From 6d97fc24c4debfca7bd8f0848a048b1b855a8995 Mon Sep 17 00:00:00 2001
From: Flo <florian_feistel@outlook.de>
Date: Tue, 27 Aug 2024 20:49:35 +0000
Subject: [PATCH] default functions

---
 bin/createApi.php                             |  22 ++---
 data/mails/reset-password/assets/icon.png     | Bin 0 -> 1766 bytes
 data/mails/reset-password/template.latte      |  63 ++++++++++++
 .../business/Version20240827155813.php        |  37 +++++++
 .../External/Authentication/config/routes.php |  18 ++++
 .../Authentication/config/service_manager.php |  10 +-
 .../src/Handler/ForgotPasswordHandler.php     |  39 ++++++++
 .../src/Handler/ResetPasswordHandler.php      |  45 +++++++++
 .../ForgotPasswordResponseFormatter.php       |  17 ++++
 .../ResetPasswordResponseFormatter.php        |  17 ++++
 .../src/Handler/ChangePasswordHandler.php     |   1 +
 .../Business/config/service_manager.php       |   4 +-
 src/DataDomain/Business/src/Entity/User.php   |   4 +
 .../Business/src/Entity/UserPasswordToken.php |  91 ++++++++++++++++++
 .../src/Repository/PermissionRepository.php   |   4 +-
 .../src/Repository/ProductRepository.php      |  10 --
 .../src/Repository/RoleRepository.php         |   2 -
 .../UserPasswordTokenRepository.php           |  10 ++
 .../src/Repository/UserRepository.php         |   2 -
 .../src/Repository/UserSessionRepository.php  |  14 +--
 .../RegisterUser/Step/SendMailStep.php        |   1 +
 .../User/config/service_manager.php           |  14 ++-
 .../src/Builder/UserPasswordTokenBuilder.php  |  25 +++++
 .../Exception/UserNotFoundByMailException.php |  24 +++++
 ...rPasswordConfirmationMismatchException.php |  21 ++++
 ...UserPasswordTokenNotFoundByIdException.php |  26 +++++
 .../ChangePassword/ChangePasswordCommand.php  |   6 ++
 .../ChangePasswordCommandBuilder.php          |   2 +
 .../ChangePasswordCommandHandler.php          |   9 ++
 .../ForgotPassword/ForgotPasswordCommand.php  |  24 +++++
 .../ForgotPasswordCommandBuilder.php          |  18 ++++
 .../ForgotPasswordCommandHandler.php          |  70 ++++++++++++++
 .../ForgotPasswordCommandResult.php           |  12 +++
 .../ResetPassword/ResetPasswordCommand.php    |  32 ++++++
 .../ResetPasswordCommandBuilder.php           |  22 +++++
 .../ResetPasswordCommandHandler.php           |  63 ++++++++++++
 .../ResetPasswordCommandResult.php            |  13 +++
 .../src/AutowireRepositoryFactory.php         |  24 +++++
 .../Database/src/ConfigServiceFactory.php     |  33 -------
 .../UuidGenerator/src/UuidGenerator.php       |   4 +-
 40 files changed, 769 insertions(+), 84 deletions(-)
 create mode 100644 data/mails/reset-password/assets/icon.png
 create mode 100644 data/mails/reset-password/template.latte
 create mode 100644 data/migrations/business/Version20240827155813.php
 create mode 100644 src/ApiDomain/External/Authentication/src/Handler/ForgotPasswordHandler.php
 create mode 100644 src/ApiDomain/External/Authentication/src/Handler/ResetPasswordHandler.php
 create mode 100644 src/ApiDomain/External/Authentication/src/ResponseFormatter/ForgotPasswordResponseFormatter.php
 create mode 100644 src/ApiDomain/External/Authentication/src/ResponseFormatter/ResetPasswordResponseFormatter.php
 create mode 100644 src/DataDomain/Business/src/Entity/UserPasswordToken.php
 delete mode 100644 src/DataDomain/Business/src/Repository/ProductRepository.php
 create mode 100644 src/DataDomain/Business/src/Repository/UserPasswordTokenRepository.php
 create mode 100644 src/HandlingDomain/User/src/Builder/UserPasswordTokenBuilder.php
 create mode 100644 src/HandlingDomain/User/src/Exception/UserNotFoundByMailException.php
 create mode 100644 src/HandlingDomain/User/src/Exception/UserPasswordConfirmationMismatchException.php
 create mode 100644 src/HandlingDomain/User/src/Exception/UserPasswordTokenNotFoundByIdException.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommand.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandBuilder.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandHandler.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandResult.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommand.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandBuilder.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandHandler.php
 create mode 100644 src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandResult.php
 create mode 100644 src/Infrastructure/Database/src/AutowireRepositoryFactory.php
 delete mode 100644 src/Infrastructure/Database/src/ConfigServiceFactory.php

diff --git a/bin/createApi.php b/bin/createApi.php
index 24c4b0b..8be687c 100644
--- a/bin/createApi.php
+++ b/bin/createApi.php
@@ -201,8 +201,8 @@ use Psr\\Http\\Server\\RequestHandlerInterface;
 class {$apiHandlerName} implements RequestHandlerInterface
 {
     public function __construct(
-        private readonly {$cqrsHandlerName} \${$cqrsHandlerVariableName},
-        private readonly {$cqrsBuilderName} \${$cqrsBuilderVariableName},
+        private readonly {$cqrsHandlerName} \$handler,
+        private readonly {$cqrsBuilderName} \$builder,
         private readonly {$apiResponseFormatterName} \$responseFormatter,
     ) {
     }
@@ -211,10 +211,10 @@ class {$apiHandlerName} implements RequestHandlerInterface
     {
         \$data = \$request->getAttribute(AnalyzeBodyMiddleware::JSON_DATA);
 
