[#9] revise documentation change password and reset password

doc/auth.md

@@ -422,11 +422,13 @@ Accept | application/json
 ### Request Payloads
 Name | Type | Example Value
 --- | --- | ---
+user_id | string | 1
 old_password | string | jakaRTa!2020
 new_password | string | jakaRTa!2021
 re_new_password | string | jakaRTa!2021
 ```
 {
+    "user_id : 1,
     "old_password": "jakaRTa!2020",
     "new_password": "jakaRTa!2021",
     "re_new_password": "jakaRTa!2021",
@@ -444,29 +446,43 @@ HTTP Code | Status | Description
     "status_code": "CDC-400",
     "status_message": "Bad Request",
     "data": null
+    
 }
 ```
 
 ```
 {
     "status_code": "CDC-200",
     "status_message": "Success change password.",
-    "data": null
+    "data": {
+        "user": {
+          "id":1,  
+          "name": "Jacky Chan",
+          "username": "jacky",
+          "email": "[email protected]",
+        }
+    }
 }
 ```
 
 ### Logic
 
 1. Validate old password, new password input.
 2. matching new password with re new password.
-3. check if old password input is same like on database.
-4. change password on database with new password
+3. check if user_id exist in database and get password from database based on user_id
+4. compare old password with password on database
+5. change password on database with new password
 
 
 #### Validation
+- user id: required and not empty
 - old password: required and not empty
 - new password: required and not empty 
 - re new password: required and not empty 
+- new password = re new password
+- old password = current password from db
+
+
 
 
 ### Scenario Test
@@ -475,13 +491,13 @@ HTTP Code | Status | Description
 
 Request Payload : empty
 
-Response HTTP Status Code : 400
+Response HTTP Status Code : 404
 
 Response Payload :
 ```
 {
-    "status_code": "cdc-400",
-    "status_message": "old password is required",
+    "status_code": "cdc-404",
+    "status_message": "user not found",
     "data": null
 }
 ```
@@ -493,13 +509,13 @@ Request Payload :
 {}
 ```
 
-Response HTTP Status Code : 400
+Response HTTP Status Code : 404
 
 Response Payload :
 ```
 {
-    "status_code": "cdc-400",
-    "status_message": "old password is required",
+    "status_code": "cdc-404",
+    "status_message": "user not found",
     "data": null
 }
 ```
@@ -509,7 +525,26 @@ Response Payload :
 Request payload :
 ```
 {
-    "old_password": ""
+    "user_id": "asal"
+}
+```
+
+Response HTTP Status Code : 404
+
+Response Payload :
+```
+{
+    "status_code": "cdc-404",
+    "status_message": "user not found",
+    "data": null
+}
+```
+#### Case : Negative Case 4
+
+Request payload :
+```
+{
+    "user_id": 1
 }
 ```
 
@@ -519,16 +554,17 @@ Response Payload :
 ```
 {
     "status_code": "cdc-400",
-    "status_message": "old password is empty",
+    "status_message": "old password is required",
     "data": null
 }
 ```
 
-#### Case : Negative Case 4
+#### Case : Negative Case 5
 
 Request Payload :
 ```
 {
+    "user_id": 1
     "old_password": "asal"
 }
 ```
@@ -544,11 +580,12 @@ Response Payload :
 }
 ```
 
-#### Case : Negative Case 5
+#### Case : Negative Case 6
 
 Request Payload :
 ```
 {
+    "user_id": 1
     "old_password": "jakaRTa!2020",
     "new_password": "asal"
 }
@@ -565,11 +602,12 @@ Response Payload :
 }
 ```
 
-#### Case : Negative Case 6
+#### Case : Negative Case 7
 
 Request Payload :
 ```
 {
+    "user_id": 1
     "old_password": "jakaRTa!2020",
     "new_password": "jakaRTa!2021",
     "re_new_password": "asal"
@@ -587,11 +625,12 @@ Response Payload :
 }
 ```
 
