=>{
+
+/**reset token in password recovery */
+router.get('/', async(req: Request, res: Response):Promise<Response|void>=>{
    const token = req.query.token;
-    // if (!token)  return res.send({message:'token is not valid'})
-    // const passwordRecovery = await dataSource
-    // .getRepository(PasswordRecovery)
-    // .findOne({
-    //     where:{
-    //         token: token
-    //     }
-    // })
-    // if (!passwordRecovery)  return res.send({message:'link is not valid'})
-    return res.send(token);
+    if(!token) return res.status(401).send({Message:'token not exists'})
+    const passwordRecovery = await dataSource
+    .createQueryBuilder()
+    .from(PasswordRecovery,'passwordRecovery')
+    .select('passwordRecovery')
+    .innerJoinAndSelect('passwordRecovery.user', 'user')
+    .where(' passwordRecovery.token=:token',{token})
+    .getOne()
+    if(!passwordRecovery || !passwordRecovery.enabled) return res.status(404).send({message:"Token is not valid"})
+    res.send(passwordRecovery)
+    passwordRecovery.enabled=false;
+    try{
+        await passwordRecovery.save();
+    } catch(e){
+    console.log(e)
+}
+})
+
+
+/**change password */
+router.patch('/:id/change-password', async (req: Request, res: Response):Promise<Response|void>=>{
+    const user = await dataSource 
+    .getRepository(User)
+    .findOneBy({id:req.params.id})
+    if(!user) return res.status(404).send({Message:'user not found'})
+    const salt = await bcrypt.genSalt(SALT_WORK_FACTOR);
+    let newPassword:string = await bcrypt.hash(req.body.password, salt);
+    user.password = newPassword
+    try{
+        await user.save()
+        res.send({message:"Password saved"})
+    } catch (e){
+        res.status(502).send({message:"error in saving new psasword"})
+    }
 })

-export default router;
\ No newline at end of file
+
+ 
+    export default router;
\ No newline at end of file
--- a/planner-api/src/server.ts
+++ b/planner-api/src/server.ts
@@ -5,7 +5,7 @@ import tasks from './routers/tasks';
 import projects from './routers/projects';
 import {myDataSource} from './app-data-source';
 import copyTasks from './routers/copyTasks';
-import passwordRev
+import passwordRecovery from './routers/passwordRecovery';


 myDataSource