From b9a38a3d963710e78f29455acaca3d9f94cbd5d5 Mon Sep 17 00:00:00 2001
From: Omar <mihilmy@yahoo.com>
Date: Wed, 26 Dec 2018 18:03:10 -0800
Subject: [PATCH] Reset password through email

---
 src/config/router.js     |  1 +
 src/ups/auth/dao.js      | 11 ++++++++++-
 src/ups/auth/handlers.js | 19 ++++++++++++++++++-
 3 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/src/config/router.js b/src/config/router.js
index a752fa8..5121338 100644
--- a/src/config/router.js
+++ b/src/config/router.js
@@ -13,6 +13,7 @@ function router(app) {
   app.post('/auth/phone/verify', AuthHandlers.verifyPhoneCode);
   app.post('/auth/signin', AuthHandlers.signin);
   app.put('/auth/signup', AuthHandlers.signup);
+  app.post('/auth/passwordReset', AuthHandlers.sendPasswordResetEmail)
 
   // Users Endpoints
   app.get('/users/by/phone', UserHandlers.findNetworkByPhone);
diff --git a/src/ups/auth/dao.js b/src/ups/auth/dao.js
index 6a15481..9eaa647 100644
--- a/src/ups/auth/dao.js
+++ b/src/ups/auth/dao.js
@@ -61,6 +61,14 @@ function createNewUser(user) {
   });
 }
 
+/**
+ * Sends a password reset email
+ * @param {email} email 
+ */
+function resetPassword(email) {
+  return firebase.auth().sendPasswordResetEmail(email).catch( error => { throw { error: error.code }; });
+}
+
 /**
  * 
  * @param {string} phone 
@@ -157,7 +165,8 @@ module.exports = {
   signinWithTagferId,
   signinWithEmail,
   createNewUser,
-  createNewSessionId
+  createNewSessionId,
+  resetPassword
 };
 
 // function signinWithTagferId1(tagferId, password, callback) {
diff --git a/src/ups/auth/handlers.js b/src/ups/auth/handlers.js
index 2130cb5..9f24441 100644
--- a/src/ups/auth/handlers.js
+++ b/src/ups/auth/handlers.js
@@ -107,10 +107,27 @@ function signup(req, res) {
   });
 }
 
+/**
+ * Endpoint: auth/passwordReset
+ * Send a reset password link to the email
+ * @param {Object} req { email: String }
+ * @param {Object} res {} | { error: String }
+ */
+function sendPasswordResetEmail(req, res) {
+  const { email } = req.body;
+  const verifier = () => email;
+  if (!utils.isAppSecretValid(req,res) || !utils.isBodyValid(verifier, res)) {
+    return;
+  }
+
+  dao.resetPassword(email).then(() => res.json({}) ).catch( error => res.json(error))
+}
+
 module.exports = {
   doesAttributeExist,
   sendPhoneCode,
   verifyPhoneCode,
   signin,
-  signup
+  signup,
+  sendPasswordResetEmail
 };
\ No newline at end of file