Merge pull request #1968 from automatisch/rest-forgot-password
feat: Implement forgot password rest API endpoint
This commit is contained in:
Ali BARIN
@@ -1,11 +1,10 @@
|
||||
import { vi, describe, it, beforeEach } from 'vitest';
|
||||
import { describe, it, beforeEach } from 'vitest';
|
||||
import request from 'supertest';
|
||||
import Crypto from 'crypto';
|
||||
import app from '../../../../../app.js';
|
||||
import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
|
||||
import { createUser } from '../../../../../../test/factories/user';
|
||||
import { createRole } from '../../../../../../test/factories/role';
|
||||
import * as license from '../../../../../helpers/license.ee.js';
|
||||
|
||||
describe('DELETE /api/v1/admin/users/:userId', () => {
|
||||
let currentUser, currentUserRole, anotherUser, token;
|
||||
@@ -20,8 +19,6 @@ describe('DELETE /api/v1/admin/users/:userId', () => {
|
||||
});
|
||||
|
||||
it('should soft delete user and respond with no content', async () => {
|
||||
vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
|
||||
|
||||
await request(app)
|
||||
.delete(`/api/v1/admin/users/${anotherUser.id}`)
|
||||
.set('Authorization', token)
|
||||
@@ -29,8 +26,6 @@ describe('DELETE /api/v1/admin/users/:userId', () => {
|
||||
});
|
||||
|
||||
it('should return not found response for not existing user UUID', async () => {
|
||||
vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
|
||||
|
||||
const notExistingUserUUID = Crypto.randomUUID();
|
||||
|
||||
await request(app)
|
||||
@@ -40,8 +35,6 @@ describe('DELETE /api/v1/admin/users/:userId', () => {
|
||||
});
|
||||
|
||||
it('should return bad request response for invalid UUID', async () => {
|
||||
vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
|
||||
|
||||
await request(app)
|
||||
.delete('/api/v1/admin/users/invalidUserUUID')
|
||||
.set('Authorization', token)
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
import User from '../../../../models/user.js';
|
||||
|
||||
export default async (request, response) => {
|
||||
const { email } = request.body;
|
||||
|
||||
const user = await User.query()
|
||||
.findOne({ email: email.toLowerCase() })
|
||||
.throwIfNotFound();
|
||||
|
||||
await user.sendResetPasswordEmail();
|
||||
|
||||
response.status(204).end();
|
||||
};
|
||||
@@ -0,0 +1,30 @@
|
||||
import { describe, it, beforeEach } from 'vitest';
|
||||
import request from 'supertest';
|
||||
import app from '../../../../app.js';
|
||||
import { createUser } from '../../../../../test/factories/user';
|
||||
|
||||
describe('POST /api/v1/users/forgot-password', () => {
|
||||
let currentUser;
|
||||
|
||||
beforeEach(async () => {
|
||||
currentUser = await createUser();
|
||||
});
|
||||
|
||||
it('should respond with no content', async () => {
|
||||
await request(app)
|
||||
.post('/api/v1/users/forgot-password')
|
||||
.send({
|
||||
email: currentUser.email,
|
||||
})
|
||||
.expect(204);
|
||||
});
|
||||
|
||||
it('should return not found response for not existing user UUID', async () => {
|
||||
await request(app)
|
||||
.post('/api/v1/users/forgot-password')
|
||||
.send({
|
||||
email: 'nonexisting@automatisch.io',
|
||||
})
|
||||
.expect(404);
|
||||
});
|
||||
});
|
||||
@@ -10,12 +10,9 @@ import deleteCurrentUser from './mutations/delete-current-user.ee.js';
|
||||
import deleteFlow from './mutations/delete-flow.js';
|
||||
import deleteRole from './mutations/delete-role.ee.js';
|
||||
import deleteStep from './mutations/delete-step.js';
|
||||
