From 3750c287e41ac93fc3918cefa66f6a0f65656151 Mon Sep 17 00:00:00 2001 From: Ayush Date: Thu, 7 Nov 2024 22:44:58 +0530 Subject: [PATCH] resolved forgot password issues --- backend/controllers/submitFeedback.js | 69 +++++++++++++++------------ 1 file changed, 38 insertions(+), 31 deletions(-) diff --git a/backend/controllers/submitFeedback.js b/backend/controllers/submitFeedback.js index 43654f4..64cbeb6 100644 --- a/backend/controllers/submitFeedback.js +++ b/backend/controllers/submitFeedback.js @@ -1,9 +1,9 @@ -import nodemailer from 'nodemailer'; -import User from '../models/User.js'; -import { generateOTP , verifyOTP} from '../utils/otputils.js'; // Import the OTP generation function -import { sendOTPEmail } from '../utils/emailUtils.js'; // Import the email sender utility if separated into a different file +import nodemailer from "nodemailer"; +import User from "../models/User.js"; +import { generateOTP, verifyOTP } from "../utils/otputils.js"; // Import the OTP generation function +import { sendOTPEmail } from "../utils/emailUtils.js"; // Import the email sender utility if separated into a different file -import { hashPassword } from '../utils/authFunctions.js'; +import { hashPassword } from "../utils/authFunctions.js"; // Controller to handle user feedback submission export const submitFeedback = async (req, res) => { @@ -11,7 +11,7 @@ export const submitFeedback = async (req, res) => { try { // The user is already authenticated and attached to req.user by verifyJWT - const user = req.user; + const user = req.user; // Update user's rating and comment fields user.rating = rating || user.rating; // If no rating is provided, keep the existing one @@ -20,10 +20,14 @@ export const submitFeedback = async (req, res) => { // Save the updated user document await user.save(); - return res.status(200).json({ message: 'Feedback submitted successfully', user }); + return res + .status(200) + .json({ message: "Feedback submitted successfully", user }); } catch (error) { - console.error('Error submitting feedback:', error); - return res.status(error.statusCode || 500).json({ message: error.message || 'An error occurred while submitting feedback' }); + console.error("Error submitting feedback:", error); + return res.status(error.statusCode || 500).json({ + message: error.message || "An error occurred while submitting feedback", + }); } }; @@ -33,32 +37,34 @@ export const sendOTPToEmail = async (req, res) => { // Check if email is provided if (!email) { - return res.status(400).json({ error: 'Email is required' }); + return res.status(400).json({ error: "Email is required" }); } // Find user by email const user = await User.findOne({ email }); if (!user) { - return res.status(404).json({ error: 'User does not exist' }); + return res.status(404).json({ error: "User does not exist" }); } // Generate OTP and set expiry (10 minutes from now) const otp = generateOTP(); const otpExpiry = new Date(Date.now() + 10 * 60 * 1000); // OTP expires in 10 minutes - // Store the OTP and expiry in the user's document + // Only update OTP and expiry without modifying the rest of the user document this was causing error user.otp = otp; user.otpExpiry = otpExpiry; - await user.save(); + await user.updateOne({ otp, otpExpiry }); // Send OTP to user's email using the utility await sendOTPEmail(email, otp); - res.status(200).json({ message: 'OTP sent to email' }); + res.status(200).json({ message: "OTP sent to email" }); } catch (error) { - console.error('Error sending OTP:', error); - return res.status(500).json({ error: error.message || 'Internal Server Error' }); + console.error("Error sending OTP:", error); + return res + .status(500) + .json({ error: error.message || "Internal Server Error" }); } }; @@ -68,33 +74,32 @@ export const verifyOTPController = async (req, res) => { // Check if email and OTP are provided if (!email || !otp) { - return res.status(400).json({ error: 'Email and OTP are required' }); + return res.status(400).json({ error: "Email and OTP are required" }); } // Find user by email const user = await User.findOne({ email }); if (!user) { - return res.status(404).json({ error: 'User not found' }); + return res.status(404).json({ error: "User not found" }); } // Verify the OTP and check expiration const isValid = verifyOTP(user, otp); if (!isValid) { - return res.status(400).json({ error: 'Invalid or expired OTP' }); + return res.status(400).json({ error: "Invalid or expired OTP" }); } // Clear OTP after successful verification (optional, but recommended) - user.otp = null; - user.otpExpiry = null; - await user.save(); + // only set otp to null else there will be error + await user.updateOne({ otp: null, otpExpiry: null }); // OTP is valid - res.status(200).json({ message: 'OTP verified successfully' }); + res.status(200).json({ message: "OTP verified successfully" }); } catch (error) { - console.error('Error verifying OTP:', error); - res.status(500).json({ error: 'Internal Server Error' }); + console.error("Error verifying OTP:", error); + res.status(500).json({ error: "Internal Server Error" }); } }; @@ -104,14 +109,16 @@ export const resetPassword = async (req, res) => { // Check if both email and new password are provided if (!email || !newPassword) { - return res.status(400).json({ error: 'Email and new password are required' }); + return res + .status(400) + .json({ error: "Email and new password are required" }); } // Find the user by email const user = await User.findOne({ email }); if (!user) { - return res.status(404).json({ error: 'User not found' }); + return res.status(404).json({ error: "User not found" }); } // Hash the new password @@ -119,11 +126,11 @@ export const resetPassword = async (req, res) => { // Update the user's password in the database user.password = hashedPassword; - await user.save(); + await user.updateOne({ password: hashPassword }); // only update the password not the whole user else there will be error - res.status(200).json({ message: 'Password reset successfully' }); + res.status(200).json({ message: "Password reset successfully" }); } catch (error) { - console.error('Error resetting password:', error); - res.status(500).json({ error: 'Internal Server Error' }); + console.error("Error resetting password:", error); + res.status(500).json({ error: "Internal Server Error" }); } };