From c207df172796606679fd55fb1acd2be74d97ee8f Mon Sep 17 00:00:00 2001
From: Natanael Filho <filhonatanael01@gmail.com>
Date: Sun, 11 Aug 2024 21:24:54 -0300
Subject: [PATCH 1/2] fix reset fort password

---
 src/auth/auth.controller.ts          | 11 +----------
 src/auth/auth.service.ts             | 29 ++++++++++++++--------------
 src/users/dtos/reset-password.dto.ts |  7 -------
 src/users/email.service.ts           |  5 +++--
 4 files changed, 19 insertions(+), 33 deletions(-)

diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts
index 560f2d9..c150705 100644
--- a/src/auth/auth.controller.ts
+++ b/src/auth/auth.controller.ts
@@ -94,15 +94,6 @@ export class AuthController {
 
   @Put('reset-password')
   async resetPassword(@Body() resetPasswordDto: ResetPasswordDto) {
-    if (resetPasswordDto.newPassword !== resetPasswordDto.confirmPassword) {
-      throw new UnauthorizedException('Passwords are not the same');
-    }
-
-    await this.authService.resetPassword(
-      resetPasswordDto.newPassword,
-      resetPasswordDto.resetToken,
-    );
-
-    return { message: 'Password reset successful' };
+    return this.authService.resetPassword(resetPasswordDto);
   }
 }
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index 283705e..9695410 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -18,6 +18,7 @@ import { EmailService } from 'src/users/email.service';
 import { ResetToken } from 'src/users/interface/reset-token.schema';
 import { Response } from 'express';
 import { ConfigService } from '@nestjs/config';
+import { ResetPasswordDto } from 'src/users/dtos/reset-password.dto';
 
 @Injectable()
 export class AuthService {
@@ -167,20 +168,20 @@ export class AuthService {
   async forgotPassword(email: string) {
     const user = await this.userModel.findOne({ email });
 
-    if (user) {
-      const expiryDate = new Date();
-      expiryDate.setHours(expiryDate.getHours() + 1);
-
-      const resetToken = nanoid(64);
-      await this.ResetTokenModel.create({
-        token: resetToken,
-        userId: user._id,
-        expiryDate,
-      });
-      this.emailService.sendPasswordResetEmail(email, resetToken);
+    if (!user) {
+      throw new NotFoundException('User not found');
     }
+    const expiryDate = new Date();
+    expiryDate.setHours(expiryDate.getHours() + 1);
+    const resetToken = nanoid(64);
+    await this.ResetTokenModel.create({
+      token: resetToken,
+      userId: user._id,
+      expiryDate,
+    });
+    this.emailService.sendPasswordResetEmail(email, resetToken);
 
-    return { message: 'If this user exists, they will receive an email' };
+    return { message: 'Check your email, you will receive an redirect link' };
   }
 
   async resetPassword(newPassword: string, resetToken: string) {
@@ -195,10 +196,10 @@ export class AuthService {
 
     const user = await this.userModel.findById(token.userId);
     if (!user) {
-      throw new InternalServerErrorException();
+      throw new NotFoundException('User not found...');
     }
-
     user.password = newPassword;
     await user.save();
+    return { message: 'Password reset successful' };
   }
 }
diff --git a/src/users/dtos/reset-password.dto.ts b/src/users/dtos/reset-password.dto.ts
index 4bc4de6..841bac5 100644
--- a/src/users/dtos/reset-password.dto.ts
+++ b/src/users/dtos/reset-password.dto.ts
@@ -10,11 +10,4 @@ export class ResetPasswordDto {
     message: 'Password must contain at least one number',
   })
   newPassword: string;
-
-  @IsString()
-  @MinLength(6)
-  @Matches(/^(?=.*[0-9])/, {
-    message: 'Password must contain at least one number',
-  })
-  confirmPassword: string;
 }
diff --git a/src/users/email.service.ts b/src/users/email.service.ts
index 8c072a1..0569ba8 100644
--- a/src/users/email.service.ts
+++ b/src/users/email.service.ts
@@ -1,4 +1,5 @@
 import { Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
 import * as nodemailer from 'nodemailer';
 import * as sgTransport from 'nodemailer-sendgrid-transport';
 
@@ -6,7 +7,7 @@ import * as sgTransport from 'nodemailer-sendgrid-transport';
 export class EmailService {
   private transporter: nodemailer.Transporter;
 
-  constructor() {
+  constructor(private readonly configService: ConfigService) {
     this.transporter = nodemailer.createTransport(
       sgTransport({
         auth: {
@@ -103,7 +104,7 @@ export class EmailService {
   }
 
   async sendPasswordResetEmail(to: string, token: string): Promise<void> {
-    const resetLink = `http://yourapp.com/reset-password?token=${token}`;
+    const resetLink = `${this.configService.get<string>('FRONTEND_URL')}/reset-password?token=${token}`;
     const mailOptions = {
       from: process.env.EMAIL_USER,
       to: to,

From 45f6b56b6c20f180d5fdec8bd3e8969ce2d6a4ed Mon Sep 17 00:00:00 2001
From: Natanael Filho <filhonatanael01@gmail.com>
Date: Sun, 11 Aug 2024 21:32:33 -0300
Subject: [PATCH 2/2] fix resetPassword params

---
 src/auth/auth.service.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index 9695410..6e86da2 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -184,7 +184,7 @@ export class AuthService {
     return { message: 'Check your email, you will receive an redirect link' };
   }
 
-  async resetPassword(newPassword: string, resetToken: string) {
+  async resetPassword({newPassword, resetToken}: ResetPasswordDto) {
     const token = await this.ResetTokenModel.findOneAndDelete({
       token: resetToken,
       expiryDate: { $gte: new Date() },