Proposed changes

This adds the feature to allow users to request a password reset email. Following are the details.

There are 2 APIs in this, Following are the details

1. lost-password
   It takes a RequestBody of type LostPasswordRequest which contains the userEmail field. Following is the detailed flow step by step

• It checks for the empty Email - If the email is empty it throws the error INVALID_PARAMETER and the flow ends here
• Find the email in the DB using findByName function.
• Get the organization and the fetch the PASSWORD_RESET_EMAIL_TEMPLATE.
• Generates a random token value using generateNewRandomPwd
• Generates an expiry time using with expiry of next 12 hours
• Try to send the Email to the user using a function from a new class EmailCommunicationService
  • this function takes 3 args. (userEmail, token, emailTemplate)
  • this uses org.springframework.mail.javamail.JavaMailSender to send the email
  • If the Email sending is failed the flow end here
  • If the email is sent then it stores the token and expiry in the database. (in User doc)

2. reset-lost-password

• It takes a RequestBody of type ResetLostPasswordRequest which contains token, userEmail, and newPassword. Following is the detailed flow step by step.
• It checks if either of the fields is empty is yes then it throws the error INVALID_PARAMETER and flow ends here
• It first checks for token expiry. If the token is expired it throws the error TOKEN_EXPIRED
• Then it checks the token validity (if the token is correct or not). If the token is not correct it throws the error INVALID_TOKEN.
• If token is not expired and token is valid
  • It then set an empty string in the token
  • Set the expiry to now (to expire the token)
  • It saves the new password (after encrypting it) in the db.

Environment Variables Introduced

• LOWCODER_ADMIN_SMTP_HOST -> This is the host for SMTP server
• LOWCODER_ADMIN_SMTP_PORT -> This is the port for SMTP server
• LOWCODER_ADMIN_SMTP_USERNAME -> This is the email / username used for SMPT authentication
• LOWCODER_ADMIN_SMTP_PASSWORD -> This is the password used for the SMTP authentication
• LOWCODER_ADMIN_SMTP_SSL_ENABLED -> This enables the SSL authentication
• LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED -> This enables STARTTLS authentication

Things to Consider

• Only one of the LOWCODER_ADMIN_SMTP_SSL_ENABLED and LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED can be set to TRUE at a time.
• LOWCODER_ADMIN_SMTP_PORT should be set according to the authentication method used.

Types of changes

What types of changes does your code introduce to Lowcoder?
Put an x in the boxes that apply.

• Bugfix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation Update (if none of the other choices apply)

Checklist

You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help!
This is simply a reminder of what we are going to look for before merging your code.
Put an x in the boxes that apply.

• Lint and unit tests pass locally with my changes
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)
• Any dependent changes have been merged and published in downstream modules

Further comments

If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc.