src/users/controllers/users.controller.spec.ts

@@ -51,7 +51,7 @@ describe('UsersController', () => {
     updateStructureLinkedClaim: jest.fn(),
     updateUserDetails: jest.fn(),
     updateUserProfile: jest.fn(),
-    validatePasswordResetToken: jest.fn(),
+    resetPassword: jest.fn(),
     validateUser: jest.fn(),
     verifyAndUpdateUserEmail: jest.fn(),
     verifyUserExist: jest.fn(),
@@ -330,8 +330,8 @@ describe('UsersController', () => {
   });
 
   describe('resetPasswordApply', () => {
-    it('should call validatePasswordResetToken', async () => {
-      const spyer = jest.spyOn(userServiceMock, 'validatePasswordResetToken');
+    it('should call resetPassword', async () => {
+      const spyer = jest.spyOn(userServiceMock, 'resetPassword');
       await usersController.resetPasswordApply(new PasswordResetApplyDto());
       expect(spyer).toHaveBeenCalledTimes(1);
     });

src/users/controllers/users.controller.ts

@@ -27,6 +27,7 @@ import { CreateUserDto } from '../dto/create-user.dto';
 import { DescriptionDto } from '../dto/description.dto';
 import { ProfileDto } from '../dto/profile.dto';
 import { PasswordResetApplyDto } from '../dto/reset-password-apply.dto';
+import { PasswordResetCheckDto } from '../dto/reset-password-check.dto';
 import { PasswordResetDto } from '../dto/reset-password.dto';
 import { UpdateDetailsDto } from '../dto/update-details.dto';
 import { IPendingStructureToken } from '../interfaces/pending-structure-token.interface';
@@ -151,10 +152,16 @@ export class UsersController {
     return this.usersService.sendResetPasswordEmail(passwordReset.email);
   }
 
+  @Post('reset-password/check')
+  @ApiResponse({ status: 200, description: 'Check if token is valid' })
+  public async resetPasswordCheck(@Body() passwordResetCheckDto: PasswordResetCheckDto) {
+    return this.usersService.checkPasswordResetToken(passwordResetCheckDto.token);
+  }
+
   @Post('reset-password/apply')
-  @ApiResponse({ status: 200, description: 'Email sent if account exist' })
+  @ApiResponse({ status: 200, description: 'Reset password if token and new password are valid' })
   public async resetPasswordApply(@Body() passwordResetApplyDto: PasswordResetApplyDto) {
-    return this.usersService.validatePasswordResetToken(passwordResetApplyDto.password, passwordResetApplyDto.token);
+    return this.usersService.resetPassword(passwordResetApplyDto.password, passwordResetApplyDto.token);
   }
 
   @Post('verify-exist-user')

src/users/dto/reset-password-check.dto.ts

+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, IsString } from 'class-validator';
+
+export class PasswordResetCheckDto {
+  @ApiProperty({ type: String })
+  @IsNotEmpty()
+  @IsString()
+  readonly token: string;
+}

src/users/services/users.service.ts

@@ -2,6 +2,7 @@ import { HttpException, HttpStatus, Inject, Injectable, Logger, forwardRef } fro
 import { JwtService } from '@nestjs/jwt';
 import { InjectModel } from '@nestjs/mongoose';
 import { Cron, CronExpression } from '@nestjs/schedule';
+import { AxiosResponse } from 'axios';
 import * as bcrypt from 'bcrypt';
 import * as crypto from 'crypto';
 import * as ejs from 'ejs';
@@ -11,8 +12,10 @@ import { Model, Types } from 'mongoose';
 import { PendingStructureDto } from '../../admin/dto/pending-structure.dto';
 import { LoginDto } from '../../auth/login-dto';
 import { MailerService } from '../../mailer/mailer.service';
+import { NewsletterService } from '../../newsletter/newsletter.service';
 import { PersonalOfferDocument } from '../../personal-offers/schemas/personal-offer.schema';
 import { Structure, StructureDocument } from '../../structures/schemas/structure.schema';
+import { StructuresService } from '../../structures/services/structures.service';
 import { EmailChangeDto } from '../dto/change-email.dto';
 import { CreateUserDto } from '../dto/create-user.dto';
 import { DescriptionDto } from '../dto/description.dto';
@@ -25,9 +28,6 @@ import { JobDocument } from '../schemas/job.schema';
 import { User } from '../schemas/user.schema';
 import { JobsService } from './jobs.service';
 import { UserRegistrySearchService } from './userRegistry-search.service';
-import { StructuresService } from '../../structures/services/structures.service';
-import { AxiosResponse } from 'axios';
-import { NewsletterService } from '../../newsletter/newsletter.service';
 
 @Injectable()
 export class UsersService {
@@ -383,13 +383,22 @@ export class UsersService {
     throw new HttpException('Email sent if account exist', HttpStatus.OK);
   }
 
+  /**
+   * Verify reset password token existence
+   * @param token string
+   */
+  public async checkPasswordResetToken(token: string): Promise<boolean> {
+    const user = await this.userModel.findOne({ resetPasswordToken: token }).exec();
+    return user !== null;
+  }
+
   /**
    * Change password with the given token and password
    * Token existence and password strength are verified
    * @param password string
    * @param token string
    */
-  public async validatePasswordResetToken(password: string, token: string): Promise<void> {
+  public async resetPassword(password: string, token: string): Promise<void> {
     const user = await this.userModel.findOne({ resetPasswordToken: token }).exec();
     if (user) {
       if (!this.isStrongPassword(password)) {