feat(auth): admin user updates added

if a password change happens then an email will be sent to the user.

server/services/auth/controllers/userAdmin/updateUserAdm.ts

@@ -5,64 +5,78 @@ import { tryCatch } from "../../../../globalUtils/tryCatch.js";
 import type { User } from "../../../../types/users.js";
 import { createPassword } from "../../utils/createPassword.js";
 import { createLog } from "../../../logger/logger.js";
+import { sendEmail } from "../../../notifications/controller/sendMail.js";
 
 export const updateUserADM = async (userData: User) => {
-  /**
-   * The user model will need to be passed over so we can update per the request on the user.
-   * password, username, email.
-   */
+    /**
+     * The user model will need to be passed over so we can update per the request on the user.
+     * password, username, email.
+     */
 
-  createLog(
-    "info",
-    "apiAuthedRoute",
-    "auth",
-    `${userData.user_id} is being updated.`
-  );
-  // get the orignal user info
-  const { data: user, error: userError } = await tryCatch(
-    db.select().from(users).where(eq(users.user_id, userData.user_id!))
-  );
+    createLog(
+        "info",
+        "apiAuthedRoute",
+        "auth",
+        `${userData.user_id} is being updated.`
+    );
+    // get the orignal user info
+    const { data: user, error: userError } = await tryCatch(
+        db.select().from(users).where(eq(users.user_id, userData.user_id!))
+    );
 
-  if (userError) {
-    return {
-      success: false,
-      message: "There was an error getting the user",
-      userError,
+    if (userError) {
+        return {
+            success: false,
+            message: "There was an error getting the user",
+            userError,
+        };
+    }
+    if (user?.length === 0) {
+        return {
+            success: false,
+            message:
+                "The user you are looking for has either been deleted or dose not exist.",
+        };
+    }
+    const upd_user = user as User;
+    const password: string = userData.password
+        ? await createPassword(userData.password!)
+        : upd_user.password!;
+    const data = {
+        username: userData.username ? userData.username : upd_user?.username,
+        password: password,
+        email: userData.email ? userData.email : upd_user.email,
     };
-  }
-  if (user?.length === 0) {
+
+    // term ? ilike(posts.title, term) : undefined
+    const { data: updData, error: updError } = await tryCatch(
+        db.update(users).set(data).where(eq(users.user_id, userData.user_id!))
+    );
+
+    if (updError) {
+        return {
+            success: false,
+            message: "There was an error getting the user",
+            updError,
+        };
+    }
+
+    if (userData?.password!.length > 0) {
+        // send this user an email so they have the randomized password.
+        await sendEmail({
+            email: user[0]?.email,
+            subject: "LST - Password reset.",
+            template: "passwordReset",
+            context: {
+                password: userData.password!,
+                username: user[0].username!,
+            },
+        });
+    }
+
     return {
-      success: false,
-      message:
-        "The user you are looking for has either been deleted or dose not exist.",
+        success: true,
+        message: `${userData.username} has been updated.`,
+        updData,
     };
-  }
-  const upd_user = user as User;
-  const password: string = userData.password
-    ? await createPassword(userData.password!)
-    : upd_user.password!;
-  const data = {
-    username: userData.username ? userData.username : upd_user?.username,
-    password: password,
-    email: userData.email ? userData.email : upd_user.email,
-  };
-
-  // term ? ilike(posts.title, term) : undefined
-  const { data: updData, error: updError } = await tryCatch(
-    db.update(users).set(data).where(eq(users.user_id, userData.user_id!))
-  );
-
-  if (updError) {
-    return {
-      success: false,
-      message: "There was an error getting the user",
-      updError,
-    };
-  }
-
-  return {
-    success: true,
-    message: `${userData.username} has been updated.`,
-    updData,
-  };
 };

server/services/auth/routes/userAdmin/updateUser.ts

@@ -10,82 +10,76 @@ import { updateUserADM } from "../../controllers/userAdmin/updateUserAdm.js";
 const app = new OpenAPIHono();
 
 const responseSchema = z.object({
-  success: z.boolean().openapi({ example: true }),
-  message: z.string().optional().openapi({ example: "user access" }),
-  data: z.array(z.object({})).optional().openapi({ example: [] }),
+    success: z.boolean().openapi({ example: true }),
+    message: z.string().optional().openapi({ example: "user access" }),
+    data: z.array(z.object({})).optional().openapi({ example: [] }),
 });
 
