UNPKG

create-nodeapi-backend

Version:

A powerful Node.js backend boilerplate with Express, MongoDB, Firebase, JWT auth, Nodemailer, cron jobs, input validation (Joi), and serverless support for Vercel. Scaffold a full-featured API backend in seconds.

93 lines (78 loc) 2.48 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
const { User } = require("../../model/index"); const bcrypt = require("bcrypt"); const passwordChangedConfirmationMail = require("../mailerService/passwordresetsuccessfully"); const config = require("../../config/index"); const changePassword = async (data) => { try { const { id, oldPassword, newPassword } = data; const user = await User.findById(id) .select("email password profile.firstName profile.lastName googleId") .lean(); if (user.googleId) { return { code: 400, message: "You cannot change password for Google Authenticated Account, Login with Google" }; } // Check if password field exists if (!user.password) { return { code: 400, message: "Invalid user account state" }; } const [passwordMatch, newPasswordCompare] = await Promise.all([ bcrypt.compare(oldPassword, user.password), bcrypt.compare(newPassword, user.password) ]); if (!passwordMatch) { return { code: 400, message: "Incorrect old password" }; } if (newPasswordCompare) { return { code: 400, message: "Your New Password cannot be same as your old password" }; } const hashedPassword = await bcrypt.hash(newPassword, 10); const updateResult = await User.findByIdAndUpdate(id, { password: hashedPassword }); if (!updateResult) { return { code: 500, message: "Failed to update password" }; } const date = new Intl.DateTimeFormat("en-US", { month: "long", day: "numeric", year: "numeric", hour: "numeric", minute: "numeric", hour12: true }).format(new Date()); if (config.env !== "test") { await passwordChangedConfirmationMail({ email: user.email, date, name: user.profile.firstName && user.profile.lastName ? `${user.profile.firstName} ${user.profile.lastName}` : "User" }); } return { code: 200, message: "Password updated successfully" }; } catch (error) { console.error("Change password error:", error); if (error.name === "CastError") { return { code: 400, message: "Invalid user ID format" }; } return { code: 500, message: "Internal Server Error" }; } }; module.exports = changePassword;