Skip to content

[FEATURE] Password Recovery and Email Verification using Nodemailer #575

Description

@knoxiboy

Problem Statement

If users forget their password, they cannot access their account since there is no password recovery flow. Users are forced to create a new account, losing all previous chat logs.

Proposed Solution

Implement a secure password reset system:

  1. Email Service: Set up nodemailer in the backend.
  2. Tokens: Add reset token fields (resetPasswordToken, resetPasswordExpires) to the User schema.
  3. Endpoints: Create /api/auth/forgot-password (sends email with token link) and /api/auth/reset-password/:token (updates password).
  4. Views: Build "Forgot Password" forms in the frontend login flow.

Alternatives Considered

Using third-party auth engines like Firebase Auth, but updating the custom local auth stack is preferred to keep self-hosting simple.

Additional Context

Level: Intermediate
Affected Files: backend/src/controllers/auth.controller.js, backend/src/models/user.model.js, frontend/pages/LoginPage.jsx

Can you please assign this issue to me? I would like to work on this.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions