Implement Email Verification and Forgot Password Functionality in Authentication Module

[Rahulchaudharyji2]

Problem

Our authentication module is missing Email Verification and the Forgot Password functionality is currently not working.

Contribution Needed

We need contributors to implement both features with a complete frontend + backend workflow.

---

Tasks

1️⃣ Forgot Password

• Create POST /forgot-password route:
  • Accepts user email.
  • Generates a reset token (JWT, 15 min expiry).
  • Sends password reset email with a link.
• Create POST /reset-password/:token route:
  • Accepts new password.
  • Verifies token.
  • Hashes password using bcrypt.
  • Updates password in DB.
• Create React pages:
  • Forgot Password (email input).
  • Reset Password (new password input).
• Handle token expiry and show proper messages.

2️⃣ Email Verification

• Modify POST /register:
  • Create user with isVerified: false.
  • Generate verification token (JWT, 24h expiry).
  • Send verification email with link.
• Create GET /verify-email/:token route:
  • Verify token and activate account (isVerified: true).
• Prevent unverified users from logging in.
• Create React pages:
  • Verification success message.
  • Verification failure/expired token message.

---

Requirements

• Backend: Node.js, Express, MongoDB, JWT, bcrypt, Nodemailer
• Frontend: React, Axios
• Use .env for sensitive credentials.
• Emails should be sent using Nodemailer/Mailtrap (for testing).

Acceptance Criteria

• User can reset password successfully via email link.
• Email verification flow works end-to-end.
• Tokens expire correctly (15 min for reset, 24h for verification).
• Only verified users can log in.
• All code is clean, modular, and well-documented.

Notes for Contributors

• Do NOT commit .env or real credentials.
• Use Mailtrap or other safe testing services for emails.
• PRs without testing will not be accepted.