action_update.go

@@ -17,6 +17,12 @@ type UpdateOptions struct {
 	Other  string
 }
 
+// ChangePasswordOptions ...
+type ChangePasswordOptions struct {
+	OldPassword string
+	NewPassword string
+}
+
 // UpdateByUserID ...
 func (s Service) UpdateByUserID(userID string, payload UpdateOptions) error {
 	var (
@@ -57,33 +63,34 @@ func (s Service) UpdateByUserID(userID string, payload UpdateOptions) error {
 	return nil
 }
 
-// ChangePasswordByUserID ...
+// ChangeUserPassword ...
-func (s Service) ChangePasswordByUserID(userID, oldPassword, newPassword string) error {
+func (s Service) ChangeUserPassword(userID string, opt ChangePasswordOptions) error {
 	var (
 		ctx = context.Background()
-		id, _ = mongodb.NewIDFromString(userID)
 	)
 
-	if oldPassword == "" || newPassword == "" {
+	// Validate payload
-		return errors.New("new password and old password cannot be empty")
+	err := opt.validate(userID)
+	if err != nil {
+		return err
 	}
 
 	// Find user
+	id, _ := mongodb.NewIDFromString(userID)
 	user, _ := s.userFindByID(ctx, id)
 	if user.ID.IsZero() {
-		return errors.New("user does not exist")
+		return errors.New("user not found")
 	}
 
 	// Check old password
-	isValid := checkPasswordHash(oldPassword, user.HashedPassword)
+	if isValid := checkPasswordHash(opt.OldPassword, user.HashedPassword); !isValid {
-	if !isValid {
 		return errors.New("the password is incorrect")
 	}
 
 	// Update password
-	err := s.userUpdateOneByCondition(ctx, bson.M{"_id": user.ID}, bson.M{
+	err = s.userUpdateOneByCondition(ctx, bson.M{"_id": user.ID}, bson.M{
 		"$set": bson.M{
-			"hashedPassword": hashPassword(newPassword),
+			"hashedPassword": hashPassword(opt.NewPassword),
 			"updatedAt":      now(),
 		},
 	})
@@ -94,14 +101,19 @@ func (s Service) ChangePasswordByUserID(userID, oldPassword, newPassword string)
 	return nil
 }
 
-// ChangeStatusByUserID ...
+// ChangeUserStatus ...
-func (s Service) ChangeStatusByUserID(userID, newStatus string) error {
+func (s Service) ChangeUserStatus(userID, newStatus string) error {
 	var (
 		ctx = context.Background()
-		id, _ = mongodb.NewIDFromString(userID)
 	)
 
-	// Update password
+	// Validate userID
+	id, isValid := mongodb.NewIDFromString(userID)
+	if !isValid {
+		return errors.New("invalid user id data")
+	}
+
+	// Update status
 	err := s.userUpdateOneByCondition(ctx, bson.M{"_id": id}, bson.M{
 		"$set": bson.M{
 			"status":    newStatus,

validate.go

@@ -123,3 +123,23 @@ func (co UpdateOptions) validate(ctx context.Context) error {
 
 	return nil
 }
+
+func (co ChangePasswordOptions) validate(userID string) error {
+	// OldPassword, NewPassword
+	if co.OldPassword == "" || co.NewPassword == "" {
+		logger.Error("usermngmt - ChangePassword: old or new password cannot be empty", logger.LogData{
+			"payload": co,
+		})
+		return errors.New("old or new password cannot be empty")
+	}
+
+	// UserID
+	if _, isValid := mongodb.NewIDFromString(userID); !isValid {
+		logger.Error("usermngmt - ChangePassword: invalid userID data", logger.LogData{
+			"payload": co,
+		})
+		return errors.New("invalid user id data")
+	}
+
+	return nil
+}