updated

wpcodevo · wpcodevo · commit a54eca368436 · 2022-08-21T08:34:57.000Z
diff --git a/controllers/auth.controller.go b/controllers/auth.controller.go
@@ -1,6 +1,7 @@
 package controllers
 
 import (
+	"log"
 	"net/http"
 	"strings"
 	"time"
@@ -85,7 +86,7 @@ func (ac *AuthController) SignUpUser(ctx *gin.Context) {
 		Subject:   "Your account verification code",
 	}
 
-	utils.SendEmail(&newUser, &emailData)
+	utils.SendEmail(&newUser, &emailData, "verificationCode.html")
 
 	message := "We sent an email with a verification code to " + newUser.Email
 	ctx.JSON(http.StatusCreated, gin.H{"status": "success", "message": message})
@@ -161,3 +162,92 @@ func (ac *AuthController) VerifyEmail(ctx *gin.Context) {
 
 	ctx.JSON(http.StatusOK, gin.H{"status": "success", "message": "Email verified successfully"})
 }
+
+func (ac *AuthController) ForgotPassword(ctx *gin.Context) {
+	var payload *models.ForgotPasswordInput
+
+	if err := ctx.ShouldBindJSON(&payload); err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": err.Error()})
+		return
+	}
+
+	message := "You will receive a reset email if user with that email exist"
+
+	var user models.User
+	result := ac.DB.First(&user, "email = ?", strings.ToLower(payload.Email))
+	if result.Error != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": "Invalid email or Password"})
+		return
+	}
+
+	if !user.Verified {
+		ctx.JSON(http.StatusUnauthorized, gin.H{"status": "error", "message": "Account not verified"})
+		return
+	}
+
+	config, err := initializers.LoadConfig(".")
+	if err != nil {
+		log.Fatal("Could not load config", err)
+	}
+
+	// Generate Verification Code
+	resetToken := randstr.String(20)
+
+	passwordResetToken := utils.Encode(resetToken)
+	user.PasswordResetToken = passwordResetToken
+	user.PasswordResetAt = time.Now().Add(time.Minute * 15)
+	ac.DB.Save(&user)
+
+	var firstName = user.Name
+
+	if strings.Contains(firstName, " ") {
+		firstName = strings.Split(firstName, " ")[1]
+	}
+
+	// 👇 Send Email
+	emailData := utils.EmailData{
+		URL:       config.ClientOrigin + "/forgotPassword/" + resetToken,
+		FirstName: firstName,
+		Subject:   "Your password reset token (valid for 10min)",
+	}
+
+	utils.SendEmail(&user, &emailData, "resetPassword.html")
+
+	ctx.JSON(http.StatusOK, gin.H{"status": "success", "message": message})
+}
+
+func (ac *AuthController) ResetPassword(ctx *gin.Context) {
+	var payload *models.ResetPasswordInput
+	resetToken := ctx.Params.ByName("resetToken")
+
+	if err := ctx.ShouldBindJSON(&payload); err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": err.Error()})
+		return
+	}
+
+	if payload.Password != payload.PasswordConfirm {
+		ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": "Passwords do not match"})
+		return
+	}
+
+	hashedPassword, _ := utils.HashPassword(payload.Password)
+
+	passwordResetToken := utils.Encode(resetToken)
+
+	var updatedUser models.User
+	result := ac.DB.First(&updatedUser, "password_reset_token = ?", passwordResetToken)
+	if result.Error != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"status": "fail", "message": "Invalid verification code or user doesn't exists"})
+		return
+	}
+
+	updatedUser.Password = hashedPassword
+	updatedUser.PasswordResetToken = ""
+	ac.DB.Save(&updatedUser)
+
+	ctx.SetCookie("access_token", "", -1, "/", "localhost", false, true)
+	ctx.SetCookie("refresh_token", "", -1, "/", "localhost", false, true)
+	ctx.SetCookie("logged_in", "", -1, "/", "localhost", false, true)
+
+	ctx.JSON(http.StatusOK, gin.H{"status": "success", "message": "Password data updated successfully"})
+}
diff --git a/models/user.model.go b/models/user.model.go
@@ -7,17 +7,19 @@ import (
 )
 
 type User struct {
-	ID               uuid.UUID `gorm:"type:uuid;default:uuid_generate_v4();primary_key"`
-	Name             string    `gorm:"type:varchar(255);not null"`
-	Email            string    `gorm:"uniqueIndex;not null"`
-	Password         string    `gorm:"not null"`
-	Role             string    `gorm:"type:varchar(255);not null"`
-	Provider         string    `gorm:"not null"`
-	Photo            string    `gorm:"not null"`
-	VerificationCode string
-	Verified         bool      `gorm:"not null"`
-	CreatedAt        time.Time `gorm:"not null"`
-	UpdatedAt        time.Time `gorm:"not null"`
+	ID                 uuid.UUID `gorm:"type:uuid;default:uuid_generate_v4();primary_key"`
+	Name               string    `gorm:"type:varchar(255);not null"`
+	Email              string    `gorm:"uniqueIndex;not null"`
+	Password           string    `gorm:"not null"`
+	Role               string    `gorm:"type:varchar(255);not null"`
+	Provider           string    `gorm:"not null"`
+	Photo              string    `gorm:"not null"`
+	VerificationCode   string
+	PasswordResetToken string
+	PasswordResetAt    time.Time
+	Verified           bool      `gorm:"not null"`
+	CreatedAt          time.Time `gorm:"not null"`
+	UpdatedAt          time.Time `gorm:"not null"`
 }
 
