Skip to content

Commit

Permalink
Merge pull request #525 from AyushSharma72/forgotpass
Browse files Browse the repository at this point in the history
resolved forgot password issues
  • Loading branch information
dhairyagothi authored Nov 7, 2024
2 parents 69928a6 + 3750c28 commit bb887ac
Showing 1 changed file with 38 additions and 31 deletions.
69 changes: 38 additions & 31 deletions backend/controllers/submitFeedback.js
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
import nodemailer from 'nodemailer';
import User from '../models/User.js';
import { generateOTP , verifyOTP} from '../utils/otputils.js'; // Import the OTP generation function
import { sendOTPEmail } from '../utils/emailUtils.js'; // Import the email sender utility if separated into a different file
import nodemailer from "nodemailer";
import User from "../models/User.js";
import { generateOTP, verifyOTP } from "../utils/otputils.js"; // Import the OTP generation function
import { sendOTPEmail } from "../utils/emailUtils.js"; // Import the email sender utility if separated into a different file

import { hashPassword } from '../utils/authFunctions.js';
import { hashPassword } from "../utils/authFunctions.js";

// Controller to handle user feedback submission
export const submitFeedback = async (req, res) => {
const { rating, comment } = req.body;

try {
// The user is already authenticated and attached to req.user by verifyJWT
const user = req.user;
const user = req.user;

// Update user's rating and comment fields
user.rating = rating || user.rating; // If no rating is provided, keep the existing one
Expand All @@ -20,10 +20,14 @@ export const submitFeedback = async (req, res) => {
// Save the updated user document
await user.save();

return res.status(200).json({ message: 'Feedback submitted successfully', user });
return res
.status(200)
.json({ message: "Feedback submitted successfully", user });
} catch (error) {
console.error('Error submitting feedback:', error);
return res.status(error.statusCode || 500).json({ message: error.message || 'An error occurred while submitting feedback' });
console.error("Error submitting feedback:", error);
return res.status(error.statusCode || 500).json({
message: error.message || "An error occurred while submitting feedback",
});
}
};

Expand All @@ -33,32 +37,34 @@ export const sendOTPToEmail = async (req, res) => {

// Check if email is provided
if (!email) {
return res.status(400).json({ error: 'Email is required' });
return res.status(400).json({ error: "Email is required" });
}

// Find user by email
const user = await User.findOne({ email });

if (!user) {
return res.status(404).json({ error: 'User does not exist' });
return res.status(404).json({ error: "User does not exist" });
}

// Generate OTP and set expiry (10 minutes from now)
const otp = generateOTP();
const otpExpiry = new Date(Date.now() + 10 * 60 * 1000); // OTP expires in 10 minutes

// Store the OTP and expiry in the user's document
// Only update OTP and expiry without modifying the rest of the user document this was causing error
user.otp = otp;
user.otpExpiry = otpExpiry;
await user.save();
await user.updateOne({ otp, otpExpiry });

// Send OTP to user's email using the utility
await sendOTPEmail(email, otp);

res.status(200).json({ message: 'OTP sent to email' });
res.status(200).json({ message: "OTP sent to email" });
} catch (error) {
console.error('Error sending OTP:', error);
return res.status(500).json({ error: error.message || 'Internal Server Error' });
console.error("Error sending OTP:", error);
return res
.status(500)
.json({ error: error.message || "Internal Server Error" });
}
};

Expand All @@ -68,33 +74,32 @@ export const verifyOTPController = async (req, res) => {

// Check if email and OTP are provided
if (!email || !otp) {
return res.status(400).json({ error: 'Email and OTP are required' });
return res.status(400).json({ error: "Email and OTP are required" });
}

// Find user by email
const user = await User.findOne({ email });

if (!user) {
return res.status(404).json({ error: 'User not found' });
return res.status(404).json({ error: "User not found" });
}

// Verify the OTP and check expiration
const isValid = verifyOTP(user, otp);

if (!isValid) {
return res.status(400).json({ error: 'Invalid or expired OTP' });
return res.status(400).json({ error: "Invalid or expired OTP" });
}

// Clear OTP after successful verification (optional, but recommended)
user.otp = null;
user.otpExpiry = null;
await user.save();
// only set otp to null else there will be error
await user.updateOne({ otp: null, otpExpiry: null });

// OTP is valid
res.status(200).json({ message: 'OTP verified successfully' });
res.status(200).json({ message: "OTP verified successfully" });
} catch (error) {
console.error('Error verifying OTP:', error);
res.status(500).json({ error: 'Internal Server Error' });
console.error("Error verifying OTP:", error);
res.status(500).json({ error: "Internal Server Error" });
}
};

Expand All @@ -104,26 +109,28 @@ export const resetPassword = async (req, res) => {

// Check if both email and new password are provided
if (!email || !newPassword) {
return res.status(400).json({ error: 'Email and new password are required' });
return res
.status(400)
.json({ error: "Email and new password are required" });
}

// Find the user by email
const user = await User.findOne({ email });

if (!user) {
return res.status(404).json({ error: 'User not found' });
return res.status(404).json({ error: "User not found" });
}

// Hash the new password
const hashedPassword = await hashPassword(newPassword);

// Update the user's password in the database
user.password = hashedPassword;
await user.save();
await user.updateOne({ password: hashPassword }); // only update the password not the whole user else there will be error

res.status(200).json({ message: 'Password reset successfully' });
res.status(200).json({ message: "Password reset successfully" });
} catch (error) {
console.error('Error resetting password:', error);
res.status(500).json({ error: 'Internal Server Error' });
console.error("Error resetting password:", error);
res.status(500).json({ error: "Internal Server Error" });
}
};

0 comments on commit bb887ac

Please sign in to comment.