polish password reset logic (#70)

PoApper · Aug 20, 2023 · f0f4c09 · f0f4c09
1 parent 9ff5916
commit f0f4c09
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 8 deletions.
diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts
@@ -93,8 +93,9 @@ export class AuthController {
     res.setHeader('Set-Cookie', `Authentication=${token}; HttpOnly; Path=/;`);
 
     // update Login History
-    this.userService.updateLogin(user.uuid);
-
+    const existUser = await this.userService.findOneByUuidOrFail(user.uuid);
+    await this.userService.updateLogin(existUser.uuid);
+
     return res.send(user);
   }
 
@@ -140,12 +141,17 @@ export class AuthController {
     if (!existUser) {
       throw new BadRequestException('해당 이메일로 가입한 유저가 존재하지 않습니다.');
     }
+
+    if (existUser.userStatus === UserStatus.password_reset) {
+      throw new BadRequestException('이미 비빌번호를 초기화 했습니다. 신규 비밀번호를 메일에서 확인해주세요.');
+    }
 
     // generate 8-length random password
     const temp_password = 'poapper_' + Math.random().toString(36).slice(-8);
 
-    await this.userService.updatePasswordByEmail(body.email, temp_password);
-    await this.mailService.sendPasswordResetMail(body.email, temp_password);
+    await this.userService.updatePasswordByEmail(existUser.email, temp_password);
+    await this.userService.updateUserStatus(existUser.uuid, UserStatus.password_reset);
+    await this.mailService.sendPasswordResetMail(existUser.email, temp_password);
   }
 
   @Post('password/update')

diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -23,8 +23,10 @@ export class AuthService {
     }
 
     const cryptoSalt = user.cryptoSalt;
-
-    if (user.userStatus != UserStatus.activated) {
+
+    if (user.userStatus == UserStatus.password_reset) {
+      await this.usersService.updateUserStatus(user.uuid, UserStatus.activated);
+    } else if (user.userStatus != UserStatus.activated) {
       throw new UnauthorizedException('Not activated account.');
     }
 

diff --git a/src/popo/user/user.meta.ts b/src/popo/user/user.meta.ts
@@ -1,6 +1,6 @@
 export enum UserType {
   student = 'STUDENT',
-  faculty = 'FACULTY', // placeStaffs
+  faculty = 'FACULTY', // 교직원
   association = 'ASSOCIATION', // 자치단체 계정
   club = 'CLUB', // 동아리 계정
   admin = 'ADMIN', // POPO 관리자,
@@ -11,5 +11,6 @@ export enum UserType {
 export enum UserStatus {
   activated = 'ACTIVATED',
   deactivated = 'DEACTIVATED',
+  password_reset = 'PASSWORD_RESET',
   banned = 'BANNED'
-}
+}