feat: update password change functionality and schema

Selleo · Jul 15, 2024 · b749b34 · b749b34
1 parent 955440a
commit b749b34
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 44 deletions.
diff --git a/examples/common_nestjs_remix/apps/api/src/auth/__tests__/auth.service.spec.ts b/examples/common_nestjs_remix/apps/api/src/auth/__tests__/auth.service.spec.ts
@@ -1,13 +1,7 @@
 import { ConflictException, UnauthorizedException } from "@nestjs/common";
 import * as bcrypt from "bcrypt";
 import { eq } from "drizzle-orm";
-import {
-  authService,
-  db,
-  jwtService,
-  userFactory,
-  usersService,
-} from "test/jest-setup";
+import { authService, db, jwtService, userFactory } from "test/jest-setup";
 import { credentials, users } from "../../storage/schema";
 
 describe("AuthService", () => {
@@ -112,40 +106,6 @@ describe("AuthService", () => {
     });
   });
 
-  describe.skip("refreshTokens", () => {
-    it("should refresh tokens successfully", async () => {
-      const userId = crypto.randomUUID();
-
-      (jwtService.verifyAsync as jest.Mock).mockResolvedValueOnce({ userId });
-      usersService.getUserById(userId);
-      (jwtService.signAsync as jest.Mock).mockResolvedValueOnce(
-        "new_access_token",
-      );
-      (jwtService.signAsync as jest.Mock).mockResolvedValueOnce(
-        "new_refresh_token",
-      );
-
-      const result = await authService.refreshTokens("refresh_token");
-
-      expect(result).toEqual({
-        accessToken: "new_access_token",
-        refreshToken: "new_refresh_token",
-      });
-    });
-
-    it("should throw UnauthorizedException for invalid refresh token", async () => {
-      (jwtService.verifyAsync as jest.Mock).mockRejectedValueOnce(new Error());
-
-      await expect(authService.refreshTokens("invalid_token")).rejects.toThrow(
-        UnauthorizedException,
-      );
-
-      await expect(authService.refreshTokens("invalid_token")).rejects.toThrow(
-        "Invalid refresh token",
-      );
-    });
-  });
-
   describe("validateUser", () => {
     it("should validate user successfully", async () => {
       const email = "test@example.com";

diff --git a/examples/common_nestjs_remix/apps/api/src/users/schemas/change-password.schema.ts b/examples/common_nestjs_remix/apps/api/src/users/schemas/change-password.schema.ts
@@ -1,7 +1,8 @@
 import { Static, Type } from "@sinclair/typebox";
 
 export const changePasswordSchema = Type.Object({
-  password: Type.String({ minLength: 8, maxLength: 64 }),
+  newPassword: Type.String({ minLength: 8, maxLength: 64 }),
+  oldPassword: Type.String({ minLength: 8, maxLength: 64 }),
 });
 
 export type ChangePasswordBody = Static<typeof changePasswordSchema>;
diff --git a/examples/common_nestjs_remix/apps/api/src/users/users.service.ts b/examples/common_nestjs_remix/apps/api/src/users/users.service.ts
@@ -58,10 +58,27 @@ export class UsersService {
       throw new NotFoundException("User not found");
     }
 
-    const hashedPassword = await bcrypt.hash(password, 10);
+    const [userCredentials] = await this.db
+      .select()
+      .from(credentials)
+      .where(eq(credentials.userId, id));
+
+    if (!userCredentials) {
+      throw new NotFoundException("User credentials not found");
+    }
+
+    const isOldPasswordValid = await bcrypt.compare(
+      oldPassword,
+      userCredentials.password,
+    );
+    if (!isOldPasswordValid) {
+      throw new UnauthorizedException("Invalid old password");
+    }
+
+    const hashedNewPassword = await bcrypt.hash(newPassword, 10);
     await this.db
       .update(credentials)
-      .set({ password: hashedPassword })
+      .set({ password: hashedNewPassword })
       .where(eq(credentials.userId, id));
   }