Merge pull request #5 from Nuxify/feature/remove-current-user-field

fix(user): remove current user field in update user password endpoint…

Author: kabaluyot

docs/openapi.json

@@ -496,13 +496,10 @@
         }
       },
       "UpdateUserPasswordRequest": {
-        "required": ["currentPassword", "newPassword"],
+        "required": ["password"],
         "type": "object",
         "properties": {
-          "currentPassword": {
-            "type": "string"
-          },
-          "newPassword": {
+          "password": {
             "type": "string"
           }
         }

interfaces/servicecontainer.go

@@ -94,17 +94,10 @@ func (k *kernel) userCommandServiceContainer() *userService.UserCommandService {
 		MySQLDBHandlerInterface: mysqlDBHandler,
 	}
 
-	queryRepository := &userRepository.UserQueryRepository{
-		MySQLDBHandlerInterface: mysqlDBHandler,
-	}
-
 	service := &userService.UserCommandService{
 		UserCommandRepositoryInterface: &userRepository.UserCommandRepositoryCircuitBreaker{
 			UserCommandRepositoryInterface: repository,
 		},
-		UserQueryRepositoryInterface: &userRepository.UserQueryRepositoryCircuitBreaker{
-			UserQueryRepositoryInterface: queryRepository,
-		},
 	}
 
 	return service

module/user/infrastructure/repository/UserCommandRepository.go

@@ -84,7 +84,7 @@ func (repository *UserCommandRepository) UpdateUserEmailVerifiedAt(email string)
 func (repository *UserCommandRepository) UpdateUserPassword(data repositoryTypes.UpdateUserPassword) error {
 	user := &entity.User{
 		WalletAddress: data.WalletAddress,
-		Password:      data.NewPassword,
+		Password:      data.Password,
 	}
 
 	// update users

module/user/infrastructure/repository/types/dto.go

@@ -15,7 +15,6 @@ type UpdateUser struct {
 }
 
 type UpdateUserPassword struct {
-	WalletAddress   string
-	CurrentPassword string
-	NewPassword     string
+	WalletAddress string
+	Password      string
 }

module/user/infrastructure/service/UserCommandService.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"crypto/ecdsa"
 	"encoding/base64"
-	"errors"
 	"fmt"
 	"log"
 
@@ -13,7 +12,6 @@ import (
 	"github.com/hashicorp/vault/shamir"
 	"github.com/segmentio/ksuid"
 
-	apiError "celeste/internal/errors"
 	"celeste/internal/password"
 	"celeste/module/user/domain/repository"
 	repositoryTypes "celeste/module/user/infrastructure/repository/types"
@@ -23,7 +21,6 @@ import (
 // UserCommandService handles the user command service logic
 type UserCommandService struct {
 	repository.UserCommandRepositoryInterface
-	repository.UserQueryRepositoryInterface
 }
 
 // CreateUser create a user
@@ -139,25 +136,14 @@ func (service *UserCommandService) UpdateUserEmailVerifiedAt(ctx context.Context
 
 // UpdateUserPassword update user password by address
 func (service *UserCommandService) UpdateUserPassword(ctx context.Context, data types.UpdateUserPassword) error {
-	// get user by wallet address
-	user, err := service.UserQueryRepositoryInterface.SelectUserByWalletAddress(data.WalletAddress)
-	if err != nil {
-		return err
-	}
-
-	// compare current password
-	if !password.CheckPasswordHash(data.CurrentPassword, user.Password) {
-		return errors.New(apiError.InvalidPassword)
-	}
-
-	hashedPassword, err := password.HashPassword(data.NewPassword)
+	hashedPassword, err := password.HashPassword(data.Password)
 	if err != nil {
 		return err
 	}
 
 	err = service.UserCommandRepositoryInterface.UpdateUserPassword(repositoryTypes.UpdateUserPassword{
 		WalletAddress: data.WalletAddress,
-		NewPassword:   hashedPassword,
+		Password:      hashedPassword,
 	})
 	if err != nil {
 		return err

module/user/infrastructure/service/types/dto.go

@@ -18,7 +18,6 @@ type UpdateUser struct {
 }
 
 type UpdateUserPassword struct {
-	WalletAddress   string
-	CurrentPassword string
-	NewPassword     string
+	WalletAddress string
+	Password      string
 }

module/user/interfaces/http/dto.go

@@ -31,8 +31,7 @@ type UpdateUserEmailVerifiedAtRequest struct {
 }
 
 type UpdateUserPasswordRequest struct {
-	CurrentPassword string `json:"currentPassword" validate:"required"`
-	NewPassword     string `json:"newPassword" validate:"required"`
+	Password string `json:"password" validate:"required"`
 }
 
 type CreateUserResponse struct {

module/user/interfaces/http/rest/UserCommandController.go

@@ -202,19 +202,6 @@ func (controller *UserCommandController) UpdateUserByWalletAddress(w http.Respon
 		return
 	}
 
-	// FIXME: remove this temporary code for allowing demo exploration
-	if walletAddress == "0xd78F31c1181a305C1Afa5F542fFBE7bda97D5C05" {
-		response := viewmodels.HTTPResponseVM{
-			Status:    http.StatusUnauthorized,
-			Success:   false,
-			Message:   "For demo purposes only. Contact support to explore the full features.",
-			ErrorCode: apiError.UnauthorizedAccess,
-		}
-
-		response.JSON(w)
-		return
-	}
-
 	var request types.UpdateUserRequest
 
 	if err := json.NewDecoder(r.Body).Decode(&request); err != nil {
@@ -308,19 +295,6 @@ func (controller *UserCommandController) UpdateUserPassword(w http.ResponseWrite
 		return
 	}
 
-	// FIXME: remove this temporary code for allowing demo exploration
-	if walletAddress == "0xd78F31c1181a305C1Afa5F542fFBE7bda97D5C05" {
-		response := viewmodels.HTTPResponseVM{
-			Status:    http.StatusUnauthorized,
-			Success:   false,
-			Message:   "For demo purposes only. Contact support to explore the full features.",
-			ErrorCode: apiError.UnauthorizedAccess,
-		}
-
-		response.JSON(w)
-		return
-	}
-
 	var request types.UpdateUserPasswordRequest
 
 	if err := json.NewDecoder(r.Body).Decode(&request); err != nil {
@@ -363,9 +337,8 @@ func (controller *UserCommandController) UpdateUserPassword(w http.ResponseWrite
 	}
 
 	err = controller.UserCommandServiceInterface.UpdateUserPassword(context.TODO(), serviceTypes.UpdateUserPassword{
-		WalletAddress:   walletAddress,
-		CurrentPassword: request.CurrentPassword,
-		NewPassword:     request.NewPassword,
+		WalletAddress: walletAddress,
+		Password:      request.Password,
 	})
 	if err != nil {
 		var httpCode int