Implement password change endpoint

* move email templates to server
2025-11-24 06:11:34 +10:00 · 2024-05-04 15:46:11 +01:00
parent c1cd090252
commit fece460051
22 changed files with 323 additions and 425 deletions
--- a/apps/server/src/core/auth/services/auth.service.ts
+++ b/apps/server/src/core/auth/services/auth.service.ts
@ -1,4 +1,9 @@
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import {
+  BadRequestException,
+  Injectable,
+  NotFoundException,
+  UnauthorizedException,
+} from '@nestjs/common';
 import { LoginDto } from '../dto/login.dto';
 import { CreateUserDto } from '../dto/create-user.dto';
 import { TokenService } from './token.service';
@ -6,7 +11,10 @@ import { TokensDto } from '../dto/tokens.dto';
 import { SignupService } from './signup.service';
 import { CreateAdminUserDto } from '../dto/create-admin-user.dto';
 import { UserRepo } from '@docmost/db/repos/user/user.repo';
-import { comparePasswordHash } from '../../../helpers/utils';
+import { comparePasswordHash, hashPassword } from '../../../helpers';
+import { ChangePasswordDto } from '../dto/change-password.dto';
+import { MailService } from '../../../integrations/mail/mail.service';
+import ChangePasswordEmail from '@docmost/transactional/emails/change-password-email';

@Injectable()
 export class AuthService {
@ -14,6 +22,7 @@ export class AuthService {
    private signupService: SignupService,
    private tokenService: TokenService,
    private userRepo: UserRepo,
+    private mailService: MailService,
  ) {}

  async login(loginDto: LoginDto, workspaceId: string) {
@ -52,4 +61,43 @@ export class AuthService {

    return { tokens };
  }
+
+  async changePassword(
+    dto: ChangePasswordDto,
+    userId: string,
+    workspaceId: string,
+  ): Promise<void> {
+    const user = await this.userRepo.findById(userId, workspaceId, {
+      includePassword: true,
+    });
+
+    if (!user) {
+      throw new NotFoundException('User not found');
+    }
+
+    const comparePasswords = await comparePasswordHash(
+      dto.oldPassword,
+      user.password,
+    );
+
+    if (!comparePasswords) {
+      throw new BadRequestException('Current password is incorrect');
+    }
+
+    const newPasswordHash = await hashPassword(dto.newPassword);
+    await this.userRepo.updateUser(
+      {
+        password: newPasswordHash,
+      },
+      userId,
+      workspaceId,
+    );
+
+    const emailTemplate = ChangePasswordEmail({ username: user.name });
+    await this.mailService.sendToQueue({
+      to: user.email,
+      subject: 'Your password has been changed',
+      template: emailTemplate,
+    });
+  }
 }