Add Password Reset Functionality and Update API Documentation

- Implemented password reset functionality, including endpoints for requesting a reset code, verifying the OTP, and resetting the password.
- Introduced new request and response forms for password reset operations, ensuring proper validation and structured responses.
- Enhanced the customer service layer to handle password reset requests, OTP verification, and password updates, utilizing Redis for temporary token storage.
- Updated Swagger and YAML documentation to include new API endpoints and their specifications, improving clarity for API consumers.
- Refactored the customer handler to manage new password reset routes, ensuring adherence to clean architecture principles.
This commit is contained in:
n.nakhostin
2025-09-14 13:25:36 +03:30
parent 5d721705b7
commit c701053609
9 changed files with 1213 additions and 3 deletions
+80
View File
@@ -364,3 +364,83 @@ func (h *Handler) Logout(c echo.Context) error {
"message": "Logout successful",
}, "Logout successful")
}
// RequestResetPassword handles password reset request
// @Summary Request password reset
// @Description Send a password reset OTP code to the customer's email address
// @Tags Authorization
// @Accept json
// @Produce json
// @Param request body RequestResetPasswordForm true "Email address for password reset"
// @Success 200 {object} response.APIResponse{data=RequestResetPasswordResponse} "Password reset code sent successfully"
// @Failure 400 {object} response.APIResponse "Bad request - Invalid input data"
// @Failure 422 {object} response.APIResponse "Validation error - Invalid request data"
// @Failure 500 {object} response.APIResponse "Internal server error"
// @Router /api/v1/profile/forgot-password [post]
func (h *Handler) RequestResetPassword(c echo.Context) error {
form, err := response.Parse[RequestResetPasswordForm](c)
if err != nil {
return response.ValidationError(c, "Invalid request data", err.Error())
}
result, err := h.service.RequestResetPassword(c.Request().Context(), form)
if err != nil {
return response.InternalServerError(c, "Failed to process password reset request")
}
return response.Success(c, result, "Password reset request processed")
}
// VerifyOTP handles OTP verification for password reset
// @Summary Verify OTP code
// @Description Verify the OTP code received via email and get a reset token
// @Tags Authorization
// @Accept json
// @Produce json
// @Param request body VerifyOTPForm true "Email and OTP code for verification"
// @Success 200 {object} response.APIResponse{data=VerifyOTPResponse} "OTP verified successfully"
// @Failure 400 {object} response.APIResponse "Bad request - Invalid input data"
// @Failure 422 {object} response.APIResponse "Validation error - Invalid request data"
// @Failure 401 {object} response.APIResponse "Unauthorized - Invalid or expired OTP"
// @Failure 500 {object} response.APIResponse "Internal server error"
// @Router /api/v1/profile/verify-otp [post]
func (h *Handler) VerifyOTP(c echo.Context) error {
form, err := response.Parse[VerifyOTPForm](c)
if err != nil {
return response.ValidationError(c, "Invalid request data", err.Error())
}
result, err := h.service.VerifyOTP(c.Request().Context(), form)
if err != nil {
return response.Unauthorized(c, "Invalid or expired verification code")
}
return response.Success(c, result, "OTP verified successfully")
}
// ResetPassword handles password reset with token
// @Summary Reset password
// @Description Reset the customer's password using the reset token
// @Tags Authorization
// @Accept json
// @Produce json
// @Param request body ResetPasswordForm true "Email, reset token, and new password"
// @Success 200 {object} response.APIResponse{data=ResetPasswordResponse} "Password reset successfully"
// @Failure 400 {object} response.APIResponse "Bad request - Invalid input data"
// @Failure 422 {object} response.APIResponse "Validation error - Invalid request data"
// @Failure 401 {object} response.APIResponse "Unauthorized - Invalid or expired reset token"
// @Failure 500 {object} response.APIResponse "Internal server error"
// @Router /api/v1/profile/reset-password [post]
func (h *Handler) ResetPassword(c echo.Context) error {
form, err := response.Parse[ResetPasswordForm](c)
if err != nil {
return response.ValidationError(c, "Invalid request data", err.Error())
}
result, err := h.service.ResetPassword(c.Request().Context(), form)
if err != nil {
return response.Unauthorized(c, err.Error())
}
return response.Success(c, result, "Password reset successfully")
}