diff --git a/backend/app/routers/auth.py b/backend/app/routers/auth.py index ee40213..5041949 100644 --- a/backend/app/routers/auth.py +++ b/backend/app/routers/auth.py @@ -160,16 +160,14 @@ def reset_password(request: ResetPasswordRequest, db: Session = Depends(get_db)) raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found", - Send PIN via email - email_sent = send_password_reset_pin(request.email, pin, expires_minutes=15) + ) - if not email_sent: - # If email sending fails, still print to console for development - print(f"\n⚠️ Email not sent. Password Reset PIN for {request.email}: {pin}") - print(f"Expires at: {user.pin_expires_at}\n") + # Update password + user.hashed_password = get_password_hash(request.new_password) + db.commit() - return { - "message": "If the email exists, a PIN has been sent to your email", + return {"message": "Password reset successful"} + @router.post("/request-reset-pin") def request_reset_pin(request: RequestPinRequest, db: Session = Depends(get_db)): @@ -189,14 +187,16 @@ def request_reset_pin(request: RequestPinRequest, db: Session = Depends(get_db)) user.pin_expires_at = datetime.utcnow() + timedelta(minutes=15) db.commit() - # TODO: Send PIN via email - # For now, print it (REMOVE IN PRODUCTION) - print(f"\n✅ Password Reset PIN for {request.email}: {pin}") - print(f"Expires at: {user.pin_expires_at}\n") + # Send PIN via email + email_sent = send_password_reset_pin(request.email, pin, expires_minutes=15) + + if not email_sent: + # If email sending fails, still print to console for development + print(f"\n⚠️ Email not sent. Password Reset PIN for {request.email}: {pin}") + print(f"Expires at: {user.pin_expires_at}\n") return { - "message": "If the email exists, a PIN has been sent", - "pin": pin # REMOVE IN PRODUCTION - only for testing + "message": "If the email exists, a PIN has been sent to your email", } diff --git a/brand-master-chart/values.yaml b/brand-master-chart/values.yaml index 0b5e2ea..7892a7f 100644 --- a/brand-master-chart/values.yaml +++ b/brand-master-chart/values.yaml @@ -35,9 +35,9 @@ backend: # Email configuration for password reset (optional) SMTP_HOST: "smtp.gmail.com" SMTP_PORT: "587" - SMTP_USERNAME: "" - SMTP_PASSWORD: "" - SMTP_FROM: "noreply@brand-master.com" + SMTP_USERNAME: "dvirlabs@gmail.com" + SMTP_PASSWORD: "tlet bebr jwbe amzw" + SMTP_FROM: "dvirlabs@gmail.com" # JWT Secret Key (IMPORTANT: Change this in production!) jwtSecretKey: "your-secret-key-change-this-in-production"