feat: add email verification and password reset

Made-with: Cursor

src/routes/auth.ts

@@ -36,6 +36,38 @@ const refreshTokenSchema = {
 
 const logoutSchema = refreshTokenSchema;
 
+const verifyEmailSchema = {
+  body: {
+    type: 'object',
+    required: ['userId', 'code'],
+    properties: {
+      userId: { type: 'string', minLength: 1 },
+      code: { type: 'string', minLength: 1, maxLength: 10 },
+    },
+  },
+};
+
+const forgotPasswordSchema = {
+  body: {
+    type: 'object',
+    required: ['email'],
+    properties: {
+      email: { type: 'string', minLength: 1 },
+    },
+  },
+};
+
+const resetPasswordSchema = {
+  body: {
+    type: 'object',
+    required: ['token', 'newPassword'],
+    properties: {
+      token: { type: 'string' },
+      newPassword: { type: 'string', minLength: 8 },
+    },
+  },
+};
+
 export async function authRoutes(app: FastifyInstance) {
   const authService = new AuthService(app.db);
 
@@ -100,4 +132,36 @@ export async function authRoutes(app: FastifyInstance) {
       return reply.send(result);
     },
   );
+
+  app.post(
+    '/verify-email',
+    { schema: verifyEmailSchema },
+    async (req, reply) => {
+      const body = req.body as { userId: string; code: string };
+      await authService.verifyEmail(body.userId, body.code);
+      return reply.send({ message: 'Email verified successfully' });
+    },
+  );
+
+  app.post(
+    '/forgot-password',
+    { schema: forgotPasswordSchema },
+    async (req, reply) => {
+      const body = req.body as { email: string };
+      await authService.forgotPassword(body.email);
+      return reply.send({
+        message: 'If the email exists, a reset link has been sent.',
+      });
+    },
+  );
+
+  app.post(
+    '/reset-password',
+    { schema: resetPasswordSchema },
+    async (req, reply) => {
+      const body = req.body as { token: string; newPassword: string };
+      await authService.resetPassword(body.token, body.newPassword);
+      return reply.send({ message: 'Password reset successfully' });
+    },
+  );
 }