Add Password Reset Functionality and Update API Documentation

- Implemented password reset functionality, including endpoints for requesting a reset code, verifying the OTP, and resetting the password.
- Introduced new request and response forms for password reset operations, ensuring proper validation and structured responses.
- Enhanced the customer service layer to handle password reset requests, OTP verification, and password updates, utilizing Redis for temporary token storage.
- Updated Swagger and YAML documentation to include new API endpoints and their specifications, improving clarity for API consumers.
- Refactored the customer handler to manage new password reset routes, ensuring adherence to clean architecture principles.
This commit is contained in:
n.nakhostin
2025-09-14 13:25:36 +03:30
parent 5d721705b7
commit c701053609
9 changed files with 1213 additions and 3 deletions
+282
View File
@@ -4880,6 +4880,70 @@ const docTemplate = `{
}
}
},
"/api/v1/profile/forgot-password": {
"post": {
"description": "Send a password reset OTP code to the customer's email address",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Authorization"
],
"summary": "Request password reset",
"parameters": [
{
"description": "Email address for password reset",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/customer.RequestResetPasswordForm"
}
}
],
"responses": {
"200": {
"description": "Password reset code sent successfully",
"schema": {
"allOf": [
{
"$ref": "#/definitions/response.APIResponse"
},
{
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/customer.RequestResetPasswordResponse"
}
}
}
]
}
},
"400": {
"description": "Bad request - Invalid input data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"422": {
"description": "Validation error - Invalid request data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"500": {
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
}
}
}
},
"/api/v1/profile/login": {
"post": {
"description": "Authenticate customer with username (email) and password. Returns access token, refresh token, and customer information upon successful authentication.",
@@ -5060,6 +5124,146 @@ const docTemplate = `{
}
}
},
"/api/v1/profile/reset-password": {
"post": {
"description": "Reset the customer's password using the reset token",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Authorization"
],
"summary": "Reset password",
"parameters": [
{
"description": "Email, reset token, and new password",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/customer.ResetPasswordForm"
}
}
],
"responses": {
"200": {
"description": "Password reset successfully",
"schema": {
"allOf": [
{
"$ref": "#/definitions/response.APIResponse"
},
{
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/customer.ResetPasswordResponse"
}
}
}
]
}
},
"400": {
"description": "Bad request - Invalid input data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"401": {
"description": "Unauthorized - Invalid or expired reset token",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"422": {
"description": "Validation error - Invalid request data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"500": {
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
}
}
}
},
"/api/v1/profile/verify-otp": {
"post": {
"description": "Verify the OTP code received via email and get a reset token",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Authorization"
],
"summary": "Verify OTP code",
"parameters": [
{
"description": "Email and OTP code for verification",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/customer.VerifyOTPForm"
}
}
],
"responses": {
"200": {
"description": "OTP verified successfully",
"schema": {
"allOf": [
{
"$ref": "#/definitions/response.APIResponse"
},
{
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/customer.VerifyOTPResponse"
}
}
}
]
}
},
"400": {
"description": "Bad request - Invalid input data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"401": {
"description": "Unauthorized - Invalid or expired OTP",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"422": {
"description": "Validation error - Invalid request data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"500": {
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
}
}
}
},
"/api/v1/tender-approvals": {
"get": {
"security": [
@@ -6438,6 +6642,54 @@ const docTemplate = `{
}
}
},
"customer.RequestResetPasswordForm": {
"type": "object",
"properties": {
"email": {
"type": "string",
"example": "app@opplens.com"
}
}
},
"customer.RequestResetPasswordResponse": {
"type": "object",
"properties": {
"message": {
"type": "string",
"example": "Password reset code sent to your email"
},
"success": {
"type": "boolean",
"example": true
}
}
},
"customer.ResetPasswordForm": {
"type": "object",
"properties": {
"new_password": {
"type": "string",
"example": "NewPass!123"
},
"token": {
"type": "string",
"example": "reset_token_here"
}
}
},
"customer.ResetPasswordResponse": {
"type": "object",
"properties": {
"message": {
"type": "string",
"example": "Password reset successfully"
},
"success": {
"type": "boolean",
"example": true
}
}
},
"customer.UpdateCustomerForm": {
"type": "object",
"properties": {
@@ -6486,6 +6738,36 @@ const docTemplate = `{
}
}
},
"customer.VerifyOTPForm": {
"type": "object",
"properties": {
"code": {
"type": "string",
"example": "123456"
},
"email": {
"type": "string",
"example": "app@opplens.com"
}
}
},
