Skip to content

Reset user password feature

Vladislav Trotsenko edited this page Sep 26, 2019 · 8 revisions

This is basic reset user password feature. It consists of 3 endpoints:

POST /api/v1/users/reset_password

The point of this endpoint is create and send reset link to user email.

ResetPasswordsController#create

module Api::V1::Users
  class ResetPasswordsController < ApiController
    def create
      endpoint Api::V1::Users::ResetPasswords::Operation::Create
    end
  end
end

Operation

module Api::V1::Users::ResetPasswords::Operation
  class Create < ApplicationOperation
    step Macro::Contract::Schema(Api::V1::Users::ResetPasswords::Contract::Create)
    step Contract::Validate(), fail_fast: true
    step Model(Account, :find_by_email, :email)
    fail Macro::Semantic(failure: :not_found), fail_fast: true # sets not_found http status if user not found
    step :set_email_token # sets jwt email token into context
    step :push_email_token_to_redis # pushes current jwt email token to redis
    step :send_reset_password_url # send reset password url to user email
    step Macro::Semantic(success: :accepted) # sets accepted http status
  end
end

Used nested & macroses

GET /api/v1/users/reset_password?email_token=jwt_email_token

The point of this endpoint is provide accepting reset password link.

ResetPasswordsController#show

module Api::V1::Users
  class ResetPasswordsController < ApiController
    def show
      endpoint Api::V1::Users::ResetPasswords::Operation::Show
    end
  end
end

Operation

module Api::V1::Users::ResetPasswords::Operation
  class Show < ApplicationOperation
    step Subprocess(Api::V1::Users::Lib::Operation::DecryptEmailToken), fast_track: true
    step Subprocess(Api::V1::Users::Lib::Operation::CheckEmailTokenRedisEquality), fast_track: true
  end
end

Used nested & macroses

PUT /api/v1/users/reset_password

ResetPasswordsController#update

module Api::V1::Users
  class ResetPasswordsController < ApiController
    def update
      endpoint Api::V1::Users::ResetPasswords::Operation::Update
    end
  end
end

Operation

module Api::V1::Users::ResetPasswords::Operation
  class Update < ApplicationOperation
    step Subprocess(Api::V1::Users::Lib::Operation::DecryptEmailToken), fast_track: true
    step Subprocess(Api::V1::Users::Lib::Operation::CheckEmailTokenRedisEquality), fast_track: true
    step Contract::Build(constant: Api::V1::Users::ResetPasswords::Contract::Update)
    step Contract::Validate()
    step Contract::Persist()
    step :send_notification
    step :destroy_redis_email_token
    step :destroy_all_user_sessions
  end
end

Used nested & macroses

Clone this wiki locally