From 8293b5019530489044a0e53ff513fb32ba161b15 Mon Sep 17 00:00:00 2001
From: Ephraim Atta-Duncan <ephraimduncan68@gmail.com>
Date: Mon, 5 Jun 2023 13:05:25 +0000
Subject: [PATCH] Create reset password token for user

---
 apps/web/components/forgot-password.tsx    | 16 ++++++++
 apps/web/pages/api/auth/forgot-password.ts | 43 ++++++++++++++++++++++
 2 files changed, 59 insertions(+)
 create mode 100644 apps/web/pages/api/auth/forgot-password.ts

diff --git a/apps/web/components/forgot-password.tsx b/apps/web/components/forgot-password.tsx
index 30a7eb036..503c7bbd1 100644
--- a/apps/web/components/forgot-password.tsx
+++ b/apps/web/components/forgot-password.tsx
@@ -3,6 +3,7 @@ import { Button } from "@documenso/ui";
 import Logo from "./logo";
 import { ArrowLeftIcon } from "@heroicons/react/24/outline";
 import { FormProvider, useForm } from "react-hook-form";
+import { toast } from "react-hot-toast";
 
 interface IResetPassword {
   email: string;
@@ -13,6 +14,21 @@ export default function ForgotPassword(props: any) {
   const { register, formState, resetField } = methods;
 
   const onSubmit = async (values: IResetPassword) => {
+    await toast.promise(
+      fetch(`/api/auth/forgot-password`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify(values),
+      }),
+      {
+        loading: "Sending...",
+        success: `Reset link sent. `,
+        error: "Could not send reset link :/",
+      }
+    );
+
     resetField("email");
 
     console.log(values);
diff --git a/apps/web/pages/api/auth/forgot-password.ts b/apps/web/pages/api/auth/forgot-password.ts
new file mode 100644
index 000000000..1a861362f
--- /dev/null
+++ b/apps/web/pages/api/auth/forgot-password.ts
@@ -0,0 +1,43 @@
+import { NextApiRequest, NextApiResponse } from "next";
+import { defaultHandler, defaultResponder } from "@documenso/lib/server";
+import prisma from "@documenso/prisma";
+import crypto from "crypto";
+
+async function postHandler(req: NextApiRequest, res: NextApiResponse) {
+  const { email } = req.body;
+  const cleanEmail = email.toLowerCase();
+
+  if (!cleanEmail || !cleanEmail.includes("@")) {
+    res.status(422).json({ message: "Invalid email" });
+    return;
+  }
+
+  const user = await prisma.user.findFirst({
+    where: {
+      email: cleanEmail,
+    },
+  });
+
+  if (!user) {
+    return res.status(400).json({ message: "No user found with this email." });
+  }
+
+  const token = crypto.randomBytes(64).toString("hex");
+
+  const passwordResetToken = await prisma.passwordResetToken.create({
+    data: {
+      token,
+      userId: user.id,
+    },
+  });
+
+  console.log(passwordResetToken);
+
+  // TODO: Send token to user via email
+
+  res.status(201).end();
+}
+
+export default defaultHandler({
+  POST: Promise.resolve({ default: defaultResponder(postHandler) }),
+});