"customer.VerifyOTPResponse": {
"type": "object",
"properties": {
"message": {
"type": "string",
"example": "OTP verified successfully"
},
"success": {
"type": "boolean",
"example": true
},
"token": {
"type": "string",
"example": "reset_token_here"
}
}
},
"feedback.CompanyFeedbackStatsResponse": {
"type": "object",
"properties": {
+282
View File
@@ -4874,6 +4874,70 @@
}
}
},
"/api/v1/profile/forgot-password": {
"post": {
"description": "Send a password reset OTP code to the customer's email address",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Authorization"
],
"summary": "Request password reset",
"parameters": [
{
"description": "Email address for password reset",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/customer.RequestResetPasswordForm"
}
}
],
"responses": {
"200": {
"description": "Password reset code sent successfully",
"schema": {
"allOf": [
{
"$ref": "#/definitions/response.APIResponse"
},
{
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/customer.RequestResetPasswordResponse"
}
}
}
]
}
},
"400": {
"description": "Bad request - Invalid input data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"422": {
"description": "Validation error - Invalid request data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"500": {
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
}
}
}
},
"/api/v1/profile/login": {
"post": {
"description": "Authenticate customer with username (email) and password. Returns access token, refresh token, and customer information upon successful authentication.",
@@ -5054,6 +5118,146 @@
}
}
},
"/api/v1/profile/reset-password": {
"post": {
"description": "Reset the customer's password using the reset token",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Authorization"
],
"summary": "Reset password",
"parameters": [
{
"description": "Email, reset token, and new password",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/customer.ResetPasswordForm"
}
}
],
"responses": {
"200": {
"description": "Password reset successfully",
"schema": {
"allOf": [
{
"$ref": "#/definitions/response.APIResponse"
},
{
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/customer.ResetPasswordResponse"
}
}
}
]
}
},
"400": {
"description": "Bad request - Invalid input data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"401": {
"description": "Unauthorized - Invalid or expired reset token",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"422": {
"description": "Validation error - Invalid request data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"500": {
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
}
}
}
},
"/api/v1/profile/verify-otp": {
"post": {
"description": "Verify the OTP code received via email and get a reset token",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Authorization"
],
"summary": "Verify OTP code",
"parameters": [
{
"description": "Email and OTP code for verification",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/customer.VerifyOTPForm"
}
}
],
"responses": {
"200": {
"description": "OTP verified successfully",
"schema": {
"allOf": [
{
"$ref": "#/definitions/response.APIResponse"
},
{
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/customer.VerifyOTPResponse"
}
}
}
]
}
},
"400": {
"description": "Bad request - Invalid input data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"401": {
"description": "Unauthorized - Invalid or expired OTP",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"422": {
"description": "Validation error - Invalid request data",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
},
"500": {
"description": "Internal server error",
"schema": {
"$ref": "#/definitions/response.APIResponse"
}
}
}
}
},
"/api/v1/tender-approvals": {
"get": {
"security": [
@@ -6432,6 +6636,54 @@
}
}
},
"customer.RequestResetPasswordForm": {
"type": "object",
"properties": {
"email": {
"type": "string",
"example": "app@opplens.com"
}
}
},
"customer.RequestResetPasswordResponse": {
"type": "object",
"properties": {
"message": {
"type": "string",
"example": "Password reset code sent to your email"
},
"success": {
"type": "boolean",
"example": true
}
}
},
"customer.ResetPasswordForm": {
"type": "object",
"properties": {
"new_password": {
"type": "string",
"example": "NewPass!123"
},
"token": {
"type": "string",
"example": "reset_token_here"
}
}
},
"customer.ResetPasswordResponse": {
"type": "object",
"properties": {
"message": {
"type": "string",
"example": "Password reset successfully"
},
"success": {
"type": "boolean",
"example": true
}
}
},
"customer.UpdateCustomerForm": {
"type": "object",
"properties": {
@@ -6480,6 +6732,36 @@
}
}
},
"customer.VerifyOTPForm": {
"type": "object",
"properties": {
"code": {
"type": "string",
"example": "123456"
},
"email": {
"type": "string",
"example": "app@opplens.com"
}
}
},
"customer.VerifyOTPResponse": {
"type": "object",
"properties": {
"message": {
"type": "string",
"example": "OTP verified successfully"
},
"success": {
"type": "boolean",
"example": true
},
"token": {
"type": "string",
"example": "reset_token_here"
}
}
},
"feedback.CompanyFeedbackStatsResponse": {
"type": "object",
"properties": {
+179
View File
@@ -400,6 +400,39 @@ definitions:
refresh_token:
type: string
type: object
customer.RequestResetPasswordForm:
properties:
email:
example: app@opplens.com
type: string
type: object
customer.RequestResetPasswordResponse:
properties:
message:
example: Password reset code sent to your email
