Fix - Recover route

This route became faulty due to recent code changes, let's now fix it.

With the new features we implemented in this module, the route to recover a user stopped working. This is because we are now checking who is trying to perform this operation in order to allow them or not. Well, if the account has been deleted, how can the user identify himself? Let's then fix this route.

Now, in order to recover an account, an email and password shall be sent. We can then use the LoginDto. In the UsersController, let's alter the recover() route by:

• Making it use only this DTO

• Making it public

• Altering its path

• Relocating it above the update() route

@Public()
@Patch('recover')
recover(@Body() loginDto: LoginDto) {
  return this.usersService.recover(loginDto);
}

The last change is necessary because, otherwise, this route would become inaccessible due to the new path. It would be understood that "recover" is the id to be used in order to update a user.

And this would be the final form of the recover() method in the service. Note that it became very similar to the validateLocal() method.

async recover(loginDto: LoginDto) {
  const { email, password } = loginDto;

  const user = await this.usersRepository.findOne({
    where: { email },
    relations: {
      orders: {
        items: true,
        payment: true,
      },
    },
    withDeleted: true,
  });
  if (!user) {
    throw new UnauthorizedException('Invalid email');
  }

  const isMatch = await this.hashingService.compare(password, user.password);
  if (!isMatch) {
    throw new UnauthorizedException('Invalid password');
  }

  if (!user.isDeleted) {
    throw new ConflictException('User not deleted');
  }

  return this.usersRepository.recover(user);
}

Commit - Fixing recover route