Dis 187 reset password if forgotten back

[ChloeXiao0409]

This pull request introduces a complete password reset flow to the authentication system, including backend endpoints, data model changes, and email delivery via AWS SES. It also adds a new SES module for sending emails, updates dependencies, and includes an HTML email template for password reset notifications.

Password Reset Feature:

• Added endpoints to AuthController for requesting a password reset (POST /forgot-password) and for resetting the password (POST /reset-password), both with appropriate API documentation and response handling.
• Implemented forgotPassword and resetPassword methods in AuthService, including secure token generation, token expiration, validation, and password update logic.
• Introduced ResetPasswordDto for validating reset password requests.
• Updated the User schema to include resetPasswordToken and resetPasswordExpires fields for tracking password reset requests.

Email Delivery via AWS SES:

• Added a new SesModule and SesService for sending emails using AWS SES, including configuration via environment variables and error logging.
• Integrated SesModule into the authentication module and injected SesService into AuthService.
• Added an HTML email template (templates/email.html) for the password reset email, with dynamic placeholders for user name and reset link.

Dependency Updates:

• Added @aws-sdk/client-ses and ses packages to package.json to support AWS SES email sending.

Other Minor Changes:

• Minor update to a user schema string (not related to password reset).

[Copilot]

Pull request overview

This pull request implements a complete password reset flow for the authentication system, including backend API endpoints, AWS SES email delivery, database schema changes, and an HTML email template.

Key Changes:

• Added password reset endpoints (/forgot-password and /reset-password) with token-based validation and 15-minute expiration
• Integrated AWS SES for transactional email delivery with a branded HTML email template
• Extended the User schema with resetPasswordToken and resetPasswordExpires fields

Reviewed changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated 14 comments.

Show a summary per file

File	Description
templates/email.html	New HTML email template for password reset notifications with company branding
src/modules/user/schema/user.schema.ts	Added optional fields for password reset tokens and expiration; updated default message text
src/modules/ses/ses.service.ts	New service for sending emails via AWS SES with error logging
src/modules/ses/ses.module.ts	New module exporting SES service for dependency injection
src/modules/auth/dto/reset-password.dto.ts	New DTO for validating password reset requests with token and password fields
src/modules/auth/auth.service.ts	Implemented forgotPassword and resetPassword methods with secure token generation and validation
src/modules/auth/auth.module.ts	Integrated SesModule into authentication module
src/modules/auth/auth.controller.ts	Added /forgot-password and /reset-password endpoints with CSRF exemption
package.json	Added @aws-sdk/client-ses and ses dependencies
pnpm-lock.yaml	Lockfile updates for new AWS SDK and related dependencies

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Benbenzhouz]

ok