import deleteUser from './mutations/delete-user.ee.js';
|
||||
import duplicateFlow from './mutations/duplicate-flow.js';
|
||||
import executeFlow from './mutations/execute-flow.js';
|
||||
import forgotPassword from './mutations/forgot-password.ee.js';
|
||||
import generateAuthUrl from './mutations/generate-auth-url.js';
|
||||
import login from './mutations/login.js';
|
||||
import registerUser from './mutations/register-user.ee.js';
|
||||
import resetConnection from './mutations/reset-connection.js';
|
||||
import resetPassword from './mutations/reset-password.ee.js';
|
||||
@@ -33,6 +30,11 @@ import upsertSamlAuthProvider from './mutations/upsert-saml-auth-provider.ee.js'
|
||||
import upsertSamlAuthProvidersRoleMappings from './mutations/upsert-saml-auth-providers-role-mappings.ee.js';
|
||||
import verifyConnection from './mutations/verify-connection.js';
|
||||
|
||||
// Converted mutations
|
||||
import deleteUser from './mutations/delete-user.ee.js';
|
||||
import login from './mutations/login.js';
|
||||
import forgotPassword from './mutations/forgot-password.ee.js';
|
||||
|
||||
const mutationResolvers = {
|
||||
createAppAuthClient,
|
||||
createAppConfig,
|
||||
|
||||
@@ -20,7 +20,13 @@ import Step from './step.js';
|
||||
import Subscription from './subscription.ee.js';
|
||||
import UsageData from './usage-data.ee.js';
|
||||
import Billing from '../helpers/billing/index.ee.js';
|
||||
|
||||
import deleteUserQueue from '../queues/delete-user.ee.js';
|
||||
import emailQueue from '../queues/email.js';
|
||||
import {
|
||||
REMOVE_AFTER_30_DAYS_OR_150_JOBS,
|
||||
REMOVE_AFTER_7_DAYS_OR_50_JOBS,
|
||||
} from '../helpers/remove-job-configuration.js';
|
||||
|
||||
class User extends Base {
|
||||
static tableName = 'users';
|
||||
@@ -253,6 +259,30 @@ class User extends Base {
|
||||
await deleteUserQueue.add(jobName, jobPayload, jobOptions);
|
||||
}
|
||||
|
||||
async sendResetPasswordEmail() {
|
||||
await this.generateResetPasswordToken();
|
||||
|
||||
const jobName = `Reset Password Email - ${this.id}`;
|
||||
|
||||
const jobPayload = {
|
||||
email: this.email,
|
||||
subject: 'Reset Password',
|
||||
template: 'reset-password-instructions.ee',
|
||||
params: {
|
||||
token: this.resetPasswordToken,
|
||||
webAppUrl: appConfig.webAppUrl,
|
||||
fullName: this.fullName,
|
||||
},
|
||||
};
|
||||
|
||||
const jobOptions = {
|
||||
removeOnComplete: REMOVE_AFTER_7_DAYS_OR_50_JOBS,
|
||||
removeOnFail: REMOVE_AFTER_30_DAYS_OR_150_JOBS,
|
||||
};
|
||||
|
||||
await emailQueue.add(jobName, jobPayload, jobOptions);
|
||||
}
|
||||
|
||||
isResetPasswordTokenValid() {
|
||||
if (!this.resetPasswordTokenSentAt) {
|
||||
return false;
|
||||
|
||||
@@ -10,6 +10,7 @@ import getInvoicesAction from '../../../controllers/api/v1/users/get-invoices.ee
|
||||
import getSubscriptionAction from '../../../controllers/api/v1/users/get-subscription.ee.js';
|
||||
import getPlanAndUsageAction from '../../../controllers/api/v1/users/get-plan-and-usage.ee.js';
|
||||
import acceptInvitationAction from '../../../controllers/api/v1/users/accept-invitation.js';
|
||||
import forgotPasswordAction from '../../../controllers/api/v1/users/forgot-password.js';
|
||||
|
||||
const router = Router();
|
||||
|
||||
@@ -51,5 +52,6 @@ router.get(
|
||||
);
|
||||
|
||||
router.post('/invitation', asyncHandler(acceptInvitationAction));
|
||||
router.post('/forgot-password', asyncHandler(forgotPasswordAction));
|
||||
|
||||
export default router;
|
||||
|
||||
Reference in New Issue
Block a user