uwblueprint
diff --git a/‎backend/typescript/rest/authRoutes.ts‎
Lines changed: 28 additions & 0 deletions b/‎backend/typescript/rest/authRoutes.ts‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎backend/typescript/services/implementations/authService.ts‎
Lines changed: 24 additions & 1 deletion b/‎backend/typescript/services/implementations/authService.ts‎
Lines changed: 24 additions & 1 deletion
diff --git a/‎backend/typescript/services/interfaces/authService.ts‎
Lines changed: 9 additions & 1 deletion b/‎backend/typescript/services/interfaces/authService.ts‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎backend/typescript/types.ts‎
Lines changed: 5 additions & 0 deletions b/‎backend/typescript/types.ts‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎frontend/package.json‎
Lines changed: 1 addition & 0 deletions b/‎frontend/package.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎frontend/public/images/humane_society_logo_text.png‎
9.01 KB b/‎frontend/public/images/humane_society_logo_text.png‎
9.01 KB
diff --git a/‎frontend/src/APIClients/AuthAPIClient.ts‎
Lines changed: 32 additions & 1 deletion b/‎frontend/src/APIClients/AuthAPIClient.ts‎
Lines changed: 32 additions & 1 deletion
diff --git a/‎frontend/src/App.tsx‎
Lines changed: 7 additions & 0 deletions b/‎frontend/src/App.tsx‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎frontend/src/components/assets/background.png‎
109 KB b/‎frontend/src/components/assets/background.png‎
109 KB
diff --git a/‎frontend/src/components/assets/background_mobile.png‎
42.4 KB b/‎frontend/src/components/assets/background_mobile.png‎
42.4 KB
@@ -117,6 +117,34 @@ authRouter.post(
   },
 );
 
+// updates user password and updates status
+authRouter.post(
+  "/setPassword/:email",
+  isAuthorizedByEmail("email"),
+  async (req, res) => {
+    try {
+      const responseSuccess = await authService.setPassword(
+        req.params.email,
+        req.body.newPassword,
+      );
+      if (responseSuccess.success) {
+        const user = await userService.getUserByEmail(req.params.email);
+        if (user.status === UserStatus.INVITED) {
+          userService.updateUserById(user.id, {
+            ...user,
+            status: UserStatus.ACTIVE,
+          });
+        }
+        res.status(200).json(responseSuccess);
+      } else {
+        res.status(400).json(responseSuccess);
+      }
+    } catch (error) {
+      res.status(500).json({ error: getErrorMessage(error) });
+    }
+  },
+);
+
 /* Invite a user */
 authRouter.post("/invite-user", inviteUserDtoValidator, async (req, res) => {
   try {
 
@@ -3,7 +3,7 @@ import * as firebaseAdmin from "firebase-admin";
 import IAuthService from "../interfaces/authService";
 import IEmailService from "../interfaces/emailService";
 import IUserService from "../interfaces/userService";
-import { AuthDTO, Role, Token } from "../../types";
+import { AuthDTO, Role, Token, ResponseSuccessDTO } from "../../types";
 import { getErrorMessage } from "../../utilities/errorUtils";
 import FirebaseRestClient from "../../utilities/firebaseRestClient";
 import logger from "../../utilities/logger";
@@ -286,6 +286,29 @@ class AuthService implements IAuthService {
       return false;
     }
   }
+
+  async setPassword(
+    email: string,
+    newPassword: string,
+  ): Promise<ResponseSuccessDTO> {
+    let errorMessage = "An unknown error occured. Please try again later.";
+    try {
+      const uid = await (await firebaseAdmin.auth().getUserByEmail(email)).uid;
+      await firebaseAdmin.auth().updateUser(uid, {
+        password: newPassword,
+      });
+      return { success: true } as ResponseSuccessDTO;
+    } catch (error: any) {
+      Logger.error(`Failed to update password. Error: ${error}`);
+      if (error.code === "auth/invalid-password") {
+        errorMessage =
+          "Password is too weak! Make sure it matches the password policy in Firebase.";
+      } else if (error.code === "auth/user-not-found") {
+        errorMessage = "No user found with the provided email!";
+      }
+      return { success: false, errorMessage };
+    }
+  }
 }
 
