Closed hiyaryan closed 9 months ago
The final commits update the from
field sent to the users email as The CDJ instead of the email. It updates the user model to store resetPasswordToken
and resetPasswordExpires
used to verify the identity of the user based on an unexpired token. Implements the forgotPassword
controller by checking the token fields in the user model and updating the password if successful. Ensures the new password meets requirements using validation middleware on the reset-password
route, otherwise the server sends a error message. Finally, sets up a confirmation email sent on a successful update.
This PR implements password reset. The initial commit adds the
/forgot-password
and/reset-password
endpoints, implements token generation for password reset url on theuserSchema
, sets up SMTP and the reset password email, updates forgot password form requiring an email, sends the email requesting a reset with the tokenized link, and creates the reset password form (requiring the new password input twice) and the associated react router route for the tokenized link.Still in work is the logic of the
resetPassword
controller. The endpoint is retrieving the new password and token but it is unable to find the user associated with the token. Maybe need to add a new field to users model (or not if passport already does this for you, need to determine this). And then finally, some more thorough testing.