fix: fix forgot password journey endpoint and response including requ…

…est body
hngprojects · Aug 6, 2024 · 778a0c4 · 778a0c4
1 parent 28d590f
commit 778a0c4
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 22 deletions.
diff --git a/...V1/Auth/ForgetResetPasswordController.php → ...V1/Auth/ForgotResetPasswordController.php b/...V1/Auth/ForgetResetPasswordController.php → ...V1/Auth/ForgotResetPasswordController.php
@@ -13,7 +13,7 @@
 use Illuminate\Validation\Rules\Password;
 use Illuminate\Support\Facades\Hash;
 
-class ForgetResetPasswordController extends Controller
+class ForgotResetPasswordController extends Controller
 {
     use HttpResponses;
 
@@ -32,7 +32,7 @@ public function forgetPassword(Request $request)
 
         $user = User::where('email', $request->email)->first();
         if (!$user) {
-            return $this->apiResponse(message:  'User does not exist', status_code: 400);
+            return $this->apiResponse(message:  'Account with the specified email doesn\'t exist', status_code: 400);
         }
 
         // Create a new token
@@ -49,7 +49,7 @@ public function forgetPassword(Request $request)
 
         $user->sendPasswordResetToken($token);
 
-        return $this->apiResponse(message:  'Password reset link sent');
+        return $this->apiResponse(message:  'Email sent successfully');
     }
 
     /**
@@ -90,7 +90,7 @@ public function verifyUserOTP(Request $request)
     {
         $validator = Validator::make($request->all(), [
             'email' => 'required|email:rfc',
-            'otp' => ['required', 'digits:6', 'integer'],
+            'token' => ['required', 'digits:6', 'integer'],
         ]);
 
         if ($validator->fails()) {
@@ -100,18 +100,18 @@ public function verifyUserOTP(Request $request)
         // Check if the token exists in the password_reset_tokens table
         $passwordReset = DB::table('password_reset_tokens')->where([
             ['email', $request->email],
-            ['token', $request->otp],
+            ['token', $request->token],
         ])->first();
 
         // If the token is invalid, return an error
         if (!$passwordReset) {
-            return $this->apiResponse(message: 'Invalid token', status_code: 400);
+            return $this->apiResponse(message: 'Invalid token or email', status_code: 401);
         }
 
         // Delete the password reset token after successful reset
         DB::table('password_reset_tokens')->where([
             ['email', $request->email],
-            ['token', $request->otp],
+            ['token', $request->token],
         ])->delete();
 
         return $this->apiResponse(message: 'Token Validated Successfully', status_code: 200);

diff --git a/routes/api.php b/routes/api.php
@@ -18,7 +18,7 @@
 use App\Http\Controllers\Api\V1\Auth\LoginController;
 use App\Http\Controllers\Api\V1\Auth\ResetUserPasswordController;
 use App\Http\Controllers\Api\V1\Auth\SocialAuthController;
-use App\Http\Controllers\Api\V1\Auth\ForgetResetPasswordController;
+use App\Http\Controllers\Api\V1\Auth\ForgotResetPasswordController;
 use App\Http\Controllers\Api\V1\BlogSearchController;
 use App\Http\Controllers\Api\V1\CategoryController;
 use App\Http\Controllers\Api\V1\ContactController;
@@ -71,9 +71,9 @@
     Route::get('/auth/google/callback', [SocialAuthController::class, 'handleGoogleCallback']);
     Route::post('/auth/google/callback', [SocialAuthController::class, 'saveGoogleRequest']);
     /* Forget and Reset Password using OTP */
-    Route::post('/auth/forgot-password', [ForgetResetPasswordController::class, 'forgetPassword']);
-    Route::post('/auth/reset-forgot-password', [ForgetResetPasswordController::class, 'resetPassword']);
-    Route::post('/auth/verify-forgot-otp', [ForgetResetPasswordController::class, 'verifyUserOTP']);
+    Route::post('/auth/forgot-password', [ForgotResetPasswordController::class, 'forgetPassword']);
+    Route::post('/auth/reset-forgot-password', [ForgotResetPasswordController::class, 'resetPassword']);
+    Route::post('/auth/verify-otp', [ForgotResetPasswordController::class, 'verifyUserOTP']);
 
     Route::post('/roles', [RoleController::class, 'store']);
 

diff --git a/tests/Feature/ForgetPasswordRequestTest.php b/tests/Feature/ForgetPasswordRequestTest.php
@@ -112,12 +112,12 @@ public function it_fails_when_email_is_not_provided_via_token()
         $response = $this->postJson('/api/v1/auth/forgot-password', []);
         $response->assertStatus(422)
                 ->assertJson([
+                    'status_code' => 422,
                     'message' => [
                         'email' => [
                             'The email field is required.'
                         ]
                     ],
-                    'status_code' => 422
                 ]);
     }
 
@@ -131,8 +131,8 @@ public function it_returns_error_when_user_does_not_exist_via_token()
 
          $response->assertStatus(400)
                  ->assertJson([
-                     'message' => 'User does not exist',
-                     'status_code' => 400
+                    'status_code' => 400,
+                     'message' => 'Account with the specified email doesn\'t exist',
                  ]);
      }
 
@@ -146,8 +146,8 @@ public function it_returns_error_for_invalid_email_domain_via_token()
 
         $response->assertStatus(400)
                 ->assertJson([
-                    'message' => 'User does not exist',
-                    'status_code' => 400
+                    'status_code' => 400,
+                    'message' => 'Account with the specified email doesn\'t exist',
                 ]);
     }
 
@@ -161,12 +161,12 @@ public function it_returns_error_for_email_with_invalid_format_via_otp()
 
         $response->assertStatus(422)  // Expect validation error for invalid email format
                 ->assertJson([
+                    'status_code' => 422,
                     'message' => [
                         'email' => [
                             'The email field must be a valid email address.'
                         ]
-                    ],
-                    'status_code' => 422
+                    ]
                 ]);
     }
 
@@ -180,12 +180,12 @@ public function it_returns_error_when_email_field_is_empty_via_otp()
 
         $response->assertStatus(422)  // Expect validation error for empty email
                 ->assertJson([
+                    'status_code' => 422,
                     'message' => [
                         'email' => [
                             'The email field is required.'
                         ]
                     ],
-                    'status_code' => 422
                 ]);
     }
 
@@ -215,7 +215,8 @@ public function can_send_password_reset_email_via_otp()
 
         $response->assertStatus(200)
                  ->assertJson([
-                     'message' => 'Password reset link sent',
+                    'status_code' => 200,
+                     'message' => 'Email sent successfully',
                  ]);
     }
 }
diff --git a/tests/Feature/ResetUserPasswordTest.php b/tests/Feature/ResetUserPasswordTest.php
@@ -125,9 +125,9 @@ public function it_verify_user_otp_on_forget_password_request()
             ]
         );
 
-        $response = $this->postJson("/api/v1/auth/verify-forgot-otp", [
+        $response = $this->postJson("/api/v1/auth/verify-otp", [
             'email' => $user->email,
-            'otp' => $token
+            'token' => $token
         ])
         ->assertStatus(200)
         ->assertJson(['message' => 'Token Validated Successfully']);