Merge pull request #88 from IT-Academy-BCN/feature/recoveryPassword

[BE] Fix Forget Password Endpoint#87
IT-Academy-BCN · Sep 25, 2023 · 9b3a139 · 9b3a139
2 parents 0e48f90 + bc31361
commit 9b3a139
Show file tree

Hide file tree

Showing 7 changed files with 116 additions and 189 deletions.
diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
@@ -4,7 +4,8 @@
 
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use Throwable;
-use Illuminate\Database\Eloquent\ModelNotFoundException; 
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Validation\ValidationException;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 
@@ -55,8 +56,12 @@ public function render($request, Throwable $exception)
             return response()->json(['error' => 'Resource not found'], Response::HTTP_NOT_FOUND);
         }
 
+        if ($exception instanceof ValidationException) {
+            return response()->json(['error' => $exception->getMessage()], Response::HTTP_INTERNAL_SERVER_ERROR);
+        }
+
         if ($exception instanceof HttpException) {
-            return response()->json(['error' => 'Somethings wrong with the server'], Response::HTTP_INTERNAL_SERVER_ERROR);
+            return response()->json(['error' => 'Somethings wrong with the server: '.$exception->getMessage()], Response::HTTP_INTERNAL_SERVER_ERROR);
         }
 
         return parent::render($request, $exception);

diff --git a/app/Http/Controllers/api/ForgetController.php b/app/Http/Controllers/api/ForgetController.php
diff --git a/app/Http/Controllers/api/UserController.php b/app/Http/Controllers/api/UserController.php
@@ -11,7 +11,7 @@
 use App\Models\Code;
 use App\Http\Requests\ForgetRequest;
 use App\Http\Requests\ResetRequest;
-use App\Mail\ForgetMail;
+use App\Mail\ForgetPasswordMail;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\DB;
 use Exception;
@@ -126,8 +126,8 @@ private function is_usedUpdated($code, $userId)
  * @OA\Post(
  *   path="/forget-password",
  *   tags={"User"},
- *   summary="send email to recovery password",
- *   description="This endpoint is used send an email to a register user to reset the password.",
+ *   summary="send email to reset password",
+ *   description="This endpoint is used to send an email to a registered user to reset the password.",
  *   @OA\RequestBody(
  *     required=true,
  *     @OA\MediaType(
@@ -143,11 +143,11 @@ private function is_usedUpdated($code, $userId)
  *   ),
  *   @OA\Response(
  *     response="200",
- *     description="check your email"
+ *     description="Password reset email sent out. Check your email"
  *   ),
  *   @OA\Response(
  *     response="404",
- *     description="The email don\'t exist"
+ *     description="The email does not exist"
  *   )
  * )
  */
@@ -156,37 +156,32 @@ public function forgetPassword(ForgetRequest $request){
 
     $email = $request->email;
 
-    $user= User::where('email',$email)->doesntExist();
-
-    $token= Str::random(10);
-
-    $existingMail = DB::table('password_reset_tokens')->where('email', $email)->first();
-
-
     try{
+        // check if user with such email exists
+        $user= User::where('email',$email)->first();
 
-        if($user){
-            return response()->json(['error' => 'The email don\'t exist'],404);
-
-        }else if($existingMail){
+        if(!$user){
+            return response()->json(['error' => 'The email does not exist'],404);
+        }
 
-            DB::table('password_reset_tokens')->where('email', $email)->update([
-                'token' => $token,
-               ]);
+        // Generate password reset token
+        $token= Str::random(10);
 
+        // Assign password reset token to user's email in 'password_reset_token' table
+        if(DB::table('password_reset_tokens')->where('email', $email)->first()) {
+            DB::table('password_reset_tokens')->where('email', $email)->update([ 'token' => $token, ]);
         } else {
-
             DB::table('password_reset_tokens')->insert([
                 'email' => $email,
                 'token' => $token
-            ]);                
-        }
+            ]); 
+        };
 
-        //send email
+        //send password reset email
+        Mail::to($email)->send(new ForgetPasswordMail($user->name, $token));
 
-        Mail::to($email)->send(new ForgetMail($token));
-
-            return response()->json(['message'=>'check your email'],200);
+        // send confirmation response
+        return response()->json(['message'=>'Password reset email sent out. Check your email'],200);
 
 
     }catch(Exception $exception){
@@ -201,8 +196,8 @@ public function forgetPassword(ForgetRequest $request){
  * @OA\Post(
  *   path="/reset-password/{token}",
  *   tags={"User"},
- *   summary="User recovery password",
- *   description="This endpoint is used to update the password of the user.",
+ *   summary="Reset user password",
+ *   description="This endpoint is used to reset the user password.",
  *   @OA\RequestBody(
  *     required=true,
  *     @OA\MediaType(
@@ -219,7 +214,7 @@ public function forgetPassword(ForgetRequest $request){
  *           example="password"
  *         ),
  *          @OA\Property(
- *           property="password_confirm",
+ *           property="password_confirmation",
  *           type="string",
  *           example="password"
  *         ),        
@@ -228,7 +223,7 @@ public function forgetPassword(ForgetRequest $request){
  *   ),
  *   @OA\Response(
  *     response="200",
- *     description="success"
+ *     description="User password reset successfully"
  *   ),
  *   @OA\Response(
  *     response="400",
@@ -254,10 +249,10 @@ public function resetPassword(ResetRequest $request){
     $user= User::where('email',$passwordResets->email)->first();
     $user->password = Hash::make($request->password);
     $user->save();
-    DB::table('password_reset_tokens')->where('email', $passwordResets->email)->update(['token' => null]);
+    DB::table('password_reset_tokens')->where('email', $passwordResets->email)->delete();
 
     return response()->json([
-        'message' => 'success'
+        'message' => 'User password reset successfully'
     ],200);
 
 }

diff --git a/app/Http/Requests/ResetRequest.php b/app/Http/Requests/ResetRequest.php
@@ -22,8 +22,7 @@ public function authorize(): bool
     public function rules(): array
     {
         return [
-            'password' =>'required',
-            'password_confirm' => 'required|same:password'
+            'password' => 'required|string|min:8|confirmed'
         ];
     }
 }
diff --git a/app/Mail/ForgetMail.php → app/Mail/ForgetPasswordMail.php b/app/Mail/ForgetMail.php → app/Mail/ForgetPasswordMail.php
@@ -11,18 +11,21 @@
 
 
 
-class ForgetMail extends Mailable
+class ForgetPasswordMail extends Mailable
 {
     use Queueable, SerializesModels;
 
+    public $name;
     public $token;
+
 
     /**
      * Create a new message instance.
      */
-    public function __construct($token)
+    public function __construct($name, $token)
     {
-        $this->data = $token;
+        $this->name = $name;
+        $this->token = $token;
     }
 
     /**
@@ -31,7 +34,7 @@ public function __construct($token)
     public function envelope(): Envelope
     {
         return new Envelope(
-            subject: 'Password Reset',
+            subject: 'Please reset your password',
         );
     }
 
@@ -41,10 +44,8 @@ public function envelope(): Envelope
     public function content(): Content
     {
 
-        $data = $this->data;
-
         return new Content(
-            view: 'mail.forget',
+            view: 'mail.forgetPassword',
         );
     }