type: string
success:
example: true
type: boolean
type: object
customer.ResetPasswordForm:
properties:
new_password:
example: NewPass!123
type: string
token:
example: reset_token_here
type: string
type: object
customer.ResetPasswordResponse:
properties:
message:
example: Password reset successfully
type: string
success:
example: true
type: boolean
type: object
customer.UpdateCustomerForm:
properties:
company_ids:
@@ -434,6 +467,27 @@ definitions:
example: active
type: string
type: object
customer.VerifyOTPForm:
properties:
code:
example: "123456"
type: string
email:
example: app@opplens.com
type: string
type: object
customer.VerifyOTPResponse:
properties:
message:
example: OTP verified successfully
type: string
success:
example: true
type: boolean
token:
example: reset_token_here
type: string
type: object
feedback.CompanyFeedbackStatsResponse:
properties:
company_id:
@@ -4075,6 +4129,45 @@ paths:
summary: Get customer profile
tags:
- Authorization
/api/v1/profile/forgot-password:
post:
consumes:
- application/json
description: Send a password reset OTP code to the customer's email address
parameters:
- description: Email address for password reset
in: body
name: request
required: true
schema:
$ref: '#/definitions/customer.RequestResetPasswordForm'
produces:
- application/json
responses:
"200":
description: Password reset code sent successfully
schema:
allOf:
- $ref: '#/definitions/response.APIResponse'
- properties:
data:
$ref: '#/definitions/customer.RequestResetPasswordResponse'
type: object
"400":
description: Bad request - Invalid input data
schema:
$ref: '#/definitions/response.APIResponse'
"422":
description: Validation error - Invalid request data
schema:
$ref: '#/definitions/response.APIResponse'
"500":
description: Internal server error
schema:
$ref: '#/definitions/response.APIResponse'
summary: Request password reset
tags:
- Authorization
/api/v1/profile/login:
post:
consumes:
@@ -4188,6 +4281,92 @@ paths:
summary: Refresh customer access token
tags:
- Authorization
/api/v1/profile/reset-password:
post:
consumes:
- application/json
description: Reset the customer's password using the reset token
parameters:
- description: Email, reset token, and new password
in: body
name: request
required: true
schema:
$ref: '#/definitions/customer.ResetPasswordForm'
produces:
- application/json
responses:
"200":
description: Password reset successfully
schema:
allOf:
- $ref: '#/definitions/response.APIResponse'
- properties:
data:
$ref: '#/definitions/customer.ResetPasswordResponse'
type: object
"400":
description: Bad request - Invalid input data
schema:
$ref: '#/definitions/response.APIResponse'
"401":
description: Unauthorized - Invalid or expired reset token
schema:
$ref: '#/definitions/response.APIResponse'
"422":
description: Validation error - Invalid request data
schema:
$ref: '#/definitions/response.APIResponse'
"500":
description: Internal server error
schema:
$ref: '#/definitions/response.APIResponse'
summary: Reset password
tags:
- Authorization
/api/v1/profile/verify-otp:
post:
consumes:
- application/json
description: Verify the OTP code received via email and get a reset token
parameters:
- description: Email and OTP code for verification
in: body
name: request
required: true
schema:
$ref: '#/definitions/customer.VerifyOTPForm'
produces:
- application/json
responses:
"200":
description: OTP verified successfully
schema:
allOf:
- $ref: '#/definitions/response.APIResponse'
- properties:
data:
$ref: '#/definitions/customer.VerifyOTPResponse'
type: object
"400":
description: Bad request - Invalid input data
schema:
$ref: '#/definitions/response.APIResponse'
"401":
description: Unauthorized - Invalid or expired OTP
schema:
$ref: '#/definitions/response.APIResponse'
"422":
description: Validation error - Invalid request data
schema:
$ref: '#/definitions/response.APIResponse'
"500":
description: Internal server error
schema:
$ref: '#/definitions/response.APIResponse'
summary: Verify OTP code
tags:
- Authorization
/api/v1/tender-approvals:
get:
consumes:
+1 -1
View File
@@ -146,7 +146,7 @@ func main() {
userService := user.NewUserService(userRepository, logger, userAuthService, userValidator)
categoryService := company_category.NewCategoryService(categoryRepository, logger)
companyService := company.NewCompanyService(companyRepository, categoryService, logger)
customerService := customer.NewCustomerService(customerRepository, logger, customerAuthService, companyService)
customerService := customer.New(customerRepository, logger, customerAuthService, companyService, redisClient)
tenderService := tender.NewTenderService(tenderRepository, companyService, logger)
feedbackService := feedback.NewFeedbackService(feedbackRepo, tenderService, logger)
tenderApprovalService := tender_approval.NewTenderApprovalService(tenderApprovalRepository, tenderService, logger)
+5
View File
@@ -137,6 +137,11 @@ func RegisterPublicRoutes(e *echo.Echo, customerHandler *customer.Handler, tende
customerGP.POST("/login", customerHandler.Login)
customerGP.POST("/refresh-token", customerHandler.RefreshToken)
// Forgot password routes
customerGP.POST("/forgot-password", customerHandler.RequestResetPassword)
customerGP.POST("/verify-otp", customerHandler.VerifyOTP)
customerGP.POST("/reset-password", customerHandler.ResetPassword)
profileGP := customerGP.Group("")
profileGP.Use(customerHandler.AuthMiddleware())
profileGP.GET("", customerHandler.GetProfile)