xmartlabs
diff --git a/‎.env.example‎
Lines changed: 2 additions & 0 deletions b/‎.env.example‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.github/workflows/node.js.yml‎
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/node.js.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.woodpecker/.backend-ci.yml‎
Lines changed: 1 addition & 0 deletions b/‎.woodpecker/.backend-ci.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎package-lock.json‎
Lines changed: 3 additions & 8 deletions b/‎package-lock.json‎
Lines changed: 3 additions & 8 deletions
diff --git a/‎package.json‎
Lines changed: 1 addition & 0 deletions b/‎package.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎prisma/migrations/20231204190920_add_tokens_table/migration.sql‎
Lines changed: 21 additions & 0 deletions b/‎prisma/migrations/20231204190920_add_tokens_table/migration.sql‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎prisma/schema.prisma‎
Lines changed: 18 additions & 0 deletions b/‎prisma/schema.prisma‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎src/config/config.ts‎
Lines changed: 8 additions & 0 deletions b/‎src/config/config.ts‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎src/config/errors.ts‎
Lines changed: 10 additions & 0 deletions b/‎src/config/errors.ts‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎src/controllers/users.ts‎
Lines changed: 25 additions & 1 deletion b/‎src/controllers/users.ts‎
Lines changed: 25 additions & 1 deletion
@@ -21,3 +21,5 @@ REDIS_PASSWORD=''
 REDIS_PORT=6379
 REDIS_USERNAME=''
 JOBS_RETENTION_HOURS=24
+
+OTP_EXPIRATION_MINUTES=15
@@ -29,6 +29,7 @@ env:
   REDIS_PORT: '6379'
   REDIS_USERNAME: 'default'
   JOBS_RETENTION_HOURS: '24'
+  OTP_EXPIRATION_MINUTES: '15'
 
 jobs:
   build:
 
@@ -21,6 +21,7 @@ x-common: &common
     - REDIS_PORT=6379
     - REDIS_USERNAME=default
     - JOBS_RETENTION_HOURS=24
+    - OTP_EXPIRATION_MINUTES=15
 
 pipeline:
   setup:
 
@@ -70,6 +70,7 @@
     "concurrently": "^8.2.0",
     "cors": "^2.8.5",
     "cross-spawn": "^7.0.3",
+    "date-fns": "^2.30.0",
     "dotenv": "^16.0.0",
     "dotenv-cli": "^7.3.0",
     "express": "^4.17.1",
 
@@ -0,0 +1,21 @@
+-- CreateEnum
+CREATE TYPE "TypeToken" AS ENUM ('RESET_PASSWORD');
+
+-- CreateTable
+CREATE TABLE "Tokens" (
+    "id" TEXT NOT NULL,
+    "created_at" TIMESTAMP(6) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" TIMESTAMP(6) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "token" TEXT NOT NULL,
+    "type" "TypeToken" NOT NULL,
+    "expires_at" TIMESTAMP(3) NOT NULL,
+    "user_id" TEXT,
+
+    CONSTRAINT "Tokens_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Tokens_user_id_type_key" ON "Tokens"("user_id", "type");
+
+-- AddForeignKey
+ALTER TABLE "Tokens" ADD CONSTRAINT "Tokens_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "User"("id") ON DELETE SET NULL ON UPDATE CASCADE;
@@ -18,6 +18,7 @@ model User {
   email      String    @unique
   password   String
   name       String?
+  token      Tokens[]
 }
 
 model Session {
@@ -28,3 +29,20 @@ model Session {
   accessToken    String   @unique
   refreshToken   String   @unique
 }
+
+model Tokens {
+  id         String    @id @default(uuid())
+  createdAt  DateTime  @default(now()) @map("created_at") @db.Timestamp(6)
+  updatedAt  DateTime  @default(now()) @updatedAt @map("updated_at") @db.Timestamp(6)
+  token      String
+  type       TypeToken
+  expiresAt  DateTime  @map("expires_at")
+  userId     String?   @map("user_id")
+  user       User?     @relation(fields: [userId], references: [id])
+
+  @@unique([userId, type])
+}
+
+enum TypeToken {
+  RESET_PASSWORD
+}
@@ -47,6 +47,13 @@ const envVarsSchema = z
         'JOBS RETENTION HOURS must be a number',
       ),
     REDIS_USERNAME: z.string(),
+    OTP_EXPIRATION_MINUTES: z
+      .string()
+      .transform((val) => Number(val))
+      .refine(
+        (val) => !Number.isNaN(val),
+        'OTP EXPIRATION TIME must be a number',
+      ),
   })
   .passthrough();
 
@@ -76,4 +83,5 @@ export const config: Config = {
   redisPort: envVars.REDIS_PORT,
   redisUsername: envVars.REDIS_USERNAME,
   jobsRetentionHours: envVars.JOBS_RETENTION_HOURS,
+  otpExpirationMinutes: envVars.OTP_EXPIRATION_MINUTES,
 };
@@ -19,6 +19,11 @@ export const errors = {
     errorCode: 400_003,
     description: 'Invalid token',
   },
+  INVALID_CODE: {
+    httpCode: 400,
+    errorCode: 400_004,
+    description: 'Invalid code',
+  },
   UNAUTHENTICATED: {
     httpCode: 401,
     errorCode: 401_000,
@@ -29,6 +34,11 @@ export const errors = {
     errorCode: 401_001,
     description: 'Token expired',
   },
+  CODE_EXPIRED: {
+    httpCode: 403,
+    errorCode: 403_001,
+    description: 'Code has expired',
+  },
   NOT_FOUND: {
     httpCode: 404,
     errorCode: 404_000,
 
@@ -5,13 +5,20 @@ import {
   Delete,
   Get,
   Path,
+  Post,
   Put,
   Request,
   Route,
   Security,
 } from 'tsoa';
 import { UserService } from 'services';
-import { ReturnUser, UpdateUserParams, AuthenticatedRequest } from 'types';
+import {
+  ReturnUser,
+  UpdateUserParams,
+  AuthenticatedRequest,
+  PasswordResetCodeRequest,
+  ResetPassword,
+} from 'types';
 
 @Route('v1/users')
 export class UsersControllerV1 extends Controller {
@@ -58,4 +65,21 @@ export class UsersControllerV1 extends Controller {
     await UserService.destroy(id);
     this.setStatus(httpStatus.NO_CONTENT);
   }
+
+  @Post('/requestResetPasswordCode')
+  public async requestResetPasswordCode(
+    @Body() requestBody: PasswordResetCodeRequest,
+  ): Promise<void> {
+    await UserService.requestResetPasswordCode(requestBody.email);
+    this.setStatus(httpStatus.OK);
+  }
+
+  @Post('/resetPassword')
+  public async resetPassword(
+    @Body() requestBody: ResetPassword,
+  ): Promise<void> {
+    const { email, code, newPassword } = requestBody;
+    await UserService.resetPassword(email, code, newPassword);
+    this.setStatus(httpStatus.OK);
+  }
 }