[Finishes #187354251] Update user password #46
Conversation
P-Rwirangira
requested review from
gracemugwanezak,
niyontwali,
Anguandia,
JeanIrad,
hozayves,
Munezero2000,
hatfelicien,
patrickhag and
Favor-star
src/controllers/authController.ts
Outdated
| const token = req.headers.authorization?.split(' ')[1]; | ||
| if (!token) { | ||
| res.status(401).json({ | ||
| ok: false, | ||
| message: 'Unauthorized', | ||
| }); | ||
| return; | ||
| } | ||
| const decode = jwt.verify(token, process.env.JWT_SECRET as string) as { id: string }; | ||
| if (!decode) { | ||
| res.status(400).json({ | ||
| ok: false, | ||
| message: 'Invalid token', | ||
| }); | ||
| } |
There was a problem hiding this comment.
I guess you aren't supposed to write this particular code cuz there's a reusable function in middleware folder for that.
src/routes/authRoute.ts
Outdated
| @@ -18,4 +17,6 @@ router.get('/google/callback', authenticateViaGoogle); | |||
| // Route to login a user | |||
| router.post('/login', login); | |||
|
|
|||
| router.put('/update-password', updatePassword, isAuthenticated); | |||
There was a problem hiding this comment.
Hey Patrick,
I believe the authenticated middleware should be placed at the beginning of the updatePassword controller.
There was a problem hiding this comment.
Exactly, please the middleware should be between the route string and the controller function
| @@ -93,5 +95,61 @@ const login = async (req: Request, res: Response): Promise<void> => { | |||
| sendInternalErrorResponse(res, err); | |||
| } | |||
| }; | |||
| const updatePassword = async (req: Request, res: Response): Promise<void> => { | |||
There was a problem hiding this comment.
Let's shift this controller to the userController instead of keeping it in the authController.
There was a problem hiding this comment.
No Yves anything related to auth should stay in auth. Normal these are the controllers that goes in auth
- Login
- Logout
- Forgot Password
- Change Password
- Reset password
| @@ -93,5 +95,61 @@ const login = async (req: Request, res: Response): Promise<void> => { | |||
| sendInternalErrorResponse(res, err); | |||
| } | |||
| }; | |||
| const updatePassword = async (req: Request, res: Response): Promise<void> => { | |||
There was a problem hiding this comment.
No Yves anything related to auth should stay in auth. Normal these are the controllers that goes in auth
- Login
- Logout
- Forgot Password
- Change Password
- Reset password
src/routes/authRoute.ts
Outdated
| @@ -18,4 +17,6 @@ router.get('/google/callback', authenticateViaGoogle); | |||
| // Route to login a user | |||
| router.post('/login', login); | |||
|
|
|||
| router.put('/update-password', updatePassword, isAuthenticated); | |||
There was a problem hiding this comment.
Exactly, please the middleware should be between the route string and the controller function
P-Rwirangira
force-pushed
the
187354251-ft-update-password
branch
3 times, most recently
from
3c6f7b5 to
8d4ac51
Compare
P-Rwirangira
changed the title
P-Rwirangira
force-pushed
the
187354251-ft-update-password
branch
3 times, most recently
from
eaba3b6 to
ff623dc
Compare
src/controllers/authController.ts
Outdated
| const updatePassword = async (req: Request, res: Response): Promise<void> => { | ||
| try { | ||
| const { oldPassword, newPassword } = req.body; | ||
| const token = req.headers.authorization?.split(' ')[1]; |
There was a problem hiding this comment.
Good morning! Since there's middleware handling user authorization, there's no need for you to redundantly check the user's authorization status in your code
| } | ||
|
|
||
| // Generate salt and hash new password | ||
| const hashedNewPassword = await passwordEncrypt(newPassword); |
There was a problem hiding this comment.
Dont we have to validate newPassword?
There was a problem hiding this comment.
You are right. @A-gent64 validate passwords
| } | ||
|
|
||
| // Generate salt and hash new password | ||
| const hashedNewPassword = await passwordEncrypt(newPassword); |
There was a problem hiding this comment.
You are right. @A-gent64 validate passwords
P-Rwirangira
force-pushed
the
187354251-ft-update-password
branch
from
ff623dc to
be643e2
Compare
…r-the-Project-Repository [finishes 187511688]-implement-badges-status(CI/CD)-show-whether-pass…
P-Rwirangira
force-pushed
the
187354251-ft-update-password
branch
from
be643e2 to
ae26381
Compare
…p-rwanda/e-commerce-mavericcks-bn into 187354251-ft-update-password
Purpose
The purpose of the following PR is to help the user to change his/her password but not when forgotten the first password
Changes Made
-Added a controller in userController.ts for updating/changing user password
-Added API endpoint for updating/changing password in userRouter.js which is also with a middleware that checks if the user is authenticated.
Testing Instructions
Check on localhost:{PORT}/users/update-password (On Postman use POST method)
Related Issues
Reference any related issues or pull requests
Checklist
Please review the following checklist and make sure all tasks are complete before submitting: