implemented verify-reset-code endpoint

app/backend/src/main/java/com/app/gamereview/controller/AuthController.java

@@ -3,19 +3,22 @@
 import com.app.gamereview.dto.request.LoginUserRequestDto;
 import com.app.gamereview.dto.request.ChangeUserPasswordRequestDto;
 import com.app.gamereview.dto.request.RegisterUserRequestDto;
+import com.app.gamereview.dto.request.VerifyResetCodeRequestDto;
 import com.app.gamereview.dto.response.LoginUserResponseDto;
 import com.app.gamereview.model.ResetCode;
 import com.app.gamereview.model.User;
 import com.app.gamereview.repository.ResetCodeRepository;
 import com.app.gamereview.service.AuthService;
 import com.app.gamereview.service.EmailService;
 import com.app.gamereview.service.UserService;
+import com.app.gamereview.util.JwtUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.Date;
+import java.util.Optional;
 import java.util.UUID;
 
 @RestController
@@ -72,6 +75,32 @@ public ResponseEntity<String> forgotPassword(@RequestParam String email) {
 
         return ResponseEntity.ok("Reset code sent successfully");
     }
+
+    @PostMapping("/verify-reset-code")
+    public ResponseEntity<String> verifyResetCode(@RequestBody VerifyResetCodeRequestDto request) {
+        Optional<ResetCode> resetCodeOptional = resetCodeRepository.findByCode(request.getResetCode());
+        if (resetCodeOptional.isEmpty() || resetCodeOptional.get().getExpirationDate().before(new Date())) {
+            // Invalid or expired reset code
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid or expired reset code");
+        }
+
+        ResetCode resetCode = resetCodeOptional.get();
+
+        // Check if the reset code matches the user
+        String userEmail = userService.getUserById(resetCode.getUserId()).getEmail();
+        if (!userEmail.equals(request.getUserEmail())) {
+            // Reset code does not match the user
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(userEmail+ "  " + request.getUserEmail());
+        }
+
+        // Reset code is valid, generate a JWT token for the user
+        String token = JwtUtil.generateToken(userService.getUserById(resetCode.getUserId()).getEmail());
+
+        // Clear the reset code after generating the token
+        resetCodeRepository.deleteByUserId(resetCode.getUserId());
+
+        return ResponseEntity.ok(token);
+    }
     private String generateResetCode(String userId) {
         // Check if a reset code exists for the user
         ResetCode existingResetCode = resetCodeRepository.findByUserId(userId);

app/backend/src/main/java/com/app/gamereview/dto/request/VerifyResetCodeRequestDto.java

@@ -0,0 +1,12 @@
+package com.app.gamereview.dto.request;
+
+import lombok.Getter;
+
+@Getter
+public class VerifyResetCodeRequestDto {
+
+    private String resetCode;
+
+    private String userEmail;
+
+}

app/backend/src/main/java/com/app/gamereview/repository/ResetCodeRepository.java

@@ -3,8 +3,10 @@
 import com.app.gamereview.model.ResetCode;
 import org.springframework.data.mongodb.repository.MongoRepository;
 
+import java.util.Optional;
+
 public interface ResetCodeRepository extends MongoRepository<ResetCode, String> {
     ResetCode findByUserId(String userId);
-    ResetCode findByCode(String code);
+    Optional<ResetCode> findByCode(String code);
     void deleteByUserId(String userId);
 }