diff --git a/app/Http/Controllers/Api/V1/Auth/ForgetResetPasswordController.php b/app/Http/Controllers/Api/V1/Auth/ForgotResetPasswordController.php similarity index 86% rename from app/Http/Controllers/Api/V1/Auth/ForgetResetPasswordController.php rename to app/Http/Controllers/Api/V1/Auth/ForgotResetPasswordController.php index 7cdebca7..d7846074 100644 --- a/app/Http/Controllers/Api/V1/Auth/ForgetResetPasswordController.php +++ b/app/Http/Controllers/Api/V1/Auth/ForgotResetPasswordController.php @@ -13,7 +13,7 @@ use Illuminate\Validation\Rules\Password; use Illuminate\Support\Facades\Hash; -class ForgetResetPasswordController extends Controller +class ForgotResetPasswordController extends Controller { use HttpResponses; @@ -32,7 +32,7 @@ public function forgetPassword(Request $request) $user = User::where('email', $request->email)->first(); if (!$user) { - return $this->apiResponse(message: 'User does not exist', status_code: 400); + return $this->apiResponse(message: 'Account with the specified email doesn\'t exist', status_code: 400); } // Create a new token @@ -49,7 +49,7 @@ public function forgetPassword(Request $request) $user->sendPasswordResetToken($token); - return $this->apiResponse(message: 'Password reset link sent'); + return $this->apiResponse(message: 'Email sent successfully'); } /** @@ -90,7 +90,7 @@ public function verifyUserOTP(Request $request) { $validator = Validator::make($request->all(), [ 'email' => 'required|email:rfc', - 'otp' => ['required', 'digits:6', 'integer'], + 'token' => ['required', 'digits:6', 'integer'], ]); if ($validator->fails()) { @@ -100,18 +100,18 @@ public function verifyUserOTP(Request $request) // Check if the token exists in the password_reset_tokens table $passwordReset = DB::table('password_reset_tokens')->where([ ['email', $request->email], - ['token', $request->otp], + ['token', $request->token], ])->first(); // If the token is invalid, return an error if (!$passwordReset) { - return $this->apiResponse(message: 'Invalid token', status_code: 400); + return $this->apiResponse(message: 'Invalid token or email', status_code: 401); } // Delete the password reset token after successful reset DB::table('password_reset_tokens')->where([ ['email', $request->email], - ['token', $request->otp], + ['token', $request->token], ])->delete(); return $this->apiResponse(message: 'Token Validated Successfully', status_code: 200); diff --git a/routes/api.php b/routes/api.php index 407cb969..337cfdc4 100755 --- a/routes/api.php +++ b/routes/api.php @@ -18,7 +18,7 @@ use App\Http\Controllers\Api\V1\Auth\LoginController; use App\Http\Controllers\Api\V1\Auth\ResetUserPasswordController; use App\Http\Controllers\Api\V1\Auth\SocialAuthController; -use App\Http\Controllers\Api\V1\Auth\ForgetResetPasswordController; +use App\Http\Controllers\Api\V1\Auth\ForgotResetPasswordController; use App\Http\Controllers\Api\V1\BlogSearchController; use App\Http\Controllers\Api\V1\CategoryController; use App\Http\Controllers\Api\V1\ContactController; @@ -71,9 +71,9 @@ Route::get('/auth/google/callback', [SocialAuthController::class, 'handleGoogleCallback']); Route::post('/auth/google/callback', [SocialAuthController::class, 'saveGoogleRequest']); /* Forget and Reset Password using OTP */ - Route::post('/auth/forgot-password', [ForgetResetPasswordController::class, 'forgetPassword']); - Route::post('/auth/reset-forgot-password', [ForgetResetPasswordController::class, 'resetPassword']); - Route::post('/auth/verify-forgot-otp', [ForgetResetPasswordController::class, 'verifyUserOTP']); + Route::post('/auth/forgot-password', [ForgotResetPasswordController::class, 'forgetPassword']); + Route::post('/auth/reset-forgot-password', [ForgotResetPasswordController::class, 'resetPassword']); + Route::post('/auth/verify-otp', [ForgotResetPasswordController::class, 'verifyUserOTP']); Route::post('/roles', [RoleController::class, 'store']); diff --git a/tests/Feature/ForgetPasswordRequestTest.php b/tests/Feature/ForgetPasswordRequestTest.php index 36ae47ca..cf9e65b6 100755 --- a/tests/Feature/ForgetPasswordRequestTest.php +++ b/tests/Feature/ForgetPasswordRequestTest.php @@ -112,12 +112,12 @@ public function it_fails_when_email_is_not_provided_via_token() $response = $this->postJson('/api/v1/auth/forgot-password', []); $response->assertStatus(422) ->assertJson([ + 'status_code' => 422, 'message' => [ 'email' => [ 'The email field is required.' ] ], - 'status_code' => 422 ]); } @@ -131,8 +131,8 @@ public function it_returns_error_when_user_does_not_exist_via_token() $response->assertStatus(400) ->assertJson([ - 'message' => 'User does not exist', - 'status_code' => 400 + 'status_code' => 400, + 'message' => 'Account with the specified email doesn\'t exist', ]); } @@ -146,8 +146,8 @@ public function it_returns_error_for_invalid_email_domain_via_token() $response->assertStatus(400) ->assertJson([ - 'message' => 'User does not exist', - 'status_code' => 400 + 'status_code' => 400, + 'message' => 'Account with the specified email doesn\'t exist', ]); } @@ -161,12 +161,12 @@ public function it_returns_error_for_email_with_invalid_format_via_otp() $response->assertStatus(422) // Expect validation error for invalid email format ->assertJson([ + 'status_code' => 422, 'message' => [ 'email' => [ 'The email field must be a valid email address.' ] - ], - 'status_code' => 422 + ] ]); } @@ -180,12 +180,12 @@ public function it_returns_error_when_email_field_is_empty_via_otp() $response->assertStatus(422) // Expect validation error for empty email ->assertJson([ + 'status_code' => 422, 'message' => [ 'email' => [ 'The email field is required.' ] ], - 'status_code' => 422 ]); } @@ -215,7 +215,8 @@ public function can_send_password_reset_email_via_otp() $response->assertStatus(200) ->assertJson([ - 'message' => 'Password reset link sent', + 'status_code' => 200, + 'message' => 'Email sent successfully', ]); } } diff --git a/tests/Feature/ResetUserPasswordTest.php b/tests/Feature/ResetUserPasswordTest.php index 78c2eb65..ff60dd8c 100755 --- a/tests/Feature/ResetUserPasswordTest.php +++ b/tests/Feature/ResetUserPasswordTest.php @@ -125,9 +125,9 @@ public function it_verify_user_otp_on_forget_password_request() ] ); - $response = $this->postJson("/api/v1/auth/verify-forgot-otp", [ + $response = $this->postJson("/api/v1/auth/verify-otp", [ 'email' => $user->email, - 'otp' => $token + 'token' => $token ]) ->assertStatus(200) ->assertJson(['message' => 'Token Validated Successfully']);