Improving The OTP functionality

[Harshdev098]

Issue Summary

Inhancing the OTP fucntionality implemented for forgot password

Issue Description

Currently the OTP is generated by random string, replace it by using an npm package otp-generator
Also implement feature for expiration of otp currently the otp code is saved but its should be erased after 2 minutes (changes should be done in frontend + database)

Proposed Solution (Optional)

No response

Priority

High - Requires urgent attention

Category

• Enhancement
• Refactor
• Security
• Design
• Other

Additional Context (Optional)

No response

[prajwal2431]

i would like to contribute on this

[Harshdev098]

Sure, Will add labels on 1st Jan

[prajwal2431]

is the otp sending feature added ? i have tried to reset the password but i doesnt got any email with code

[Harshdev098]

It was previously working but because nodemailer module is now deprecated it's not sending mails

[prajwal2431]

Should I make that change? Should I use EmailJS as a third-party tool, or do you have any other recommendations?

[Harshdev098]

Yah sure you can do that, just create an issue regarding that I will assign you

[prajwal2431]

ohk i will create the issue

[prajwal2431]

can you add that swoc label to the issue and also to the issue i have created

[prajwal2431]

i will start this issue when my previous pr is merged ok

[Harshdev098]

@prajwal2431 No worry will merge the PR,
You can start working on new issues and open the pr with different branches, also ensure that the previous changes should not be included in the new ones

[prajwal2431]

Should an OTP contain capital letters, small letters, and special characters?

[Harshdev098]

You can do that too

[prajwal2431]

yeah sure

[prajwal2431]

Is it acceptable to work with the existing OTP section in the database, just by adding an expiration time? as i have added in docker so its changed from my side even though i have changes the branch

[Harshdev098]

@prajwal2431 I didn't get your points, I think you should open a draft pr for this issue.

[prajwal2431]

In my previous pr I have updated docker image for OTP column right so now even when I am on previous forked repo (without changes) still the docker image have that OTP column I was just saying that only

[Harshdev098]

@prajwal2431 Oh, yes it's not acceptable that the new pr should consist the previous prs commit you can resolve it by moving to the default branch and pull the changes from the origin git pull origin main and built a new branch from there. If still the changes persist you can use rebase or cherry-pick for it

[prajwal2431]

Even when done this docker image is still be the same so what to do

[prajwal2431]

Actual codebase is not changed but docker image have the column of OTP still maybe it will not give the conflict. Conflict will be occur if the code base is same so it's ok maybe

[Harshdev098]

Can you make a draft pr with the current changes, I just want to see

[prajwal2431]

Now will pull the main repo and will enhance OTP functionality

[Harshdev098]

Yes

[prajwal2431]

There is endpoint issue right as youre calling resetpassword endpoint and there is reset function