 export default AuthService;
@@ -1,4 +1,4 @@
-import { AuthDTO, Role, Token } from "../../types";
+import { AuthDTO, Role, Token, ResponseSuccessDTO } from "../../types";
 
 interface IAuthService {
   /**
@@ -98,6 +98,14 @@ interface IAuthService {
     accessToken: string,
     requestedEmail: string,
   ): Promise<boolean>;
+
+  /**
+   * Set password for the specified email.
+   * @param accessToken user's access token
+   * @param requestedEmail email address of requested user
+   * @returns success (boolean) and errorMessage (string)
+   */
+  setPassword(email: string, newPassword: string): Promise<ResponseSuccessDTO>;
 }
 
 export default IAuthService;
@@ -31,6 +31,11 @@ export type RegisterUserDTO = Omit<CreateUserDTO, "role">;
 
 export type AuthDTO = Token & UserDTO;
 
+export type ResponseSuccessDTO = {
+  success: boolean;
+  errorMessage?: string;
+};
+
 export type Letters = "A" | "B" | "C" | "D";
 
 const sexValues = ["M", "F"] as const;
 
@@ -4,6 +4,7 @@
   "private": true,
   "dependencies": {
     "@apollo/client": "^3.3.16",
+    "@chakra-ui/icons": "^2.2.4",
     "@chakra-ui/react": "^2.8.2",
     "@emotion/react": "^11.11.4",
     "@emotion/styled": "^11.11.5",
 
@@ -2,7 +2,7 @@ import { signInWithEmailLink } from "firebase/auth";
 import { FirebaseError } from "firebase/app";
 import auth from "../firebase/firebase";
 import AUTHENTICATED_USER_KEY from "../constants/AuthConstants";
-import { AuthenticatedUser } from "../types/AuthTypes";
+import { AuthenticatedUser, PasswordSetResponse } from "../types/AuthTypes";
 import baseAPIClient from "./BaseAPIClient";
 import {
   getLocalStorageObjProperty,
@@ -144,6 +144,35 @@ const refresh = async (): Promise<boolean> => {
   }
 };
 
+const getEmailOfCurrentUser = async (): Promise<string> => {
+  const email = getLocalStorageObjProperty(AUTHENTICATED_USER_KEY, "email");
+  if (typeof email === "string") {
+    return email;
+  }
+  throw new Error("Email not found for the current user");
+};
+
+const setPassword = async (
+  newPassword: string,
+): Promise<PasswordSetResponse> => {
+  const bearerToken = `Bearer ${getLocalStorageObjProperty(
+    AUTHENTICATED_USER_KEY,
+    "accessToken",
+  )}`;
+  try {
+    const email = await getEmailOfCurrentUser();
+    // set password
+    const response = await baseAPIClient.post(
+      `/auth/setPassword/${email}`,
+      { newPassword },
+      { headers: { Authorization: bearerToken } },
+    );
+    return response.data;
+  } catch (error) {
+    return { success: false, errorMessage: "An unknown error occured." };
+  }
+};
+
 export default {
   login,
   loginWithSignInLink,
@@ -152,4 +181,6 @@ export default {
   register,
   resetPassword,
   refresh,
+  setPassword,
+  getEmailOfCurrentUser,
 };
@@ -15,6 +15,7 @@ import SimpleEntityDisplayPage from "./components/pages/SimpleEntityDisplayPage"
 import NotFound from "./components/pages/NotFound";
 import UpdatePage from "./components/pages/UpdatePage";
 import SimpleEntityUpdatePage from "./components/pages/SimpleEntityUpdatePage";
+import CreatePasswordPage from "./components/pages/CreatePasswordPage";
 import * as Routes from "./constants/Routes";
 import * as AuthConstants from "./constants/AuthConstants";
 import AUTHENTICATED_USER_KEY from "./constants/AuthConstants";
@@ -62,6 +63,12 @@ const App = (): React.ReactElement => {
             <Switch>
               <Route exact path={Routes.LOGIN_PAGE} component={Login} />
               <Route exact path={Routes.SIGNUP_PAGE} component={Signup} />
+              <PrivateRoute
+                exact
+                path={Routes.CREATE_PASSWORD_PAGE}
+                component={CreatePasswordPage}
+                allowedRoles={AuthConstants.ALL_ROLES}
+              />
               <Route
                 exact
                 path={Routes.FORGOT_PASSWORD_PAGE}