Password Reset logic and Testing#17
Merged
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a password reset flow (forgot-password email + token-based reset) and adds automated testing coverage across unit/integration (Jest) and e2e (Playwright), including CI wiring to run these tests.
Changes:
- Added forgot-password and reset-password API routes plus a token-based reset password page.
- Introduced Jest + React Testing Library test setup and a set of unit/integration tests (including snapshots).
- Added Playwright config + an e2e smoke test suite and a GitHub Actions workflow to run tests.
Reviewed changes
Copilot reviewed 30 out of 33 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| test-results/.last-run.json | Adds Playwright last-run artifact output. |
| playwright.config.js | Adds Playwright runner configuration and webServer startup. |
| package.json | Adds test scripts + testing deps; updates next-auth; adjusts deps. |
| models/User.js | Adds password reset token/expiry fields to User schema. |
| jest.setup.js | Adds Jest DOM setup + mocks for Next.js/next-auth/next-themes. |
| jest.config.js | Adds Next.js-compatible Jest configuration. |
| e2e/flows.spec.js | Adds Playwright e2e flow tests (home/nav/theme). |
| app/api/reset-password/route.js | Adds reset-password POST endpoint. |
| app/api/generate-otp/route.js | Removes unused/placeholder OTP generation route implementation. |
| app/api/forgot-password/route.js | Adds forgot-password POST endpoint (token + email). |
| app/(Auth)/reset-password/page.js | Removes old non-token reset-password page. |
| app/(Auth)/reset-password/[token]/page.js | Adds token-based reset-password UI that posts new password. |
| app/(Auth)/login/page.js | Adds “Forgot Password?” action to call forgot-password API. |
| .github/workflows/test.yml | Adds CI workflow to run Jest + Playwright tests. |
| .github/workflows/ci-cd.yml | Renames workflow. |
| tests/utils.db.test.js | Adds unit tests for Mongo connection helper. |
| tests/snapshot.js | Adds homepage snapshot test. |
| tests/services.chat.test.js | Adds unit tests for chat service Firestore interactions. |
| tests/pages.newjob.test.jsx | Adds component-level tests for New Job page. |
| tests/pages.home.test.jsx | Adds homepage behavior tests (role redirects/unauthenticated). |
| tests/page.test.jsx | Adds basic homepage render test. |
| tests/hooks.useMessages.test.jsx | Adds hook tests for messages subscription behavior. |
| tests/hooks.useConversations.test.jsx | Adds hook tests for conversations subscription behavior. |
| tests/hooks.useChat.test.jsx | Adds hook tests for chat subscription behavior. |
| tests/components.theme-switch.test.jsx | Adds tests for theme switch behavior. |
| tests/components.Sidebar.test.jsx | Adds Sidebar rendering/active-state tests. |
| tests/components.Navbar.test.jsx | Adds Navbar rendering/auth-state tests. |
| tests/components.Footer.test.jsx | Adds Footer rendering test. |
| tests/api.jobs.test.js | Adds route-handler tests for jobs API (GET/POST). |
| tests/api.auth.test.js | Adds tests for NextAuth callbacks/credentials authorize logic. |
| tests/snapshots/snapshot.js.snap | Adds stored snapshot output for homepage snapshot test. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+1
to
+2
| import { connectDB } from "@/lib/db"; | ||
| import User from "@/models/User"; |
Comment on lines
+19
to
+20
| user.resetToken = token; | ||
| user.resetTokenExpiry = Date.now() + 1000 * 60 * 15; // 15 min |
Comment on lines
+1
to
+8
| import { connectDB } from "@/lib/db"; | ||
| import User from "@/models/User"; | ||
| import bcrypt from "bcryptjs"; | ||
|
|
||
| export async function POST(req) { | ||
| const { token, password } = await req.json(); | ||
|
|
||
| await connectDB(); |
Comment on lines
+10
to
+13
| const user = await User.findOne({ | ||
| resetToken: token, | ||
| resetTokenExpiry: { $gt: Date.now() }, | ||
| }); |
Comment on lines
+7
to
+14
| const handleSubmit = async () => { | ||
| const res = await fetch("/api/auth/reset-password", { | ||
| method: "POST", | ||
| body: JSON.stringify({ | ||
| token: params.token, | ||
| password, | ||
| }), | ||
| }); |
| "next": "^16.0.7", | ||
| "next-auth": "^4.24.8", | ||
| "next-auth": "^4.24.13", | ||
| "next-themes": "^0.4.6", |
Comment on lines
+27
to
+32
| resetPasswordToken: { | ||
| type: String, | ||
| }, | ||
| resetPasswordExpiry: { | ||
| type: Date, | ||
| }, |
Comment on lines
+1
to
+4
| { | ||
| "status": "passed", | ||
| "failedTests": [] | ||
| } No newline at end of file |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added the password reseting logic along with a test suit for unit, integration and e2e testing