diff --git a/src/users/users.service.spec.ts b/src/users/users.service.spec.ts
index c282c4a4a91897bde5ef23002440b9d2271a7e4c..0eeba2b54fdf5970d01ab14f5368cada2d0feab9 100644
--- a/src/users/users.service.spec.ts
+++ b/src/users/users.service.spec.ts
@@ -119,4 +119,56 @@ describe('UsersService', () => {
expect(await service.changeUserPassword('add3d', 'azertyU1!d', 'azertyU1!d')).toBe(result);
});
});
+
+ describe('sendResetPasswordEmail', () => {
+ it('should not send email', async () => {
+ const result = new HttpException('Email sent if account exist', HttpStatus.OK);
+ jest.spyOn(service, 'sendResetPasswordEmail').mockImplementation(async (): Promise<HttpException> => result);
+ expect(await service.sendResetPasswordEmail('test@mii.com')).toBe(result);
+ });
+
+ it('should send email', async () => {
+ const result = new HttpException('Email sent if account exist', HttpStatus.OK);
+ jest.spyOn(service, 'sendResetPasswordEmail').mockImplementation(async (): Promise<HttpException> => result);
+ expect(await service.sendResetPasswordEmail('test@mii.com')).toBe(result);
+ });
+ });
+
+ describe('validatePasswordResetToken', () => {
+ it('should not validate new password: token does`nt exist', async () => {
+ const result = new HttpException('Invalid token', HttpStatus.UNAUTHORIZED);
+ jest.spyOn(service, 'validatePasswordResetToken').mockImplementation(async (): Promise<HttpException> => result);
+ expect(
+ await service.validatePasswordResetToken(
+ 'test@mii.com',
+ '5def4cb41106f89c212679e164911776618bd529e4f78e2883f7dd01776612a1b4a2ad7edabf2a3e3638aa605966c7a4b69d5f07d9617334e58332ba5f9305'
+ )
+ ).toBe(result);
+ });
+
+ it('should not validate new password: weak password', async () => {
+ const result = new HttpException(
+ 'Weak password, it must contain ne lowercase alphabetical character, one uppercase alphabetical character, one numeric character, one special character and be eight characters or longer',
+ HttpStatus.UNPROCESSABLE_ENTITY
+ );
+ jest.spyOn(service, 'validatePasswordResetToken').mockImplementation(async (): Promise<HttpException> => result);
+ expect(
+ await service.validatePasswordResetToken(
+ 'test@mii.com',
+ '5def4cb41106f89c212679e164911776618bd529e4f78e2883f7dd01776612a1b4a2ad7edabf2a3e3638aa605966c7a4b69d5f07d9617334e58332ba5f9305a6'
+ )
+ ).toBe(result);
+ });
+
+ it('should validate new password', async () => {
+ const result = new HttpException('Password Reset', HttpStatus.OK);
+ jest.spyOn(service, 'validatePasswordResetToken').mockImplementation(async (): Promise<HttpException> => result);
+ expect(
+ await service.validatePasswordResetToken(
+ 'test@mii.com',
+ '5def4cb41106f89c212679e164911776618bd529e4f78e2883f7dd01776612a1b4a2ad7edabf2a3e3638aa605966c7a4b69d5f07d9617334e58332ba5f9305a6'
+ )
+ ).toBe(result);
+ });
+ });
});
diff --git a/src/users/users.service.ts b/src/users/users.service.ts
index e9aa009ec5a438a0671978501587d591888cbfe0..cf052eaf13a1ec98903fd1775a1dfd87942221fd 100644
--- a/src/users/users.service.ts
+++ b/src/users/users.service.ts
@@ -150,6 +150,10 @@ export class UsersService {
user.save();
}
+ /**
+ * Send reset password email based on ejs template
+ * @param email string
+ */
public async sendResetPasswordEmail(email: string): Promise<HttpException> {
const user = await this.findOne(email);
if (user) {
@@ -171,7 +175,13 @@ export class UsersService {
throw new HttpException('Email sent if account exist', HttpStatus.OK);
}
- public async validatePasswordResetToken(password: string, token: string): Promise<any> {
+ /**
+ * Change password with the given token and password
+ * Token existence and password strength are verified
+ * @param password string
+ * @param token string
+ */
+ public async validatePasswordResetToken(password: string, token: string): Promise<HttpException> {
const user = await this.userModel.findOne({ resetPasswordToken: token }).exec();
if (user) {
if (!this.isStrongPassword(password)) {