fixed forgot password

2025-07-17 03:05:13 +00:00 · 2024-10-21 14:44:39 +03:00
parent 1054ac6053
commit fa35c2c60c
2 changed files with 19 additions and 13 deletions
--- a/src/auth/controllers/user-auth.controller.ts
+++ b/src/auth/controllers/user-auth.controller.ts
@ -76,11 +76,14 @@ export class UserAuthController {

  @Post('user/forget-password')
  async forgetPassword(@Body() forgetPasswordDto: ForgetPasswordDto) {
-    const otpResult = await this.userAuthService.verifyOTP({
-      otpCode: forgetPasswordDto.otpCode,
-      email: forgetPasswordDto.email,
-      type: OtpType.PASSWORD,
-    });
+    const otpResult = await this.userAuthService.verifyOTP(
+      {
+        otpCode: forgetPasswordDto.otpCode,
+        email: forgetPasswordDto.email,
+        type: OtpType.PASSWORD,
+      },
+      true,
+    );
    if (otpResult) {
      await this.userAuthService.forgetPassword(forgetPasswordDto);
      return {
@ -89,11 +92,11 @@ export class UserAuthController {
        message: 'Password changed successfully',
      };
    }
-throw new BadRequestException({
-  statusCode: HttpStatus.BAD_REQUEST,
-        data: {},
-        message: 'Otp is incorrect',
-})
+    throw new BadRequestException({
+      statusCode: HttpStatus.BAD_REQUEST,
+      data: {},
+      message: 'Otp is incorrect',
+    });
  }

  @ApiBearerAuth()
--- a/src/auth/services/user-auth.service.ts
+++ b/src/auth/services/user-auth.service.ts
@ -210,7 +210,7 @@ export class UserAuthService {
    }
    const otpCode = Math.floor(100000 + Math.random() * 900000).toString();
    const expiryTime = new Date();
-    expiryTime.setMinutes(expiryTime.getMinutes() + 1);
+    expiryTime.setMinutes(expiryTime.getMinutes() + 10);
    await this.otpRepository.save({
      email: data.email,
      otpCode,
@ -232,7 +232,10 @@ export class UserAuthService {
    return { otpCode, cooldown };
  }

-  async verifyOTP(data: VerifyOtpDto): Promise<boolean> {
+  async verifyOTP(
+    data: VerifyOtpDto,
+    fromNewPassword: boolean = false,
+  ): Promise<boolean> {
    const otp = await this.otpRepository.findOne({
      where: { email: data.email, type: data.type },
    });
@ -253,7 +256,7 @@ export class UserAuthService {
      throw new BadRequestException('You entered wrong otp');
    }

-    if (otp.expiryTime < new Date()) {
+    if (otp.expiryTime < new Date() || fromNewPassword) {
      await this.otpRepository.delete(otp.uuid);
      throw new BadRequestException('OTP expired');
    }