add api endpoints

2025-08-09 15:35:22 +02:00 · 2024-01-18 22:53:25 +01:00 · 2024-01-18 22:53:25 +01:00 · 6393bbdc85
commit 6393bbdc85
parent c47bc5e5de
4 changed files with 49 additions and 54 deletions
--- a/apps/client/pages/api/auth/reset-password.ts
+++ b/apps/client/pages/api/auth/reset-password.ts
@ -1,49 +0,0 @@
 import { PrismaClient } from '@prisma/client'
 import crypto from 'crypto'
 import type { NextApiRequest, NextApiResponse } from 'next'
 let prismaInstance: PrismaClient | null = null
 function getPrismaInstance() {
    if (!prismaInstance) {
        prismaInstance = new PrismaClient()
    }
    return prismaInstance
 }
 const prisma = getPrismaInstance()
 type ResponseData = {
    message: string
 }
 export default async function handler(req: NextApiRequest, res: NextApiResponse<ResponseData>) {
    if (!req.body.email) {
        res.status(400).json({ message: 'No email provided.' })
        return
    }
    const user = await prisma.authUser.findUnique({
        where: {
            email: req.body.email,
        },
    })
    if (!user) {
        // No user found, we don't want to expose this information
        return res.status(200).json({ message: 'OK' })
    }
    const token = crypto.randomBytes(32).toString('hex')
    await prisma.authPasswordResets.create({
        data: {
            token,
            email: req.body.email,
            expires: new Date(Date.now() + 1000 * 60 * 10), // 10 minutes
        },
    })
    // 2. Send a password reset email
    res.status(200).json({ message: 'Hello from Next.js!' })
 }
--- a/apps/server/src/app/lib/endpoint.ts
+++ b/apps/server/src/app/lib/endpoint.ts
@ -25,6 +25,7 @@ import {
    AccountService,
    AccountConnectionService,
    AuthUserService,
    AuthPasswordResetService,
    UserService,
    EmailService,
    AccountQueryService,
@ -209,6 +210,14 @@ const accountService = new AccountService(
 const authUserService = new AuthUserService(logger.child({ service: 'AuthUserService' }), prisma)
 // auth-password-reset
 const authPasswordResetService = new AuthPasswordResetService(
    logger.child({ service: 'AuthPasswordResetService' }),
    prisma,
    emailService
 )
 // user
 const userService = new UserService(
@ -328,6 +337,7 @@ export async function createContext(req: Request) {
        holdingService,
        accountConnectionService,
        authUserService,
        authPasswordResetService,
        userService,
        valuationService,
        institutionService,
--- a/apps/server/src/app/routes/users.router.ts
+++ b/apps/server/src/app/routes/users.router.ts
@ -388,6 +388,39 @@ router.delete(
    })
 )
 router.post(
    '/request-new-password',
    endpoint.create({
        input: z.object({
            email: z.string().email(),
        }),
        resolve: async ({ ctx, input }) => {
            if (ctx.user) return
            await ctx.authPasswordResetService.create(input.email)
        },
    })
 )
 router.post(
    '/reset-password/:token/:email',
    endpoint.create({
        input: z.object({
            // TODO: bring en par with required password schema
            // (1 lowercase, 1 uppercase, 1 special char)
            newPassword: z.string().min(8).max(64),
            confirmPassword: z.string().min(8).max(64),
        }),
        resolve: async ({ ctx, input, req }) => {
            if (ctx.user) return
            await ctx.authPasswordResetService.resetPassword({
                token: req.params.token,
                newPassword: input.newPassword,
                email: req.params.email,
            })
        },
    })
 )
 router.delete(
    '/:id',
    endpoint.create({
--- a/libs/server/features/src/auth-password-reset/auth-password-reset.service.ts
+++ b/libs/server/features/src/auth-password-reset/auth-password-reset.service.ts
@ -1,6 +1,6 @@
 import type { PrismaClient } from '@prisma/client'
 import type { Logger } from 'winston'
-import type { EmailService } from '../email'
+import type { IEmailService } from '../email'
 import bcrypt from 'bcrypt'
 type ResetPasswordData = {
@ -13,11 +13,11 @@ export interface IAuthPasswordResetService {
    resetPassword(data: ResetPasswordData): Promise<null>
 }
-export class AuthPasswordResetsService implements IAuthPasswordResetService {
+export class AuthPasswordResetService implements IAuthPasswordResetService {
    constructor(
        private readonly logger: Logger,
-        private readonly emailService: EmailService,
+        private readonly prisma: PrismaClient,
-        private readonly prisma: PrismaClient
+        private readonly emailService: IEmailService
    ) {}
    async create(email: string): Promise<null> {
@ -50,7 +50,8 @@ export class AuthPasswordResetsService implements IAuthPasswordResetService {
            subject: 'Reset your password',
            to: email,
            // TODO: Use a template
-            textBody: `Click here to reset your password: ${process.env.NEXTAUTH_URL}/auth/reset-password?token=${token}&email=${email}`,
+            textBody: `Click here to reset your password:
            ${process.env.NEXTAUTH_URL}/auth/reset-password/${token}/${email}`,
        })
        return null