 const UserAccess = z.object({
-  user_id: z.string().openapi({ example: "users UUID" }),
-  username: z
-    .string()
-    .regex(/^[a-zA-Z0-9_]{3,30}$/)
-    .optional()
-    .openapi({ example: "smith034" }),
-  email: z
-    .string()
-    .email()
-    .optional()
-    .openapi({ example: "smith@example.com" }),
-  password: z
-    .string()
-    .min(6, { message: "Passwords must be longer than 3 characters" })
-    .regex(/[A-Z]/, {
-      message: "Password must contain at least one uppercase letter",
-    })
-    .regex(/[\W_]/, {
-      message: "Password must contain at least one special character",
-    })
-    .optional()
-    .openapi({ example: "Password1!" }),
+    user_id: z.string().openapi({ example: "users UUID" }),
+    username: z
+        .string()
+        .regex(/^[a-zA-Z0-9_]{3,30}$/)
+        .optional()
+        .openapi({ example: "smith034" }),
+    email: z
+        .string()
+        .email()
+        .optional()
+        .openapi({ example: "smith@example.com" }),
+    password: z
+        .string()
+
+        .optional()
+        .openapi({ example: "Password1!" }),
 });
 
 app.openapi(
-  createRoute({
-    tags: ["Auth:admin"],
-    summary: "updates a specific user",
-    method: "post",
-    path: "/updateuser",
-    middleware: [
-      authMiddleware,
-      hasCorrectRole(["admin", "systemAdmin"], "admin"),
-    ],
-    //description: "When logged in you will be able to grant new permissions",
-    request: {
-      body: {
-        content: {
-          "application/json": { schema: UserAccess },
+    createRoute({
+        tags: ["Auth:admin"],
+        summary: "updates a specific user",
+        method: "patch",
+        path: "/updateuser",
+        middleware: [
+            authMiddleware,
+            hasCorrectRole(["admin", "systemAdmin"], "admin"),
+        ],
+        //description: "When logged in you will be able to grant new permissions",
+        request: {
+            body: {
+                content: {
+                    "application/json": { schema: UserAccess },
+                },
+            },
         },
-      },
-    },
-    responses: responses(),
-  }),
-  async (c) => {
-    //apiHit(c, { endpoint: "api/auth/setUserRoles" });
-    const userData = await c.req.json();
-    try {
-      const userUPD: any = await updateUserADM(userData);
-      //return apiReturn(c, true, access?.message, access?.data, 200);
-      return c.json(
-        {
-          success: userUPD.success,
-          message: userUPD.message,
-          data: userUPD.data,
-        },
-        200
-      );
-    } catch (error) {
-      console.log(error);
-      //return apiReturn(c, false, "Error in setting the user access", error, 400);
-      return c.json(
-        {
-          success: false,
-          message: "Error in setting the user access",
-          data: error,
-        },
-        400
-      );
+        responses: responses(),
+    }),
+    async (c) => {
+        //apiHit(c, { endpoint: "api/auth/setUserRoles" });
+        const userData = await c.req.json();
+        try {
+            const userUPD: any = await updateUserADM(userData);
+            //return apiReturn(c, true, access?.message, access?.data, 200);
+            return c.json(
+                {
+                    success: userUPD.success,
+                    message: userUPD.message,
+                    data: userUPD.data,
+                },
+                200
+            );
+        } catch (error) {
+            console.log(error);
+            //return apiReturn(c, false, "Error in setting the user access", error, 400);
+            return c.json(
+                {
+                    success: false,
+                    message: "Error in setting the user access",
+                    data: error,
+                },
+                400
+            );
+        }
     }
-  }
 );
 export default app;

server/services/notifications/utils/views/passwordReset.hbs

@@ -0,0 +1,36 @@
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        {{!--<title>Order Summary</title> --}}
+        {{> styles}}
+        <style>
+            pre {
+                background-color: #f8f9fa;
+                color: #d63384;
+                padding: 10px;
+                border-radius: 5px;
+                white-space: pre-wrap;
+                font-family: monospace;
+            }
+        </style>
+        {{!-- <link rel="stylesheet" href="styles/styles.css" /> --}}
+    </head>
+    <body>
+        <p>
+            Dear {{username}},<br/><br/>
+
+            Your password was change. Please find your new temporary password below:<br/><br/>
+
+            Temporary Password:     <em><b>{{password}}</b></em><br/><br/>
+
+            For security reasons, we strongly recommend changing your password as soon as possible.<br/><br/>
+            
+            You can update it by logging into your account and navigating to the password settings section.<br/><br/>
+
+            Best regards,<br/><br/>
+            LST team<br/>
+        </p>
+       
+    </body>
+</html>