Updated resetPassword controller to check if old password = new password

controllers/userControllers.js

@@ -146,8 +146,18 @@ module.exports.resetPassword = async (req, res) => {
     // Get user ID from the JWT token passed in the authorization headers
     const userId = req.user.id;
 
-    // Get the new password from the request body
-    const { newPassword } = req.body;
+    // Get the old and new passwords from the request body
+    const { oldPassword, newPassword } = req.body;
+
+    // Fetch the user from the database
+    const user = await User.findById(userId);
+
+    // Check if the old password is equal to the new password
+    const isOldPasswordEqual = await bcrypt.compare(oldPassword, user.password);
+
+    if (isOldPasswordEqual) {
+      return res.status(400).json({ error: "Old password should not be equal to the new password." });
+    }
 
     // Hash the new password
     const hashedPassword = await bcrypt.hash(newPassword, 10);
@@ -179,4 +189,4 @@ module.exports.updateProfile = async (req, res) => {
     console.error(error);
     res.status(500).json({ error: 'Internal Server Error' });
   }
-};
+};