 type SignUpInput struct {
@@ -43,3 +45,14 @@ type UserResponse struct {
 	CreatedAt time.Time `json:"created_at"`
 	UpdatedAt time.Time `json:"updated_at"`
 }
+
+// 👈 ForgotPasswordInput struct
+type ForgotPasswordInput struct {
+	Email string `json:"email" binding:"required"`
+}
+
+// 👈 ResetPasswordInput struct
+type ResetPasswordInput struct {
+	Password        string `json:"password" binding:"required"`
+	PasswordConfirm string `json:"passwordConfirm" binding:"required"`
+}
diff --git a/routes/auth.routes.go b/routes/auth.routes.go
@@ -21,4 +21,6 @@ func (rc *AuthRouteController) AuthRoute(rg *gin.RouterGroup) {
 	router.POST("/login", rc.authController.SignInUser)
 	router.GET("/logout", middleware.DeserializeUser(), rc.authController.LogoutUser)
 	router.GET("/verifyemail/:verificationCode", rc.authController.VerifyEmail)
+	router.POST("/forgotpassword", rc.authController.ForgotPassword)
+	router.PATCH("/resetpassword/:resetToken", rc.authController.ResetPassword)
 }
diff --git a/templates/resetPassword.html b/templates/resetPassword.html
@@ -0,0 +1,89 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    {{template "styles" .}}
+    <title>{{ .Subject}}</title>
+  </head>
+  <body>
+    <table
+      role="presentation"
+      border="0"
+      cellpadding="0"
+      cellspacing="0"
+      class="body"
+    >
+      <tr>
+        <td>&nbsp;</td>
+        <td class="container">
+          <div class="content">
+            <!-- START CENTERED WHITE CONTAINER -->
+            <table role="presentation" class="main">
+              <!-- START MAIN CONTENT AREA -->
+              <tr>
+                <td class="wrapper">
+                  <table
+                    role="presentation"
+                    border="0"
+                    cellpadding="0"
+                    cellspacing="0"
+                  >
+                    <tr>
+                      <td>
+                        <p>Hi {{ .FirstName}},</p>
+                        <p>
+                          Forgot password? Send a PATCH request to with your
+                          password and passwordConfirm to {{.URL}}
+                        </p>
+                        <table
+                          role="presentation"
+                          border="0"
+                          cellpadding="0"
+                          cellspacing="0"
+                          class="btn btn-primary"
+                        >
+                          <tbody>
+                            <tr>
+                              <td align="left">
+                                <table
+                                  role="presentation"
+                                  border="0"
+                                  cellpadding="0"
+                                  cellspacing="0"
+                                >
+                                  <tbody>
+                                    <tr>
+                                      <td>
+                                        <a href="{{.URL}}" target="_blank"
+                                          >Reset password</a
+                                        >
+                                      </td>
+                                    </tr>
+                                  </tbody>
+                                </table>
+                              </td>
+                            </tr>
+                          </tbody>
+                        </table>
+                        <p>
+                          If you didn't forget your password, please ignore this
+                          email
+                        </p>
+                        <p>Good luck! Codevo CEO.</p>
+                      </td>
+                    </tr>
+                  </table>
+                </td>
+              </tr>
+
+              <!-- END MAIN CONTENT AREA -->
+            </table>
+            <!-- END CENTERED WHITE CONTAINER -->
+          </div>
+        </td>
+        <td>&nbsp;</td>
+      </tr>
+    </table>
+  </body>
+</html>
diff --git a/utils/email.go b/utils/email.go
@@ -41,7 +41,7 @@ func ParseTemplateDir(dir string) (*template.Template, error) {
 	return template.ParseFiles(paths...)
 }
 
-func SendEmail(user *models.User, data *EmailData) {
+func SendEmail(user *models.User, data *EmailData, emailTemp string) {
 	config, err := initializers.LoadConfig(".")
 
 	if err != nil {
@@ -63,7 +63,7 @@ func SendEmail(user *models.User, data *EmailData) {
 		log.Fatal("Could not parse template", err)
 	}
 
-	template.ExecuteTemplate(&body, "verificationCode.html", &data)
+	template.ExecuteTemplate(&body, emailTemp, &data)
 
 	m := gomail.NewMessage()
 

Original file line number	Diff line number	Diff line change
`@@ -21,4 +21,6 @@ func (rc AuthRouteController) AuthRoute(rg gin.RouterGroup) {`
`21`	`21`	`router.POST("/login", rc.authController.SignInUser)`
`22`	`22`	`router.GET("/logout", middleware.DeserializeUser(), rc.authController.LogoutUser)`
`23`	`23`	`router.GET("/verifyemail/:verificationCode", rc.authController.VerifyEmail)`
	`24`	`+ router.POST("/forgotpassword", rc.authController.ForgotPassword)`
	`25`	`+ router.PATCH("/resetpassword/:resetToken", rc.authController.ResetPassword)`
`24`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ func ParseTemplateDir(dir string) (*template.Template, error) {`
`41`	`41`	`return template.ParseFiles(paths...)`
`42`	`42`	`}`
`43`	`43`
`44`		`-func SendEmail(user models.User, data EmailData) {`
	`44`	`+func SendEmail(user models.User, data EmailData, emailTemp string) {`
`45`	`45`	`config, err := initializers.LoadConfig(".")`
`46`	`46`
`47`	`47`	`if err != nil {`
`@@ -63,7 +63,7 @@ func SendEmail(user models.User, data EmailData) {`
`63`	`63`	`log.Fatal("Could not parse template", err)`
`64`	`64`	`}`
`65`	`65`
`66`		`- template.ExecuteTemplate(&body, "verificationCode.html", &data)`
	`66`	`+ template.ExecuteTemplate(&body, emailTemp, &data)`
`67`	`67`
`68`	`68`	`m := gomail.NewMessage()`
`69`	`69`