From 68c2451db4e3a257f86b1d4b8e8b6e6976e56b3b Mon Sep 17 00:00:00 2001 From: abhijit1859 Date: Wed, 22 Oct 2025 14:38:03 +0530 Subject: [PATCH 1/2] feat(mail): add mail service --- package-lock.json | 20 +++++- package.json | 3 +- src/controllers/authController.js | 104 +++++++++++++++++++++++++++++- src/routes/authRoutes.js | 5 +- src/services/authService.js | 7 +- src/utils/sendEmail.js | 21 ++++++ 6 files changed, 153 insertions(+), 7 deletions(-) create mode 100644 src/utils/sendEmail.js diff --git a/package-lock.json b/package-lock.json index 3b10e3a..3463871 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,8 @@ "jsonwebtoken": "^9.0.2", "mongoose": "^8.19.1", "nodemon": "^3.1.10", - "readdirp": "^4.1.2" + "readdirp": "^4.1.2", + "resend": "^6.1.3" }, "devDependencies": { "@commitlint/cli": "^19.1.0", @@ -3188,6 +3189,23 @@ "node": ">=0.10.0" } }, + "node_modules/resend": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/resend/-/resend-6.1.3.tgz", + "integrity": "sha512-vHRdmU3q+nS5x7cYHZpAQ5zpZE+DV+7q6axIUiRcxYsoUpjBuW50zwdrOz+8O6vUbjGFIz4r2qkt4s+2G0y4GA==", + "license": "MIT", + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "@react-email/render": "*" + }, + "peerDependenciesMeta": { + "@react-email/render": { + "optional": true + } + } + }, "node_modules/resolve-from": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", diff --git a/package.json b/package.json index e9d7631..b5ca97c 100644 --- a/package.json +++ b/package.json @@ -26,6 +26,7 @@ "jsonwebtoken": "^9.0.2", "mongoose": "^8.19.1", "nodemon": "^3.1.10", - "readdirp": "^4.1.2" + "readdirp": "^4.1.2", + "resend": "^6.1.3" } } diff --git a/src/controllers/authController.js b/src/controllers/authController.js index 81ca5be..1412236 100644 --- a/src/controllers/authController.js +++ b/src/controllers/authController.js @@ -1,4 +1,7 @@ -import { registerUserService,loginUserService } from '../services/authService.js'; +import { User } from '../models/user.model.js'; +import { registerUserService, loginUserService } from '../services/authService.js'; +import jwt from 'jsonwebtoken' +import { sendEmail } from '../utils/sendEmail.js'; export const registerUser = async (req, res) => { try { @@ -17,6 +20,7 @@ export const registerUser = async (req, res) => { export const loginUser = async (req, res) => { try { const { email, password } = req.body; + const result = await loginUserService({ email, password }); return res.status(200).json({ @@ -30,4 +34,100 @@ export const loginUser = async (req, res) => { const status = error.statusCode || 400; return res.status(status).json({ success: false, message: error.message || 'Login failed' }); } -}; \ No newline at end of file +}; + +export const forgotPassword = async (req, res) => { + const { email } = req.body; + + try { + const user = await User.findOne({ email }); + + if (!user) { + return res.status(401).json({ + success: false, + message: "User not found" + }) + } + + const resetToken = jwt.sign( + { id: user._id }, + process.env.JWT_SECRET, + { + expiresIn: '1h' + } + ); + + + user.refreshToken = resetToken; + await user.save(); + + const resetUrl = `http://localhost:5000/api/auth/resetPassword/${resetToken}` + + const html = ` +

Hello ${user.fullname},

+

You requested a password reset. Click below to reset your password:

+ ${resetUrl} +

This link will expire in 1 hour.

+ + ` + + await sendEmail(user.email,html); + + console.log(resetUrl); + return res.status(200).json({ + success: true, + message: 'Password reset link sent' + }) + } catch (error) { + console.error(error) + return res.status(500).json({ + success: false, + message: 'server error' + }) + + } +} + + +export const resetPassword = async (req, res) => { + try { + const { token } = req.params; + const { password } = req.body; + + if (!password) { + return res.status(400).json({ + success: false, + message: 'Password is required' + }) + } + + let decoded; + try { + decoded = jwt.verify(token, process.env.JWT_SECRET) + } catch (error) { + + return res.status(400).json({ + success: false, + message: 'Invalid or expired token' + }) + } + + + + const user = await User.findById(decoded.id); + console.log(user) + if (!user || user.refreshToken !== token) { + return res.status(400).json({ success: false, message: 'Invalid or expired token' }); + } + user.password = password; + + + user.refreshToken = undefined; + await user.save(); + return res.status(200).json({ success: true, message: 'Password reset successful' }); + } catch (error) { + + return res.status(500).json({ success: false, message: 'Server error' }); + + } +} \ No newline at end of file diff --git a/src/routes/authRoutes.js b/src/routes/authRoutes.js index 16b86df..669790d 100644 --- a/src/routes/authRoutes.js +++ b/src/routes/authRoutes.js @@ -1,9 +1,12 @@ import express from 'express'; -import { registerUser,loginUser } from '../controllers/authController.js'; +import { registerUser,loginUser, forgotPassword, resetPassword } from '../controllers/authController.js'; +import { authMiddleware } from '../middlewares/auth.middleware.js'; const router = express.Router(); router.post('/register', registerUser); router.post('/login', loginUser); +router.post('/forgotPassword',forgotPassword); +router.post('/resetPassword/:token',resetPassword); export default router; diff --git a/src/services/authService.js b/src/services/authService.js index 3f462dc..751a525 100644 --- a/src/services/authService.js +++ b/src/services/authService.js @@ -53,14 +53,17 @@ export const loginUserService = async ({ email, password }) => { } const user = await User.findOne({ email }).populate('role'); + if (!user) { const err = new Error('Invalid credentials'); err.statusCode = 401; throw err; } + - const isMatch = bcrypt.compare(password, user.password); - + const isMatch = await bcrypt.compare(password, user.password); + + if (!isMatch) { const err = new Error('Invalid credentials'); err.statusCode = 401; diff --git a/src/utils/sendEmail.js b/src/utils/sendEmail.js new file mode 100644 index 0000000..c6d5b6c --- /dev/null +++ b/src/utils/sendEmail.js @@ -0,0 +1,21 @@ +import { Resend } from "resend"; +import dotenv from "dotenv"; +dotenv.config(); +const resend = new Resend(process.env.RESEND_API_KEY); + +export const sendEmail = async (to,html) => { + try { + const response = await resend.emails.send({ + from: "Acme ", + to: [to], + subject:"Password reset Link", + html, + }); + + console.log("Email sent successfully:", response); + return response; + } catch (error) { + console.error("Error sending email:", error); + throw new Error("Failed to send email"); + } +} \ No newline at end of file From f600a49fe29e319b5e968a6db6c095ce93ab521e Mon Sep 17 00:00:00 2001 From: abhijit1859 Date: Wed, 22 Oct 2025 21:59:34 +0530 Subject: [PATCH 2/2] feat(rbac): implement forgetPassword functionality --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 7e0bf2b..4409d69 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,10 @@ npm install PORT=5000 MONGO_URI=mongodb://localhost:27017/rbac JWT_SECRET=your-secret-key +RESEND_API_KEY=your-resend-api-key + +🔑 Note: The RESEND_API_KEY can be obtained by creating an account on Resend Mail + and generating an API key. ``` ### 4️⃣ Run the Project