add account reset

2025-06-02 16:37:22 +05:30
parent 52b97fe7ad
commit e25c9e5f92
4 changed files with 66 additions and 2 deletions
--- a/src/user/user.service.ts
+++ b/src/user/user.service.ts
@@ -4,6 +4,7 @@ import { CreateUserInput, UpdateUserInput, userModel } from "./user.schema";
 import { sendMail } from "../utils/mail";
 import { AuthenticatedUser } from "../auth";

+export const ErrUserNotFound = new Error("user not found");
 export const ErrOpNotValid = new Error("operation is not valid");
 export const ErrMissingOrdId = new Error(
  "orgId is required when role is client"
@@ -57,6 +58,42 @@ export async function createUser(
    .populate({ path: "orgId", select: "pid name avatar" });
 }

+export async function resetUser(userId: string, user: AuthenticatedUser) {
+  if (user.role !== "superAdmin") {
+    throw ErrOpNotValid;
+  }
+
+  const token = await generateToken();
+  const userInDb = await userModel.findOneAndUpdate(
+    { pid: userId, tenantId: user.tenantId },
+    {
+      $set: {
+        token: {
+          value: token,
+          expiry: new Date(Date.now() + 3600 * 48 * 1000),
+        },
+      },
+    },
+    { new: true }
+  );
+
+  if (!userInDb) {
+    throw ErrUserNotFound;
+  }
+
+  const sent = await sendMail(
+    userInDb.email,
+    "Quicker Permits account reset",
+    `Click <a href="${
+      process.env.SERVER_DOMAIN +
+      "/auth/webauthn/register?token=" +
+      token +
+      "&email=" +
+      userInDb.email
+    }">here</a> to reset.`
+  );
+}
+
 export async function getUser(userId: string) {
  if (mongoose.Types.ObjectId.isValid(userId)) {
    return await userModel