Add Password Reset Functionality and Update API Documentation
- Implemented password reset functionality, including endpoints for requesting a reset code, verifying the OTP, and resetting the password. - Introduced new request and response forms for password reset operations, ensuring proper validation and structured responses. - Enhanced the customer service layer to handle password reset requests, OTP verification, and password updates, utilizing Redis for temporary token storage. - Updated Swagger and YAML documentation to include new API endpoints and their specifications, improving clarity for API consumers. - Refactored the customer handler to manage new password reset routes, ensuring adherence to clean architecture principles.
This commit is contained in:
@@ -364,3 +364,83 @@ func (h *Handler) Logout(c echo.Context) error {
|
||||
"message": "Logout successful",
|
||||
}, "Logout successful")
|
||||
}
|
||||
|
||||
// RequestResetPassword handles password reset request
|
||||
// @Summary Request password reset
|
||||
// @Description Send a password reset OTP code to the customer's email address
|
||||
// @Tags Authorization
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param request body RequestResetPasswordForm true "Email address for password reset"
|
||||
// @Success 200 {object} response.APIResponse{data=RequestResetPasswordResponse} "Password reset code sent successfully"
|
||||
// @Failure 400 {object} response.APIResponse "Bad request - Invalid input data"
|
||||
// @Failure 422 {object} response.APIResponse "Validation error - Invalid request data"
|
||||
// @Failure 500 {object} response.APIResponse "Internal server error"
|
||||
// @Router /api/v1/profile/forgot-password [post]
|
||||
func (h *Handler) RequestResetPassword(c echo.Context) error {
|
||||
form, err := response.Parse[RequestResetPasswordForm](c)
|
||||
if err != nil {
|
||||
return response.ValidationError(c, "Invalid request data", err.Error())
|
||||
}
|
||||
|
||||
result, err := h.service.RequestResetPassword(c.Request().Context(), form)
|
||||
if err != nil {
|
||||
return response.InternalServerError(c, "Failed to process password reset request")
|
||||
}
|
||||
|
||||
return response.Success(c, result, "Password reset request processed")
|
||||
}
|
||||
|
||||
// VerifyOTP handles OTP verification for password reset
|
||||
// @Summary Verify OTP code
|
||||
// @Description Verify the OTP code received via email and get a reset token
|
||||
// @Tags Authorization
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param request body VerifyOTPForm true "Email and OTP code for verification"
|
||||
// @Success 200 {object} response.APIResponse{data=VerifyOTPResponse} "OTP verified successfully"
|
||||
// @Failure 400 {object} response.APIResponse "Bad request - Invalid input data"
|
||||
// @Failure 422 {object} response.APIResponse "Validation error - Invalid request data"
|
||||
// @Failure 401 {object} response.APIResponse "Unauthorized - Invalid or expired OTP"
|
||||
// @Failure 500 {object} response.APIResponse "Internal server error"
|
||||
// @Router /api/v1/profile/verify-otp [post]
|
||||
func (h *Handler) VerifyOTP(c echo.Context) error {
|
||||
form, err := response.Parse[VerifyOTPForm](c)
|
||||
if err != nil {
|
||||
return response.ValidationError(c, "Invalid request data", err.Error())
|
||||
}
|
||||
|
||||
result, err := h.service.VerifyOTP(c.Request().Context(), form)
|
||||
if err != nil {
|
||||
return response.Unauthorized(c, "Invalid or expired verification code")
|
||||
}
|
||||
|
||||
return response.Success(c, result, "OTP verified successfully")
|
||||
}
|
||||
|
||||
// ResetPassword handles password reset with token
|
||||
// @Summary Reset password
|
||||
// @Description Reset the customer's password using the reset token
|
||||
// @Tags Authorization
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param request body ResetPasswordForm true "Email, reset token, and new password"
|
||||
// @Success 200 {object} response.APIResponse{data=ResetPasswordResponse} "Password reset successfully"
|
||||
// @Failure 400 {object} response.APIResponse "Bad request - Invalid input data"
|
||||
// @Failure 422 {object} response.APIResponse "Validation error - Invalid request data"
|
||||
// @Failure 401 {object} response.APIResponse "Unauthorized - Invalid or expired reset token"
|
||||
// @Failure 500 {object} response.APIResponse "Internal server error"
|
||||
// @Router /api/v1/profile/reset-password [post]
|
||||
func (h *Handler) ResetPassword(c echo.Context) error {
|
||||
form, err := response.Parse[ResetPasswordForm](c)
|
||||
if err != nil {
|
||||
return response.ValidationError(c, "Invalid request data", err.Error())
|
||||
}
|
||||
|
||||
result, err := h.service.ResetPassword(c.Request().Context(), form)
|
||||
if err != nil {
|
||||
return response.Unauthorized(c, err.Error())
|
||||
}
|
||||
|
||||
return response.Success(c, result, "Password reset successfully")
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user