feature: user reset-password route & email sending functionality added

DataRohit · DataRohit · commit 19e5cbdaf55b · 2024-10-09T09:56:57.000+05:30
diff --git a/src/auth/routes.py b/src/auth/routes.py
@@ -14,9 +14,14 @@
     UserCreateResponseSchema,
     UserCreateSchema,
     UserForgotPasswordSchema,
+    UserResetPasswordSchema,
 )
 from .service import UserService
-from .utils import decode_url_safe_token, generate_url_safe_token
+from .utils import (
+    decode_url_safe_token,
+    generate_password_hash,
+    generate_url_safe_token,
+)
 
 auth_router = APIRouter()
 user_service = UserService()
@@ -143,3 +148,59 @@ async def forgot_password(
         status_code=status.HTTP_200_OK,
         content={"message": "Password reset link sent to your email"},
     )
+
+
+@auth_router.post(
+    "/reset-password/{password_reset_token}", status_code=status.HTTP_200_OK
+)
+async def reset_password(
+    password_reset_token: str,
+    user_data: UserResetPasswordSchema,
+    session: AsyncSession = Depends(get_session),
+):
+    data = decode_url_safe_token(password_reset_token)
+
+    user_uid = data.get("user_uid")
+    expires_at = data.get("expires_at")
+
+    if not user_uid or not expires_at:
+        return JSONResponse(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            content={"message": "Invalid password reset token"},
+        )
+
+    if datetime.now().timestamp() > expires_at:
+        return JSONResponse(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            content={"message": "Password reset token expired"},
+        )
+
+    user = await user_service.get_user_by_uid(user_uid, session)
+    if not user:
+        return JSONResponse(
+            status_code=status.HTTP_404_NOT_FOUND,
+            content={"message": "User not found"},
+        )
+
+    if user_data.password != user_data.confirm_password:
+        return JSONResponse(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            content={"message": "Passwords do not match"},
+        )
+
+    user.hashed_password = generate_password_hash(user_data.password)
+
+    await session.commit()
+    await session.refresh(user)
+
+    await send_email(
+        [user.email],
+        "Password Reset Successfully",
+        "auth/reset_password_success_email.html",
+        {"first_name": user.first_name},
+    )
+
+    return JSONResponse(
+        status_code=status.HTTP_200_OK,
+        content={"message": "Password reset successfully"},
+    )
diff --git a/src/auth/schemas.py b/src/auth/schemas.py
@@ -55,3 +55,17 @@ class UserForgotPasswordSchema(BaseModel):
     email: str = Field(max_length=50)
 
     model_config = {"json_schema_extra": {"example": {"email": "johndoe@example.com"}}}
+
+
+class UserResetPasswordSchema(BaseModel):
+    password: str = Field(min_length=8, max_length=50)
+    confirm_password: str = Field(min_length=8, max_length=50)
+
+    model_config = {
+        "json_schema_extra": {
+            "example": {
+                "password": "JohnDoe@Password123",
+                "confirm_password": "JohnDoe@Password123",
+            }
+        }
+    }
diff --git a/templates/auth/forgot_password_email.html b/templates/auth/forgot_password_email.html
@@ -110,7 +110,7 @@
 <body>
     <div class="container">
         <div class="header">
-            <img src="/api/placeholder/200/80" alt="Bookly Logo" class="logo"/>
+            <img src="https://svgshare.com/i/1BF7.svg" alt="Bookly Logo" class="logo"/>
         </div>
         <div class="content">
             <h1>Reset Your Password, {{first_name}}</h1>
diff --git a/templates/auth/reset_password_success_email.html b/templates/auth/reset_password_success_email.html
@@ -0,0 +1,131 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Password Reset Successful - Bookly</title>
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap');
+        
+        body {
+            background-color: #f0fdf4;
+            font-family: 'Inter', sans-serif;
+            margin: 0;
+            padding: 0;
+            -webkit-font-smoothing: antialiased;
+            -moz-osx-font-smoothing: grayscale;
+        }
+        .container {
+            width: 100%;
+            max-width: 600px;
+            margin: 40px auto;
+            background-color: #ffffff;
+            border-radius: 16px;
+            box-shadow: 0 4px 24px rgba(22, 163, 74, 0.15);
+            overflow: hidden;
+        }
+        .header {
+            background-color: #22c55e;
+            padding-top: 32px;
+            padding-bottom: 22px;
+            text-align: center;
+        }
+        .logo {
+            height: 56px;
+            width: auto;
+        }
+        .content {
+            padding: 48px 40px;
+            padding-bottom: 20px;
+            text-align: left;
+        }
+        h1 {
+            font-size: 28px;
+            font-weight: 700;
+            color: #166534;
+            margin-bottom: 24px;
+        }
+        p {
+            font-size: 16px;
+            line-height: 1.6;
+            color: #14532d;
+        }
+        a {
+            color: #16a34a;
+            text-decoration: none;
+            font-weight: 600;
+        }
+        .button {
+            display: inline-block;
+            background-color: #22c55e;
+            color: #ffffff;
+            padding: 14px 32px;
+            border-radius: 8px;
+            text-decoration: none;
+            font-weight: 600;
+            font-size: 16px;
+            margin: 12px 0;
+            transition: background-color 0.3s ease, transform 0.2s ease;
+        }
+        .button:hover {
+            background-color: #16a34a;
+            transform: translateY(-2px);
+        }
+        .note {
+            background-color: #dcfce7;
+            border-left: 4px solid #22c55e;
+            padding: 16px;
+            margin-top: 26px;
+            border-radius: 0 8px 8px 0;
+        }
+        .footer {
+            background-color: #f0fdf4;
+            padding: 24px 40px;
+            text-align: center;
+            font-size: 14px;
+            color: #15803d;
+        }
+        .footer a {
+            color: #166534;
+        }
+        .divider {
+            height: 1px;
+            background-color: #bbf7d0;
+            margin: 32px 0;
+        }
+        @media (max-width: 600px) {
+            .container {
+                margin: 0;
+                border-radius: 0;
+            }
+            .content {
+                padding: 32px 24px;
+            }
+            .footer {
+                padding: 24px;
+            }
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="header">
+            <img src="https://svgshare.com/i/1BF7.svg" alt="Bookly Logo" class="logo"/>
+        </div>
+        <div class="content">
+            <h1>Password Reset Successful, {{first_name}}!</h1>
+            <p>Great news! Your Bookly account password has been successfully reset.</p>
+            <p>You can now log in to your account using your new password. If you didn't make this change or if you believe an unauthorized person has accessed your account, please contact our support team immediately.</p>
+            <div class="note">
+                <p><strong>Security Tip:</strong> To keep your account safe, we recommend using a unique, strong password and enabling two-factor authentication if available.</p>
+            </div>
+            <div class="divider"></div>
+            <p>If you have any questions or concerns, please don't hesitate to reach out to our support team. We're here to help!</p>
+        </div>
+        <div class="footer">
+            <p>&copy; 2024 Bookly - Rohit Vilas Ingole (DataRohit). All rights reserved.</p>
+            <a href="https://github.com/datarohit">Visit our GitHub</a>
+        </div>
+    </div>
+</body>
+</html>
