[backend] Added rapi endpoint for change user password

Author: growupanand

Postman Collections/auth.postman_collection.json

@@ -1218,6 +1218,174 @@
 				}
 			]
 		},
+		{
+			"name": "change password",
+			"request": {
+				"auth": {
+					"type": "bearer",
+					"bearer": [
+						{
+							"key": "token",
+							"value": "{{currentAccessToken}}",
+							"type": "string"
+						}
+					]
+				},
+				"method": "POST",
+				"header": [],
+				"body": {
+					"mode": "raw",
+					"raw": "{\r\n    \"newPassword\" : \"abcd\",\r\n    \"confirmPassword\" : \"abcd\"\r\n}",
+					"options": {
+						"raw": {
+							"language": "json"
+						}
+					}
+				},
+				"url": {
+					"raw": "{{backendUrl}}user/change-password/",
+					"host": [
+						"{{backendUrl}}user"
+					],
+					"path": [
+						"change-password",
+						""
+					]
+				}
+			},
+			"response": [
+				{
+					"name": "success",
+					"originalRequest": {
+						"method": "POST",
+						"header": [],
+						"body": {
+							"mode": "raw",
+							"raw": "{\r\n    \"newPassword\" : \"abcd\",\r\n    \"confirmPassword\" : \"abcd\"\r\n}",
+							"options": {
+								"raw": {
+									"language": "json"
+								}
+							}
+						},
+						"url": {
+							"raw": "{{backendUrl}}user/change-password/",
+							"host": [
+								"{{backendUrl}}user"
+							],
+							"path": [
+								"change-password",
+								""
+							]
+						}
+					},
+					"status": "OK",
+					"code": 200,
+					"_postman_previewlanguage": "json",
+					"header": [
+						{
+							"key": "X-Powered-By",
+							"value": "Express"
+						},
+						{
+							"key": "Access-Control-Allow-Origin",
+							"value": "*"
+						},
+						{
+							"key": "Content-Type",
+							"value": "application/json; charset=utf-8"
+						},
+						{
+							"key": "Content-Length",
+							"value": "43"
+						},
+						{
+							"key": "ETag",
+							"value": "W/\"2b-BcqZXnJsIxPWaT5KqbeKFU83Xws\""
+						},
+						{
+							"key": "Date",
+							"value": "Wed, 06 Sep 2023 18:47:20 GMT"
+						},
+						{
+							"key": "Connection",
+							"value": "keep-alive"
+						},
+						{
+							"key": "Keep-Alive",
+							"value": "timeout=5"
+						}
+					],
+					"cookie": [],
+					"body": "{\n    \"message\": \"Password changed successfully\"\n}"
+				},
+				{
+					"name": "failed",
+					"originalRequest": {
+						"method": "POST",
+						"header": [],
+						"body": {
+							"mode": "raw",
+							"raw": "{\r\n    \"newPassword\" : \"abcd\",\r\n    \"confirmPassword\" : \"abcda\"\r\n}",
+							"options": {
+								"raw": {
+									"language": "json"
+								}
+							}
+						},
+						"url": {
+							"raw": "{{backendUrl}}user/change-password/",
+							"host": [
+								"{{backendUrl}}user"
+							],
+							"path": [
+								"change-password",
+								""
+							]
+						}
+					},
+					"status": "Bad Request",
+					"code": 400,
+					"_postman_previewlanguage": "json",
+					"header": [
+						{
+							"key": "X-Powered-By",
+							"value": "Express"
+						},
+						{
+							"key": "Access-Control-Allow-Origin",
+							"value": "*"
+						},
+						{
+							"key": "Content-Type",
+							"value": "application/json; charset=utf-8"
+						},
+						{
+							"key": "Content-Length",
+							"value": "38"
+						},
+						{
+							"key": "ETag",
+							"value": "W/\"26-60NXatM0MTV9zlehOW2xis03Z3k\""
+						},
+						{
+							"key": "Date",
+							"value": "Wed, 06 Sep 2023 18:47:46 GMT"
+						},
+						{
+							"key": "Connection",
+							"value": "keep-alive"
+						},
+						{
+							"key": "Keep-Alive",
+							"value": "timeout=5"
+						}
+					],
+					"cookie": [],
+					"body": "{\n    \"nonFieldError\": \"Password not match\"\n}"
+				}
+			]
+		},
 		{
 			"name": "logout",
 			"request": {

backend/controllers/user.controller.ts

@@ -1,4 +1,5 @@
 import userModel from "@app/models/user";
+import bcrypt from "bcrypt";
 import { sendMail } from "@app/utils/sendMail";
 import { Request, Response } from "express";
 import {
@@ -68,4 +69,23 @@ const resendEmailVerify = async (req: Request, res: Response) => {
     .json({ message: "Verification mail sent successfully" });
 };
 
-export default { getUser, deleteUser, resendEmailVerify };
+/**
+ * This controller is used to change password of user
+ */
+const changePassword = async (req: Request, res: Response) => {
+  const { newPassword, confirmPassword } = req.body;
+  // check if password match with confirm password
+  if (!newPassword || !confirmPassword || newPassword !== confirmPassword)
+    return res.sendCustomErrorMessage("Password not match", 400);
+  // update password
+  const hashedPassword = await bcrypt.hash(newPassword, 10);
+  const user = await userModel.findOne({ _id: req.user._id });
+  if (!user) return res.sendCustomErrorMessage("User not found", 400);
+  user.password = hashedPassword;
+  user.save((error) => {
+    if (error) return res.sendMongooseErrorResponse(error);
+    return res.status(200).json({ message: "Password changed successfully" });
+  });
+};
+
+export default { getUser, deleteUser, resendEmailVerify, changePassword };

backend/routes/user.ts

@@ -5,5 +5,6 @@ import userController from "@controllers/user.controller";
 router.get("/:userId", userController.getUser);
 router.delete("/me", userController.deleteUser);
 router.post("/resendEmailVerification", userController.resendEmailVerify);
+router.post("/change-password", userController.changePassword);
 
 module.exports = router;