feat!: reset password with email

backend/prisma/migrations/20230209101345_reset_password/migration.sql

@@ -0,0 +1,14 @@
+-- CreateTable
+CREATE TABLE "ResetPasswordToken" (
+    "token" TEXT NOT NULL PRIMARY KEY,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "expiresAt" DATETIME NOT NULL,
+    "userId" TEXT NOT NULL,
+    CONSTRAINT "ResetPasswordToken_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- Disable TOTP as secret isn't encrypted anymore
+UPDATE User SET totpEnabled=false, totpSecret=null, totpVerified=false WHERE totpSecret IS NOT NULL;
+
+-- CreateIndex
+CREATE UNIQUE INDEX "ResetPasswordToken_userId_key" ON "ResetPasswordToken"("userId");

backend/prisma/schema.prisma

@@ -22,9 +22,10 @@ model User {
   loginTokens   LoginToken[]
   reverseShares ReverseShare[]
 
-  totpEnabled  Boolean @default(false)
-  totpVerified Boolean @default(false)
-  totpSecret   String?
+  totpEnabled        Boolean              @default(false)
+  totpVerified       Boolean              @default(false)
+  totpSecret         String?
+  resetPasswordToken ResetPasswordToken?
 }
 
 model RefreshToken {
@@ -49,6 +50,16 @@ model LoginToken {
   used   Boolean @default(false)
 }
 
+model ResetPasswordToken {
+  token     String   @id @default(uuid())
+  createdAt DateTime @default(now())
+
+  expiresAt DateTime
+
+  userId String @unique
+  user   User    @relation(fields: [userId], references: [id], onDelete: Cascade)
+}
+
 model Share {
   id        String   @id @default(uuid())
   createdAt DateTime @default(now())

backend/prisma/seed/config.seed.ts

@@ -21,15 +21,6 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "internal",
     locked: true,
   },
-  {
-    order: 0,
-    key: "TOTP_SECRET",
-    description: "A 16 byte random string used to generate TOTP secrets",
-    type: "string",
-    value: crypto.randomBytes(16).toString("base64"),
-    category: "internal",
-    locked: true,
-  },
   {
     order: 1,
     key: "APP_URL",
@@ -89,6 +80,15 @@ const configVariables: Prisma.ConfigCreateInput[] = [
   },
   {
     order: 7,
+    key: "SHARE_RECEPIENTS_EMAIL_SUBJECT",
+    description:
+      "Subject of the email which gets sent to the share recipients.",
+    type: "string",
+    value: "Files shared with you",
+    category: "email",
+  },
+  {
+    order: 8,
     key: "SHARE_RECEPIENTS_EMAIL_MESSAGE",
     description:
       "Message which gets sent to the share recipients. {creator} and {shareUrl} will be replaced with the creator's name and the share URL.",
@@ -98,16 +98,16 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "email",
   },
   {
-    order: 8,
-    key: "SHARE_RECEPIENTS_EMAIL_SUBJECT",
+    order: 9,
+    key: "REVERSE_SHARE_EMAIL_SUBJECT",
     description:
-      "Subject of the email which gets sent to the share recipients.",
+      "Subject of the email which gets sent when someone created a share with your reverse share link.",
     type: "string",
-    value: "Files shared with you",
+    value: "Reverse share link used",
     category: "email",
   },
   {
-    order: 9,
+    order: 10,
     key: "REVERSE_SHARE_EMAIL_MESSAGE",
     description:
       "Message which gets sent when someone created a share with your reverse share link. {shareUrl} will be replaced with the creator's name and the share URL.",
@@ -117,16 +117,27 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "email",
   },
   {
-    order: 10,
-    key: "REVERSE_SHARE_EMAIL_SUBJECT",
+    order: 11,
+    key: "RESET_PASSWORD_EMAIL_SUBJECT",
     description:
-      "Subject of the email which gets sent when someone created a share with your reverse share link.",
+      "Subject of the email which gets sent when a user requests a password reset.",
     type: "string",
-    value: "Reverse share link used",
+    value: "Pingvin Share password reset",
     category: "email",
   },
   {
-    order: 11,
+    order: 12,
+    key: "RESET_PASSWORD_EMAIL_MESSAGE",
+    description:
+      "Message which gets sent when a user requests a password reset. {url} will be replaced with the reset password URL.",
+    type: "text",
+    value:
+      "Hey!\nYou requested a password reset. Click this link to reset your password: {url}\nThe link expires in a hour.\nPingvin Share 🐧",
+    category: "email",
+  },
+
+  {
+    order: 13,
     key: "SMTP_ENABLED",
     description:
       "Whether SMTP is enabled. Only set this to true if you entered the host, port, email, user and password of your SMTP server.",
@@ -136,7 +147,7 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     secret: false,
   },
   {
-    order: 12,
+    order: 14,
     key: "SMTP_HOST",
     description: "Host of the SMTP server",
     type: "string",
@@ -144,7 +155,7 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "smtp",
   },
   {
-    order: 13,
+    order: 15,
     key: "SMTP_PORT",
     description: "Port of the SMTP server",
     type: "number",
@@ -152,7 +163,7 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "smtp",
   },
   {
-    order: 14,
+    order: 16,
     key: "SMTP_EMAIL",
     description: "Email address which the emails get sent from",
     type: "string",
@@ -160,7 +171,7 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "smtp",
   },
   {
-    order: 15,
+    order: 17,
     key: "SMTP_USERNAME",
     description: "Username of the SMTP server",
     type: "string",
@@ -168,7 +179,7 @@ const configVariables: Prisma.ConfigCreateInput[] = [
     category: "smtp",
   },
   {
-    order: 16,
+    order: 18,
     key: "SMTP_PASSWORD",
     description: "Password of the SMTP server",
     type: "string",