Added password reset

Author: Seluj78

backend/PyMatcha/routes/api/auth/password.py

@@ -55,7 +55,8 @@ def forgot_password():
         pass
     else:
         token = generate_confirmation_token(email=data["email"], token_type="reset")
-        link = os.getenv("APP_URL") + "/auth/password/forgot/" + token
+        # link = os.getenv("APP_URL") + "/auth/password/forgot/" + token
+        link = f"{os.getenv('FRONT_URL')}/accounts/password/reset?token={token}"
         rendered_html = render_template("password_reset.html", link=link)
         current_app.logger.debug("/auth/password/forgot -> Sending worker request to send email")
         send_mail_html.delay(dest=data["email"], subject="Reset your password on PyMatcha", html=rendered_html)

backend/schemas/swagger.yaml

@@ -279,7 +279,7 @@ paths:
                     type: string
                     example: Profile completed !
   /profile/edit:
-    post:
+    put:
       tags:
         - Profile
       summary: Edit user profile
@@ -880,6 +880,85 @@ paths:
                 type: array
                 items:
                   $ref: '#/components/schemas/OnlineUser'
+  /auth/password/forgot:
+    post:
+      summary: Request a password reset
+      description: Will always return a success, no matter the email passed. Emails will be sent only to valid email adresses in the database
+      operationId: requestPasswordReset
+      tags:
+        - Authentication
+      requestBody:
+        description: Parameters to request password reset
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                email:
+                  type: string
+                  required: true
+                  example: foo@example.org
+      responses:
+        "200":
+          description: Success
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  code:
+                    type: string
+                    example: 200
+                  success:
+                    type: boolean
+                    example: true
+                  message:
+                    type: string
+                    example: Password reset mail sent successfully if user exists in DB
+  /auth/password/reset:
+    post:
+      summary: Reset a password
+      operationId: passwordReset
+      tags:
+        - Authentication
+      requestBody:
+        description: Parameters to request password reset
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                email:
+                  type: string
+                  required: true
+                  example: foo@example.org
+                password:
+                  type: string
+                  required: true
+                  example: dolphin2
+      responses:
+        "404":
+          $ref: '#/components/responses/NotFound'
+        "400":
+          $ref: '#/components/responses/BadRequest'
+        "200":
+          description: Success
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  code:
+                    type: string
+                    example: 200
+                  success:
+                    type: boolean
+                    example: true
+                  message:
+                    type: string
+                    example: Password reset successful.
 
 
 servers: