feat: Implement forgot password rest API endpoint

2024-07-16 15:43:15 +02:00
parent ec2863d218
commit 3fd628cb05
6 changed files with 81 additions and 11 deletions
--- a/packages/backend/src/controllers/api/v1/admin/users/delete-user.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/users/delete-user.test.js
@@ -1,11 +1,10 @@
-import { vi, describe, it, beforeEach } from 'vitest';
+import { describe, it, beforeEach } from 'vitest';
 import request from 'supertest';
 import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../../test/factories/user';
 import { createRole } from '../../../../../../test/factories/role';
-import * as license from '../../../../../helpers/license.ee.js';

 describe('DELETE /api/v1/admin/users/:userId', () => {
  let currentUser, currentUserRole, anotherUser, token;
@@ -20,8 +19,6 @@ describe('DELETE /api/v1/admin/users/:userId', () => {
  });

  it('should soft delete user and respond with no content', async () => {
-    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
-
    await request(app)
      .delete(`/api/v1/admin/users/${anotherUser.id}`)
      .set('Authorization', token)
@@ -29,8 +26,6 @@ describe('DELETE /api/v1/admin/users/:userId', () => {
  });

  it('should return not found response for not existing user UUID', async () => {
-    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
-
    const notExistingUserUUID = Crypto.randomUUID();

    await request(app)
@@ -40,8 +35,6 @@ describe('DELETE /api/v1/admin/users/:userId', () => {
  });

  it('should return bad request response for invalid UUID', async () => {
-    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
-
    await request(app)
      .delete('/api/v1/admin/users/invalidUserUUID')
      .set('Authorization', token)
--- a/packages/backend/src/controllers/api/v1/users/forgot-password.js
+++ b/packages/backend/src/controllers/api/v1/users/forgot-password.js
@@ -0,0 +1,13 @@
+import User from '../../../../models/user.js';
+
+export default async (request, response) => {
+  const { email } = request.body;
+
+  const user = await User.query()
+    .findOne({ email: email.toLowerCase() })
+    .throwIfNotFound();
+
+  await user.sendResetPasswordEmail();
+
+  response.status(204).end();
+};
--- a/packages/backend/src/controllers/api/v1/users/forgot-password.test.js
+++ b/packages/backend/src/controllers/api/v1/users/forgot-password.test.js
@@ -0,0 +1,30 @@
+import { describe, it, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import { createUser } from '../../../../../test/factories/user';
+
+describe('POST /api/v1/users/forgot-password', () => {
+  let currentUser;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+  });
+
+  it('should respond with no content', async () => {
+    await request(app)
+      .post('/api/v1/users/forgot-password')
+      .send({
+        email: currentUser.email,
+      })
+      .expect(204);
+  });
+
+  it('should return not found response for not existing user UUID', async () => {
+    await request(app)
+      .post('/api/v1/users/forgot-password')
+      .send({
+        email: 'nonexisting@automatisch.io',
+      })
+      .expect(404);
+  });
+});