resolved forgot password issues

dhairyagothi · Nov 7, 2024 · 3750c28 · 3750c28
1 parent f49d122
commit 3750c28
Showing 1 changed file with 38 additions and 31 deletions.
diff --git a/backend/controllers/submitFeedback.js b/backend/controllers/submitFeedback.js
@@ -1,17 +1,17 @@
-import nodemailer from 'nodemailer';
-import User from '../models/User.js';
-import { generateOTP , verifyOTP} from '../utils/otputils.js'; // Import the OTP generation function
-import { sendOTPEmail } from '../utils/emailUtils.js'; // Import the email sender utility if separated into a different file
+import nodemailer from "nodemailer";
+import User from "../models/User.js";
+import { generateOTP, verifyOTP } from "../utils/otputils.js"; // Import the OTP generation function
+import { sendOTPEmail } from "../utils/emailUtils.js"; // Import the email sender utility if separated into a different file
 
-import { hashPassword } from '../utils/authFunctions.js';
+import { hashPassword } from "../utils/authFunctions.js";
 
 // Controller to handle user feedback submission
 export const submitFeedback = async (req, res) => {
   const { rating, comment } = req.body;
 
   try {
     // The user is already authenticated and attached to req.user by verifyJWT
-    const user = req.user; 
+    const user = req.user;
 
     // Update user's rating and comment fields
     user.rating = rating || user.rating; // If no rating is provided, keep the existing one
@@ -20,10 +20,14 @@ export const submitFeedback = async (req, res) => {
     // Save the updated user document
     await user.save();
 
-    return res.status(200).json({ message: 'Feedback submitted successfully', user });
+    return res
+      .status(200)
+      .json({ message: "Feedback submitted successfully", user });
   } catch (error) {
-    console.error('Error submitting feedback:', error);
-    return res.status(error.statusCode || 500).json({ message: error.message || 'An error occurred while submitting feedback' });
+    console.error("Error submitting feedback:", error);
+    return res.status(error.statusCode || 500).json({
+      message: error.message || "An error occurred while submitting feedback",
+    });
   }
 };
 
@@ -33,32 +37,34 @@ export const sendOTPToEmail = async (req, res) => {
 
     // Check if email is provided
     if (!email) {
-      return res.status(400).json({ error: 'Email is required' });
+      return res.status(400).json({ error: "Email is required" });
     }
 
     // Find user by email
     const user = await User.findOne({ email });
 
     if (!user) {
-      return res.status(404).json({ error: 'User does not exist' });
+      return res.status(404).json({ error: "User does not exist" });
     }
 
     // Generate OTP and set expiry (10 minutes from now)
     const otp = generateOTP();
     const otpExpiry = new Date(Date.now() + 10 * 60 * 1000); // OTP expires in 10 minutes
 
-    // Store the OTP and expiry in the user's document
+    // Only update OTP and expiry without modifying the rest of the user document this was causing error
     user.otp = otp;
     user.otpExpiry = otpExpiry;
-    await user.save();
+    await user.updateOne({ otp, otpExpiry });
 
     // Send OTP to user's email using the utility
     await sendOTPEmail(email, otp);
 
-    res.status(200).json({ message: 'OTP sent to email' });
+    res.status(200).json({ message: "OTP sent to email" });
   } catch (error) {
-    console.error('Error sending OTP:', error);
-    return res.status(500).json({ error: error.message || 'Internal Server Error' });
+    console.error("Error sending OTP:", error);
+    return res
+      .status(500)
+      .json({ error: error.message || "Internal Server Error" });
   }
 };
 
@@ -68,33 +74,32 @@ export const verifyOTPController = async (req, res) => {
 
     // Check if email and OTP are provided
     if (!email || !otp) {
-      return res.status(400).json({ error: 'Email and OTP are required' });
+      return res.status(400).json({ error: "Email and OTP are required" });
     }
 
     // Find user by email
     const user = await User.findOne({ email });
 
     if (!user) {
-      return res.status(404).json({ error: 'User not found' });
+      return res.status(404).json({ error: "User not found" });
     }
 
     // Verify the OTP and check expiration
     const isValid = verifyOTP(user, otp);
 
     if (!isValid) {
-      return res.status(400).json({ error: 'Invalid or expired OTP' });
+      return res.status(400).json({ error: "Invalid or expired OTP" });
     }
 
     // Clear OTP after successful verification (optional, but recommended)
-    user.otp = null;
-    user.otpExpiry = null;
-    await user.save();
+    // only set otp to null else there will be error
+    await user.updateOne({ otp: null, otpExpiry: null });
 
     // OTP is valid
-    res.status(200).json({ message: 'OTP verified successfully' });
+    res.status(200).json({ message: "OTP verified successfully" });
   } catch (error) {
-    console.error('Error verifying OTP:', error);
-    res.status(500).json({ error: 'Internal Server Error' });
+    console.error("Error verifying OTP:", error);
+    res.status(500).json({ error: "Internal Server Error" });
   }
 };
 
@@ -104,26 +109,28 @@ export const resetPassword = async (req, res) => {
 
     // Check if both email and new password are provided
     if (!email || !newPassword) {
-      return res.status(400).json({ error: 'Email and new password are required' });
+      return res
+        .status(400)
+        .json({ error: "Email and new password are required" });
     }
 
     // Find the user by email
     const user = await User.findOne({ email });
 
     if (!user) {
-      return res.status(404).json({ error: 'User not found' });
+      return res.status(404).json({ error: "User not found" });
     }
 
     // Hash the new password
     const hashedPassword = await hashPassword(newPassword);
 
     // Update the user's password in the database
     user.password = hashedPassword;
-    await user.save();
+    await user.updateOne({ password: hashPassword }); // only update the password not the whole user else there will be error 
 
-    res.status(200).json({ message: 'Password reset successfully' });
+    res.status(200).json({ message: "Password reset successfully" });
   } catch (error) {
-    console.error('Error resetting password:', error);
-    res.status(500).json({ error: 'Internal Server Error' });
+    console.error("Error resetting password:", error);
+    res.status(500).json({ error: "Internal Server Error" });
   }
 };