From d496efc50b09d1b7deedd3656dd71e7a7450157f Mon Sep 17 00:00:00 2001
From: Jareer Zeenam <jareerzeenam.28@gmail.com>
Date: Thu, 15 Aug 2024 22:32:22 +0100
Subject: [PATCH] Auth user issues fixed and user services improved

---
 services/auth.js | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/services/auth.js b/services/auth.js
index 7c79d67..aca2120 100644
--- a/services/auth.js
+++ b/services/auth.js
@@ -1,5 +1,4 @@
 // registerUser
-const { User } = require('../models/User.model');
 const { ForbiddenError } = require('apollo-server-errors');
 const bcrypt = require('bcryptjs');
 const jwt = require('jsonwebtoken');
@@ -138,10 +137,12 @@ const resetPassword = async (payload) => {
   const token = payload.token;
   const newPassword = payload.newPassword;
 
-  const user = await User.findOne({ email, resetToken: token });
+  const userRepo = new UserRepository();
+  const user = await userRepo.findByEmail(email);
 
   if (
     !user ||
+    user.resetToken !== token ||
     moment(user.resetTokenExpires) < moment().subtract(1, 'hour')
   ) {
     throw new Error('Invalid or expired token');
@@ -169,14 +170,15 @@ const resetPassword = async (payload) => {
 
 // Function to generate Reset Token JWT
 async function generateResetToken(email) {
-  const user = await User.findOne({ email });
+  const userRepo = new UserRepository();
+  const user = await userRepo.findByEmail(email);
 
   if (!user) {
     throw new Error('User not found');
   }
 
   if (user.resetTokenExpires) {
-    const resetTokenExpires = moment(tokenExpires);
+    const resetTokenExpires = moment(user.resetTokenExpires);
     const tokenHasExpired = resetTokenExpires.isBefore(
       moment().subtract(1, 'hour')
     );