From 16b6190a2c7dbaf9b5debb89edaa5f59bc123a74 Mon Sep 17 00:00:00 2001 From: Marcos Spessatto Defendi Date: Tue, 17 Apr 2018 16:14:21 -0300 Subject: [PATCH] [NEW] REST endpoint to recover forgotten password (#10371) * Add REST /forgotPassword endpoint and tests * Add REST /forgotPassword endpoint and tests * Remove endpoint, from wrong file * Moving endpoint from /forgotPassword to /users.forgotPassword --- packages/rocketchat-api/server/v1/users.js | 15 ++++++++++++ tests/end-to-end/api/01-users.js | 28 ++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/packages/rocketchat-api/server/v1/users.js b/packages/rocketchat-api/server/v1/users.js index c9d194d33487..12ae7a470b87 100644 --- a/packages/rocketchat-api/server/v1/users.js +++ b/packages/rocketchat-api/server/v1/users.js @@ -394,3 +394,18 @@ RocketChat.API.v1.addRoute('user.roles', { authRequired: true }, { })); } }); + +RocketChat.API.v1.addRoute('users.forgotPassword', { authRequired: false }, { + post() { + const { email } = this.bodyParams; + if (!email) { + return RocketChat.API.v1.failure('The \'email\' param is required'); + } + + const emailSent = Meteor.call('sendForgotPasswordEmail', email); + if (emailSent) { + return RocketChat.API.v1.success(); + } + return RocketChat.API.v1.failure('User not found'); + } +}); diff --git a/tests/end-to-end/api/01-users.js b/tests/end-to-end/api/01-users.js index 9d0cdb7c5a15..6eae83d7e99c 100644 --- a/tests/end-to-end/api/01-users.js +++ b/tests/end-to-end/api/01-users.js @@ -589,4 +589,32 @@ describe('[Users]', function() { .end(done); }); }); + + describe('[/users.forgotPassword]', () => { + it('should send email to user (return success), when is a valid email', (done) => { + request.post(api('users.forgotPassword')) + .send({ + email: adminEmail + }) + .expect('Content-Type', 'application/json') + .expect(200) + .expect((res) => { + expect(res.body).to.have.property('success', true); + }) + .end(done); + }); + + it('should not send email to user(return error), when is a invalid email', (done) => { + request.post(api('users.forgotPassword')) + .send({ + email: 'invalidEmail' + }) + .expect('Content-Type', 'application/json') + .expect(400) + .expect((res) => { + expect(res.body).to.have.property('success', false); + }) + .end(done); + }); + }); });