right here create neglect password hyperlink with json internet token (jwt) to create expire token in 10 minutes.
however in token not make it for one time so retailer in database after efficiently OTP confirm i’ve take away from database.
in mongoose mannequin i add a subject title otp has quantity and expire subject in 10 minutes.
consumer.mannequin.js
const mongoose = require("mongoose")
const userSchema = new mongoose.Schema({
title:{
kind:String,
required:true,
trim:true
},
electronic mail:{
kind:String,
required:true
},
otp:{
kind:Quantity,
expires:'10m',
index:true
},
imageUrl:{
kind:String,
default:'avatar.png'
}
})
module.exports = mongoose.mannequin('Person',userSchema)
consumer.controller.js
module.exports.forgetPassword =async (req,res,subsequent)=>{
strive{
const {electronic mail} = req.physique
Person.findOne({electronic mail}).exec(operate(err,consumer){
if(err) throw err;
if(!consumer){
res.json({"error":"Person not
discovered"})
}
else{
let otp=Math.random().toString(5);
consumer=await Person.findOneAndUpdate({
_id:consumer._id},
{$set :{otp}},{new:true});
const {_id,electronic mail} = consumer;
let token=jwt.signal({_id,electronic mail,tokenId:uuidv4()},"SECRET_TOKEN",{expiresIn: '10m' });
let url=HOST_URL+token;
await sendMail(electronic mail,"neglect password hyperlink",url,`your otp is ${consumer.otp}`);
res.standing(200).ship({message:"ship hyperlink to your mail"});
}
}
}catch(err){
subsequent(err)
}
}
module.exports.verifyOtp =async (req,res,subsequent)=>{
strive{
//electronic mail get from token
const {electronic mail,otp}=req.physique;
Person.findOne({electronic mail,otp}).exec(operate(err,consumer){
if(err) throw err
if(!consumer){
res.json({"error":"Hyperlink is Expired"})
}
else{
await Person.updateOne({_id:consumer._id},{$set:{otp:null}});
const token=jwt.signal({_id:consumer._id,tokenId:uuidv4()},"SECRET_TOKEN")
res.header("token",token).json({message:"otp verification success"})
}
}
}catch(err){
subsequent(err)
}
}
verify on consumer facet if token is expired then message token is expired.