Added in base code for reset email

Signed-off-by: rodude123 <rodude123@gmail.com>

dist/api/index.php

@@ -39,7 +39,7 @@ $app->setBasePath("/api");
 // return all responses as JSON
 $app->add(function($request, $handler) {
     $response = $handler->handle($request);
-    return $response->withHeader('Content-Type', 'application/json');
+    return $response->withHeader("Content-Type", "application/json");
 });
 
 $timelineData = new timelineData();
@@ -54,12 +54,14 @@ $app->get("/timelineData/{timeline}", function (Request $request, Response $resp
     //otherwise return an error
     if($args["timeline"] == "edu")
     {
-        return $response->getBody()->write(json_encode($timelineData->getEduData()));
+        $response->getBody()->write(json_encode($timelineData->getEduData()));
+        return $response;
     }
     
     if($args["timeline"] == "work")
     {
-        return $response->getBody()->write(json_encode($timelineData->getWorkData()));
+        $response->getBody()->write(json_encode($timelineData->getWorkData()));
+        return $response;
     }
     
     // something went wrong
@@ -67,7 +69,7 @@ $app->get("/timelineData/{timeline}", function (Request $request, Response $resp
     return $response->withStatus(404);
 });
 
-$app->get('/projectData', function (Request $request, Response $response)
+$app->get("/projectData", function (Request $request, Response $response)
 {
     global $projectData;
 
@@ -86,7 +88,7 @@ $app->get('/projectData', function (Request $request, Response $response)
     return $response;
 });
 
-$app->post('/contact', function (Request $request, Response $response)
+$app->post("/contact", function (Request $request, Response $response)
 {
     $data = $request->getParsedBody();
     if(empty($data["fName"]) || empty($data["lName"]) || empty($data["email"]) || empty($data["subject"]) || empty($data["message"]))
@@ -259,7 +261,7 @@ $app->post('/contact', function (Request $request, Response $response)
     return $response->withStatus(201);
 });
 
-$app->post('/user/login', function (Request $request, Response $response) {
+$app->post("/user/login", function (Request $request, Response $response) {
     
     global $user;
     
@@ -282,7 +284,7 @@ $app->post('/user/login', function (Request $request, Response $response) {
     return $response->withStatus(401);
 });
 
-$app->get('/user/isLoggedIn', function (Request $request, Response $response) {
+$app->get("/user/isLoggedIn", function (Request $request, Response $response) {
     
     global $user;
 
@@ -302,4 +304,55 @@ $app->get('/user/isLoggedIn', function (Request $request, Response $response) {
     return $response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
 });
 
+$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
+{
+    global $user;
+    
+    if (empty($args["email"]))
+    {
+        // uh oh sent empty data
+        return $response->withStatus(400);
+    }
+    
+    if ($user->checkEmail($args["email"]))
+    {
+        // yay email does exist
+        $token = $user->sendResetEmail($args["email"]);
+        $_SESSION["resetToken"] = $token;
+        $_SESSION["resetEmail"] = $args["email"];
+        return $response;
+    }
+    return $response->withStatus(404);
+});
+
+$app->get("/user/resendEmail", function (Request $request, Response $response) 
+{
+    if (empty($_SESSION["resetToken"]))
+    {
+        // uh oh not authorized to resend email
+        return $response->withStatus(401);
+    }
+    global $user;
+    $user->sendResetEmail($_SESSION["resetEmail"]);
+    return $response;
+});
+
+$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
+{
+    global $user;
+    
+    if (empty($args["code"]))
+    {
+        // uh oh sent empty data
+        return $response->withStatus(400);
+    }
+    
+    if ($_SESSION["resetToken"] === $args["code"])
+    {
+        // yay, code code matches
+        return $response;
+    }
+    return $response->withStatus(401);
+});
+
 $app->run();

dist/api/timelineData.php

@@ -42,5 +42,4 @@ class timelineData
         return array("errorMessage" => "Error, work data not found");
     }
     
-    
 }

dist/api/user.php

@@ -35,4 +35,50 @@ class user
     {
         return uniqid("rpe-");
     }
+
+    function checkEmail($email): bool
+    {
+        $conn = dbConn();
+        $stmt = $conn->prepare("SELECT * FROM users WHERE email = :email");
+        $stmt->bindParam(":email", $email);
+        $stmt->execute();
+
+        // set the resulting array to associative
+        $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+        if ($result)
+        {
+            return true;
+        }
+        return false;
+    }
+    
+    function sendResetEmail($email): string
+    {
+        //generate a random token and email the address
+        $token = $this->createToken();
+        $headers1 = "From: noreply@rohitpai.co.uk\r\n";
+        $headers1 .= "MIME-Version: 1.0\r\n";
+        $headers1 .= "Content-Type: text/html; charset=UTF-8\r\n";
+        
+        $message = "
+        <!doctype html>
+        <html lang='en'>
+        <head>
+        <meta charset='UTF-8'>
+        <meta name='viewport' content='width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
+                 <meta http-equiv='X-UA-Compatible' content='ie=edge'>
+        <title>Document</title>
+        </head>
+        <body>
+            <h1>Reset Password Verification Code</h1>
+            <br>
+            <p>Please enter the following code to reset your password: $token</p>            
+        </body>
+        </html>
+        ";
+        
+        mail($email, "Reset Password Verification Code", $message, $headers1);
+        return $token;
+    }
 }