[NEW] REST endpoint to recover forgotten password (#10371)

* Add REST /forgotPassword endpoint and tests * Add REST /forgotPassword endpoint and tests * Remove endpoint, from wrong file * Moving endpoint from /forgotPassword to /users.forgotPassword
7 years ago · 16b6190a2c
parent 5187149d9c
commit 16b6190a2c
2 changed files with 43 additions and 0 deletions
--- a/packages/rocketchat-api/server/v1/users.js
+++ b/packages/rocketchat-api/server/v1/users.js
@ -394,3 +394,18 @@ RocketChat.API.v1.addRoute('user.roles', { authRequired: true }, {
 		}));
 	}
 });
+
+RocketChat.API.v1.addRoute('users.forgotPassword', { authRequired: false }, {
+	post() {
+		const { email } = this.bodyParams;
+		if (!email) {
+			return RocketChat.API.v1.failure('The \'email\' param is required');
+		}
+
+		const emailSent = Meteor.call('sendForgotPasswordEmail', email);
+		if (emailSent) {
+			return RocketChat.API.v1.success();
+		}
+		return RocketChat.API.v1.failure('User not found');
+	}
+});
--- a/tests/end-to-end/api/01-users.js
+++ b/tests/end-to-end/api/01-users.js
@ -589,4 +589,32 @@ describe('[Users]', function() {
 				.end(done);
 		});
 	});
+
+	describe('[/users.forgotPassword]', () => {
+		it('should send email to user (return success), when is a valid email', (done) => {
+			request.post(api('users.forgotPassword'))
+				.send({
+					email: adminEmail
+				})
+				.expect('Content-Type', 'application/json')
+				.expect(200)
+				.expect((res) => {
+					expect(res.body).to.have.property('success', true);
+				})
+				.end(done);
+		});
+
+		it('should not send email to user(return error), when is a invalid email', (done) => {
+			request.post(api('users.forgotPassword'))
+				.send({
+					email: 'invalidEmail'
+				})
+				.expect('Content-Type', 'application/json')
+				.expect(400)
+				.expect((res) => {
+					expect(res.body).to.have.property('success', false);
+				})
+				.end(done);
+		});
+	});
 });