password reset

config/index.js

@@ -8,3 +8,4 @@ export const jwtSecret = process.env.JWT_SECRET;
 export const CRM_KEY = process.env.CRM_KEY;
 export const CRM_USER = process.env.CRM_USER;
 export const CRM_EMAIL = process.env.CRM_EMAIL;
+export const MAIL_PASS = process.env.MAIL_PASS;

config/mailTemplateReset.js

@@ -1,6 +1,6 @@
 export default function makeResetPassMessage(newPass) {
-  return;
+  return {
-  `<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+    html: `<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml">
       <head>
         <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
@@ -77,9 +77,9 @@ export default function makeResetPassMessage(newPass) {
                   <td>
                     <img
                       class="logo"
-                      src="../images/logo.svg"
+                      src="cid:logo"
                       width="100"
-                      alt="logo"
+                      alt="Menui - food guide"
                     />
                   </td>
                 </tr>
@@ -126,7 +126,7 @@ export default function makeResetPassMessage(newPass) {
               <table align="center">
                 <tr>
                   <td>
-                    <p class="footer">Pozdrawiamy!</p>
+                    <p class="footer">Pozdrawiamy! - Zespół Menui</p>
                   </td>
                 </tr>
               </table>
@@ -134,5 +134,7 @@ export default function makeResetPassMessage(newPass) {
           </tr>
         </table>
       </body>
-    </html>`;
+    </html>`,
+    text: `Drogi użytkowniku, dostałeś tę wiadomość, ponieważ użyłeś opcji "Nie pamiętam hasła" w aplikacji Menui. Twoje tymczasowe hasło to: ${newPass}. Zaloguj się za jego pomocą i ustaw nowe bezpieczne hasło. Jeżeli nie wysyłałeś prośby o zmianę hasła, prosimy zignoruj tę wiadomość. Pozdrawiamy - Zespół Menui`,
+  };
 }

routes/routeUser.js

@@ -16,6 +16,7 @@ import {
 } from "../services/services.js";
 import * as config from "../config/index.js";
 import AgileCRMManager from "agile_crm";
+import { resetPassword } from "../services/mailServices.js";
 const { CRM_USER, CRM_EMAIL, CRM_KEY } = config;
 
 var router = express.Router();
@@ -69,13 +70,18 @@ router.post("/changepass", async (req, res) => {
   }
 });
 
-// RESET PASSWORD
+// REQUEST PASSWORD RESET
-router.post("/resetpassword", (req, res) => {
+router.post("/forgotpassword", async (req, res) => {
   try {
-    //
+    await resetPassword(req.body.email);
+    res.send(
+      "Link do utworzenia nowego hasła został wysłany na adres email powiązany z kontem. Sprawdź również folder SPAM."
+    );
   } catch (error) {
     handleError(error, res);
   }
 });
 
+// RESET PASS
+
 export default router;

services/databaseServices.js

@@ -1,8 +1,6 @@
 import Restaurant from "../models/restaurant.js";
 import Dish from "../models/dish.js";
 import User from "../models/users.js";
-import mongoose from "mongoose";
-import sanitizer from "string-sanitizer";
 import { newError } from "./services.js";
 
 export async function changeUserPass(userId, newPass) {

services/mailServices.js

@@ -1,2 +1,47 @@
 import nodemailer from "nodemailer";
-import makeResetPassMessage from "../config/mailTemplateReset";
+import path from "path";
+import { MAIL_PASS } from "../config/index.js";
+import makeResetPassMessage from "../config/mailTemplateReset.js";
+import { newError, generatePasswordResetLink } from "../services/services.js";
+
+const images = path.resolve("images");
+
+async function sendMail(reciever, subject, textMessage, htmlMessage) {
+  let transporter = nodemailer.createTransport({
+    host: "smtp.dpoczta.pl",
+    port: 587,
+    secure: false,
+    auth: {
+      user: "noreply@menui.pl",
+      pass: MAIL_PASS,
+    },
+  });
+
+  let info = await transporter.sendMail({
+    from: '"Menui" <noreply@menui.pl>',
+    to: reciever,
+    subject: subject,
+    text: textMessage,
+    html: htmlMessage,
+    attachments: [
+      {
+        filename: "logo.svg",
+        path: images + "/logo.svg",
+        cid: "logo",
+      },
+    ],
+  });
+}
+
+export async function resetPassword(email) {
+  const resetLink = generatePasswordResetLink(email);
+  const message = makeResetPassMessage(resetLink);
+  await sendMail(
+    email,
+    "Menui - Resetowanie hasła",
+    message.text,
+    message.html
+  ).catch((err) => {
+    throw newError("Nieznany błąd podczas resetu hasła", 500);
+  });
+}

services/services.js

@@ -1,5 +1,5 @@
 import Restaurant from "../models/restaurant.js";
-import {} from "./dataPrepServices.js";
+import crypto from "crypto";
 import Dish from "../models/dish.js";
 import User from "../models/users.js";
 import mongoose from "mongoose";
@@ -59,6 +59,22 @@ export function generateAuthToken(user) {
   return token;
 }
 
+function generatePasswordResetToken(email) {
+  const token = jwt.sign(
+    {
+      email: email,
+    },
+    jwtSecret,
+    { expiresIn: "15m" }
+  );
+  return token;
+}
+
+export function generatePasswordResetLink(email) {
+  const token = generatePasswordResetToken(email);
+  const link = `htt`;
+}
+
 export async function checkEmailTaken(email) {
   if (!email) throw newError("No input email", 204);
   await User.exists({ email: email }).then((res) => {

services/services.test.js

@@ -1,4 +1,4 @@
-import { validateRestaurant, toShortDate } from "./services";
+import { toShortDate, generateNewPassword } from "./services";
 
 jest.mock("@azure/storage-blob", () => {
   return {
@@ -17,3 +17,8 @@ jest.mock("bcrypt", () => {
 test("should return false for no date on input", () => {
   expect(toShortDate()).toBe(false);
 });
+
+test("should generate random 10 characters long password", () => {
+  let generatedPass = generateNewPassword();
+  expect(generatedPass.length).toBe(10);
+});