feat: forgot password (#24)

* make login/reg pages look like openai's

* add password reset data services

* new form designs similar to openai, add password reset pages

* add api's for password reset

* email utils for password reset

* remove bcrypt salt rounds from process.env

Author: danorlando

api/models/User.js

@@ -167,23 +167,14 @@ userSchema.methods.comparePassword = function (candidatePassword, callback) {
 };
 
 module.exports.hashPassword = async (password) => {
-  const saltRounds = 10;
 
   const hashedPassword = await new Promise((resolve, reject) => {
-    bcrypt.hash(password, saltRounds, function (err, hash) {
+    bcrypt.hash(password, 10, function (err, hash) {
       if (err) reject(err);
       else resolve(hash);
     });
   });
 
-  log({
-    title: 'Hash Password',
-    parameters: [
-      { name: 'password', value: password },
-      { name: 'hashed password', value: hashedPassword }
-    ]
-  });
-
   return hashedPassword;
 };
 

api/models/schema/tokenSchema.js

@@ -0,0 +1,22 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const tokenSchema = new Schema({
+  userId: {
+    type: Schema.Types.ObjectId,
+    required: true,
+    ref: "user",
+  },
+  token: {
+    type: String,
+    required: true,
+  },
+  createdAt: {
+    type: Date,
+    required: true,
+    default: Date.now,
+    expires: 900,
+  },
+});
+
+module.exports = mongoose.model("Token", tokenSchema);