feat(api): implement update profile and change password endpoints

2026-05-06 22:53:45 -04:00 · 2024-12-01 01:49:43 +03:00
parent efb3c03c5c
commit e2acbc077d
5 changed files with 81 additions and 5 deletions
--- a/api/src/auth/auth.controller.ts
+++ b/api/src/auth/auth.controller.ts
@@ -58,6 +58,30 @@ export class AuthController {
    return { data: req.user }
  }

+  @ApiOperation({ summary: 'Update Profile' })
+  @HttpCode(HttpStatus.OK)
+  @ApiBearerAuth()
+  @UseGuards(AuthGuard)
+  @Patch('/update-profile')
+  async updateProfile(
+    @Body() input: { name: string; phone: string },
+    @Request() req,
+  ) {
+    return await this.authService.updateProfile(input, req.user)
+  }
+
+  @ApiOperation({ summary: 'Change Password' })
+  @HttpCode(HttpStatus.OK)
+  @ApiBearerAuth()
+  @UseGuards(AuthGuard)
+  @Post('/change-password')
+  async changePassword(
+    @Body() input: { oldPassword: string; newPassword: string },
+    @Request() req,
+  ) {
+    return await this.authService.changePassword(input, req.user)
+  }
+
  @UseGuards(AuthGuard)
  @ApiOperation({ summary: 'Generate Api Key' })
  @ApiBearerAuth()
--- a/api/src/auth/auth.dto.ts
+++ b/api/src/auth/auth.dto.ts
@@ -8,7 +8,7 @@ export class RegisterInputDTO {
  email: string

  @ApiProperty({ type: String })
-  primaryPhone?: string
+  phone?: string

  @ApiProperty({ type: String, required: true })
  password: string
--- a/api/src/auth/auth.service.ts
+++ b/api/src/auth/auth.service.ts
@@ -6,7 +6,7 @@ import { v4 as uuidv4 } from 'uuid'
 import { InjectModel } from '@nestjs/mongoose'
 import { ApiKey, ApiKeyDocument } from './schemas/api-key.schema'
 import { Model } from 'mongoose'
-import { User } from '../users/schemas/user.schema'
+import { User, UserDocument } from '../users/schemas/user.schema'
 import axios from 'axios'
 import {
  PasswordReset,
@@ -197,6 +197,33 @@ export class AuthService {
    return { message: 'Password reset successfully' }
  }

+  async updateProfile(
+    input: { name: string; phone: string },
+    user: UserDocument,
+  ) {
+    return this.usersService.updateProfile(input, user)
+  }
+
+  async changePassword(
+    input: { oldPassword: string; newPassword: string },
+    user: UserDocument,
+  ) {
+    const userToUpdate = await this.usersService.findOne({ _id: user._id })
+    if (!userToUpdate) {
+      throw new HttpException({ error: 'User not found' }, HttpStatus.NOT_FOUND)
+    }
+    if (!(await bcrypt.compare(input.oldPassword, userToUpdate.password))) {
+      throw new HttpException(
+        { error: 'Invalid old password' },
+        HttpStatus.BAD_REQUEST,
+      )
+    }
+
+    const hashedPassword = await bcrypt.hash(input.newPassword, 10)
+    userToUpdate.password = hashedPassword
+    await userToUpdate.save()
+  }
+
  async generateApiKey(currentUser: User) {
    const apiKey = uuidv4()
    const hashedApiKey = await bcrypt.hash(apiKey, 10)
@@ -249,7 +276,10 @@ export class AuthService {
  async revokeApiKey(apiKeyId: string) {
    const apiKey = await this.apiKeyModel.findById(apiKeyId)
    if (!apiKey) {
-      throw new HttpException({ error: 'Api key not found' }, HttpStatus.NOT_FOUND)
+      throw new HttpException(
+        { error: 'Api key not found' },
+        HttpStatus.NOT_FOUND,
+      )
    }
    apiKey.revokedAt = new Date()
    await apiKey.save()
@@ -258,7 +288,10 @@ export class AuthService {
  async renameApiKey(apiKeyId: string, name: string) {
    const apiKey = await this.apiKeyModel.findById(apiKeyId)
    if (!apiKey) {
-      throw new HttpException({ error: 'Api key not found' }, HttpStatus.NOT_FOUND)
+      throw new HttpException(
+        { error: 'Api key not found' },
+        HttpStatus.NOT_FOUND,
+      )
    }
    apiKey.name = name
    await apiKey.save()
--- a/api/src/users/schemas/user.schema.ts
+++ b/api/src/users/schemas/user.schema.ts
@@ -21,7 +21,7 @@ export class User {
  avatar?: string

  @Prop({ type: String, trim: true })
-  primaryPhone: string
+  phone: string

  @Prop({ type: String })
  password: string
--- a/api/src/users/users.service.ts
+++ b/api/src/users/users.service.ts
@@ -40,4 +40,23 @@ export class UsersService {
    })
    return await newUser.save()
  }
+
+  async updateProfile(
+    input: { name: string; phone: string },
+    user: UserDocument,
+  ) {
+    const userToUpdate = await this.findOne({ _id: user._id })
+    if (!userToUpdate) {
+      throw new HttpException({ error: 'User not found' }, HttpStatus.NOT_FOUND)
+    }
+
+    if (input.name) {
+      userToUpdate.name = input.name
+    }
+    if (input.phone) {
+      userToUpdate.phone = input.phone
+    }
+
+    return await userToUpdate.save()
+  }
 }