-#### Case : Negative Case 7
+#### Case : Negative Case 8
 
 Request Payload
 ```
 {
+    "user_id": 1
     "old_password": "asal",
     "new_password": "jakaRTa!2020",
     "re_new_password": "jakaRTa!2020"
@@ -615,6 +654,7 @@ Response Payload
 Request Payload :
 ```
 {
+    "user_id": 1
     "old_password": "jakaRTa!2020",
     "new_password": "jakaRTa!2021",
     "re_new_password": "jakaRTa!2021"
@@ -628,7 +668,14 @@ Response Payload :
 {
     "status_code": "CDC-200",
     "status_message": "success change password",
-    "data": null
+    "data": {
+        "user": {
+          "id": 1,
+          "name": "Jacky Chan",
+          "username": "jacky",
+          "email": "[email protected]",
+        }
+    }
 }
 ```
 
@@ -679,20 +726,35 @@ HTTP Code | Status | Description
 {
     "status_code": "CDC-200",
     "status_message": "Success change password.",
-    "data": null
+    "data": {
+        "user": {
+          "id":1,  
+          "name": "Jacky Chan",
+          "username": "jacky",
+          "email": "[email protected]",
+        },
+        "forgot_password_temps": {
+          "id":1,
+          "user_id":1,  
+          "key":"c4ca4238a0b923820dcc509a6f75849b",
+          "exp_date": "2020-12-12"
+        }
+    }
 }
 ```
 
 ### Logic
 
-1. Validate new password input.
-2. matching new password with re new password.
-3. if match, change password on database with new password
+1. check token is valid ? is token is exist? is token expired? is token used?
+2. Validate new password input.
+3. matching new password with re new password.
+4. if match, change password on database with new password
 
 
 #### Validation
-- new password: required and not empty 
-- re new password: required and not empty 
+- token: token validation
+- new password: check strong password,required and not empty 
+- re new password: check match with new password, required and not empty 
 
 
 ### Scenario Test
@@ -701,13 +763,13 @@ HTTP Code | Status | Description
 
 Request Payload : empty
 
-Response HTTP Status Code : 400
+Response HTTP Status Code : 404
 
 Response Payload :
 ```
 {
-    "status_code": "cdc-400",
-    "status_message": "new password is required",
+    "status_code": "cdc-404",
+    "status_message": "token not found",
     "data": null
 }
 ```
@@ -719,6 +781,46 @@ Request Payload :
 {}
 ```
 
+Response HTTP Status Code : 404
+
+Response Payload :
+```
+{
+    "status_code": "cdc-404",
+    "status_message": "token not found",
+    "data": null
+}
+```
+
+#### Case : Negative Case 3
+
+Request Payload :
+```
+{
+    "token": ""
+}
+```
+
+Response HTTP Status Code : 404
+
+Response Payload :
+```
+{
+    "status_code": "cdc-404",
+    "status_message": "token not found",
+    "data": null
+}
+```
+
+#### Case : Negative Case 4
+
+Request Payload :
+```
+{
+    "token": "c4ca4238a0b923820dcc509a6f75849b"
+}
+```
+
 Response HTTP Status Code : 400
 
 Response Payload :
@@ -729,12 +831,12 @@ Response Payload :
     "data": null
 }
 ```
-
-#### Case : Negative Case 3
+#### Case : Negative Case 5
 
 Request payload :
 ```
 {
+    "token": "c4ca4238a0b923820dcc509a6f75849b"
     "new_password": ""
 }
 ```
@@ -750,11 +852,12 @@ Response Payload :
 }
 ```
 
-#### Case : Negative Case 4
+#### Case : Negative Case 6
 
 Request Payload :
 ```
 {
+    "token": "c4ca4238a0b923820dcc509a6f75849b"
     "new_password": "asal"
 }
 ```
@@ -770,11 +873,12 @@ Response Payload :
 }
 ```
 
-#### Case : Negative Case 5
+#### Case : Negative Case 7
 
 Request Payload :
 ```
 {
+    "token": "c4ca4238a0b923820dcc509a6f75849b"
     "new_password": "jakaRTa!2020",
     "re_new_password": "asal"
 }
@@ -797,6 +901,7 @@ Response Payload :
 Request Payload :
 ```
 {
+    "token": "c4ca4238a0b923820dcc509a6f75849b"
     "new_password": "jakaRTa!2021",
     "re_new_password": "jakaRTa!2021"
 }
@@ -809,6 +914,19 @@ Response Payload :
 {
     "status_code": "CDC-200",
     "status_message": "success change password",
-    "data": null
+    "data": {
+        "user": {
+          "id":1,  
+          "name": "Jacky Chan",
+          "username": "jacky",
+          "email": "[email protected]",
+        },
+        "forgot_password_temps": {
+          "id":1,  
+          "user_id":1,  
+          "key":"c4ca4238a0b923820dcc509a6f75849b",
+          "exp_date": "2020-12-12"
+        }
+    }
 }
 ```