From 8af84b7cfa679611f4e8f0d3a9de16e65b415390 Mon Sep 17 00:00:00 2001 From: CookieDasora Date: Fri, 26 Jan 2024 18:30:34 +0000 Subject: [PATCH] feat: added update email and password routes --- src/users/dto/update-email.dto.ts | 14 +++++++ src/users/dto/update-password.dto.ts | 33 +++++++++++++++ src/users/users.controller.ts | 19 +++++++-- src/users/users.service.ts | 61 ++++++++++++++++++++++++++++ 4 files changed, 124 insertions(+), 3 deletions(-) create mode 100644 src/users/dto/update-email.dto.ts create mode 100644 src/users/dto/update-password.dto.ts diff --git a/src/users/dto/update-email.dto.ts b/src/users/dto/update-email.dto.ts new file mode 100644 index 0000000..6b2e2c1 --- /dev/null +++ b/src/users/dto/update-email.dto.ts @@ -0,0 +1,14 @@ +import { createZodDto } from "nestjs-zod"; +import { z } from "nestjs-zod/z"; + +export const UpdateEmailSchema = z + .object({ + email: z + .string({ + required_error: "Email is required", + }) + .email("Invalid email"), + }) + .required(); + +export class UpdateEmailDTO extends createZodDto(UpdateEmailSchema) {} diff --git a/src/users/dto/update-password.dto.ts b/src/users/dto/update-password.dto.ts new file mode 100644 index 0000000..09709be --- /dev/null +++ b/src/users/dto/update-password.dto.ts @@ -0,0 +1,33 @@ +import { createZodDto } from "nestjs-zod"; +import { z } from "nestjs-zod/z"; + +// TODO: see if it can be refactored + +export const UpdatePasswordSchema = z + .object({ + old_password: z + .password({ + required_error: "Password is required", + }) + .min(8) + .max(32) + .atLeastOne("digit") + .atLeastOne("uppercase") + .atLeastOne("lowercase") + .atLeastOne("special") + .transform((value) => value.replace(/\s+/g, "")), + new_password: z + .password({ + required_error: "Password is required", + }) + .min(8) + .max(32) + .atLeastOne("digit") + .atLeastOne("uppercase") + .atLeastOne("lowercase") + .atLeastOne("special") + .transform((value) => value.replace(/\s+/g, "")), + }) + .required(); + +export class UpdatePasswordDTO extends createZodDto(UpdatePasswordSchema) {} diff --git a/src/users/users.controller.ts b/src/users/users.controller.ts index ac4e3e6..3f2cd7e 100644 --- a/src/users/users.controller.ts +++ b/src/users/users.controller.ts @@ -23,6 +23,8 @@ import { CreateUserDTO } from "./dto/create-user.dto"; import { Public } from "src/public.decorator"; import { UpdateNameDTO } from "./dto/update-name.dto"; import { User } from "./types/user.type"; +import { UpdateEmailDTO } from "./dto/update-email.dto"; +import { UpdatePasswordDTO } from "./dto/update-password.dto"; @ApiTags("Users") @Controller("users") @@ -49,7 +51,7 @@ export class UserController { description: "Not authenticated / Invalid JWT Token", }) me(@Request() req) { - return req.user; // TODO: Add typing to req.user + return req.user; } @Public() @@ -74,12 +76,23 @@ export class UserController { @Patch("/email") @ApiOperation({ summary: "Updates the email of a logged user" }) @ApiBearerAuth("JWT") - updateEmail() {} + updateEmail(@Body() body: UpdateEmailDTO, @Request() req) { + return this.userService.updateEmail(req.user as User, body.email); + } @Patch("/password") @ApiOperation({ summary: "Updates the password of a logged user" }) @ApiBearerAuth("JWT") - updatePassword() {} + updatePassword( + @Body() { old_password, new_password }: UpdatePasswordDTO, + @Request() req, + ) { + return this.userService.updatePassword( + req.user as User, + old_password, + new_password, + ); + } @Patch("/image") @ApiOperation({ summary: "Add a profile image" }) diff --git a/src/users/users.service.ts b/src/users/users.service.ts index 9e87f68..6f8be9a 100644 --- a/src/users/users.service.ts +++ b/src/users/users.service.ts @@ -101,6 +101,35 @@ export class UserService { return user; } + async updateEmail( + loggedUser: User, + email: string, + ): Promise<{ message: string }> { + const user = await this.prisma.user.findFirst({ + where: { id: loggedUser.id }, + }); + + if (email !== undefined && email.trim() !== user.email) { + const isAlreadyInUse = await this.prisma.user.findFirst({ + where: { email }, + }); + if (isAlreadyInUse != null && isAlreadyInUse.email !== user.email) { + throw new BadRequestException("Email already in use"); + } + + await this.prisma.user.update({ + where: { + id: loggedUser.id, + }, + data: { + email: email ?? user.email, + }, + }); + + return { message: "Email updated successfully" }; + } + } + async updateName( loggedUser: User, username: string | undefined, @@ -133,4 +162,36 @@ export class UserService { }, }); } + + async updatePassword( + loggedUser: User, + old_password: string, + new_password: string, + ): Promise<{ message: string }> { + const id = loggedUser.id; + + const user = await this.prisma.user.findFirst({ + where: { id }, + }); + + const validatePassword = await bcrypt.compare(old_password, user.password); + + if (!validatePassword) { + throw new BadRequestException("Wrong password"); + } + + const salt = await bcrypt.genSalt(15); + const hash = await bcrypt.hash(new_password, salt); + + await this.prisma.user.update({ + where: { + id, + }, + data: { + password: hash, + }, + }); + + return { message: "Password updated successfully" }; + } }