-
Notifications
You must be signed in to change notification settings - Fork 36
Expand file tree
/
Copy pathPasswordResetController.java
More file actions
43 lines (34 loc) · 1.46 KB
/
PasswordResetController.java
File metadata and controls
43 lines (34 loc) · 1.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
package com.greencode.controller;
import com.greencode.dto.PasswordResetConfirmDto;
import com.greencode.dto.PasswordResetRequestDto;
import com.greencode.service.PasswordResetService;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/auth/password-reset")
public class PasswordResetController {
private final PasswordResetService service;
public PasswordResetController(PasswordResetService service) {
this.service = service;
}
@PostMapping("/request")
public ResponseEntity<?> request(@RequestBody PasswordResetRequestDto dto) {
String token = service.requestReset(dto.email);
// DEV ONLY: print token to console so you can test UI without email sending
if (token != null) {
System.out.println("DEV reset token for " + dto.email + ": " + token);
}
// Always 200 (avoid leaking user existence)
return ResponseEntity.ok().build();
}
@GetMapping("/validate")
public ResponseEntity<?> validate(@RequestParam String token) {
if (service.validateToken(token)) return ResponseEntity.ok().build();
return ResponseEntity.badRequest().body("Invalid or expired token");
}
@PostMapping("/confirm")
public ResponseEntity<?> confirm(@RequestBody PasswordResetConfirmDto dto) {
service.confirmReset(dto.token, dto.newPassword);
return ResponseEntity.ok().build();
}
}