-        \${$cqrsVariableName} = \$this->{$cqrsBuilderVariableName}->build(
+        \${$cqrsVariableName} = \$this->builder->build(
             \$data
         );
-        \$result = \$this->{$cqrsHandlerVariableName}->execute(\${$cqrsVariableName});
+        \$result = \$this->handler->execute(\${$cqrsVariableName});
         
         return new SuccessResponse(\$this->responseFormatter->format(\$result));
     }
@@ -251,10 +251,10 @@ namespace {$cqrsHandlerNamespace};
 class {$cqrsName}
 {
     public function __construct(
-        #TODO    
-    ) {    
+        #TODO
+    ) {
     }
-    
+
     #TODO
 }
 ";
@@ -270,14 +270,12 @@ class {$cqrsHandlerName}
 {
     public function __construct(
         #TODO
-    ) {    
+    ) {
     }
-    
+
     public function execute({$cqrsName} \${$cqrsVariableName}): {$cqrsResultName}
     {
-        return new {$cqrsResultName}(
-            
-        );
+        return new {$cqrsResultName}();
     }
 }
 ";
diff --git a/data/mails/reset-password/assets/icon.png b/data/mails/reset-password/assets/icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..07e8b9d9cba7a4dc27cd800357a7ca8e4b45ec2c
GIT binary patch
literal 1766
zcmV<C1{wK@P)<h;3K|Lk000e1NJLTq002(_002-31^@s6ShOg}00001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vHNyZ``ByaAytitqpc02y>eSaefwW^{L9
za%BK_cXuvnZfkR6VQ^(GZ*pgw?mQX*00ve`L_t(|UhSM`sPse>hOc7p4SW0S3Mwd8
z1jXJfqJk)*_`@G|YzT^q3N}Ph5qm+z&w{;yU@!PbR8;KPd++Ui*aULpNivg}l)IY;
z9<tn<O?D@l$(b`VJ2f!S33DXdna+xGi_yzz+>vYtO4wiiYuG4rCfk7;422iKP<R0h
zg%`k3cmWKB7r;!3^X8XZN@BTn<Z5yOxv+!<<uap}(^y4*IC?pG>>zKGze+2PtMU(d
zqolwmh8^XL(khTTQivDHMdjGCq`XyH1rWmz<W{m*EF|X|y{yfqk}qd{>6rd0kCmOU
zygW+M>3&~k+oLb#Bl38;mULxr`J2ps$)-J5w#K^hCi%OxK8)on@+7&EEaDK!-C(`H
zX-}7pLUlY<hTIu{%O~U!axs~5sN{dvd)n|Hd7x~BW#v=SI&odO2zSb}WtRn)`kh=^
zMrAYkv9wM&ZqiOiV?Ft;v`#dx5|Ddgb<gPLyd=vS`L6j(KAA}EAP6Q3*g)<gv+b%Y
z1m)DWAa0k|mFa`ONO}rZKQ?7<$rHRz%t)+R8@ff-LHpoy(kFJDPhKyrV-<O|tWE4E
zYfQP5&XQ|LA5N3j@#@N8)Bo65T056X!2E)ITGG3)_K7XA85j9*xrlV(5@{W)j%MMV
zEUlf3oGq7<DI`|Ow_PRMdQ$%^Z<gE1vcxX`quN`?@YO85yQQ_WB~Q7sL;&s0LGoeA
zlhHaxY(J9c$)W`BMlwcFZWi8q(%RW_6Y0td@)Y@ow2l?q3uF;7+H|w<ev;PCd0&-v
zX`@<yBMDb5$o5$8$xHkFPJzUc(_oCiI*8@vGL)vP^`6pV4{7b6my}y2X(LNp;L7L8
zHUyFbj7{t;8KfbccvHrLY>kEM_vGSw@x8RJLf$K7Q|u>yl-7BDB!tRF0>Fdh8ENgG
zm+I}sThcmE-cKY$eKA>EUL$=HtyLZ^v(V66`&k|)y`UOd2eKri96De=kK_wIDx1jb
zy)08W7mdBOpXKh-i({m9pdufTWHNl1SMDn5Lw+Hx<HnRM3%EXIQ)kIavH>Mk=XL3G
zM-k!QC7+dySCAh1K>}Bshrz0nFTs!>@gXDqZE>+A3-g+EO;geKFD@xWFYb}~t1y%O
zOx~CKTb1;*YC#Zd9dMFlkg7Ix_^pFZf;2-*$l8#8j}dFlMCm#PLmJyU_&7_ihpB5(
zI7eD1>5H*z$AvN~N6MH{e=NC6_R0M%#J6QSQ8FrLO6!DOnhw+uTU!73kqhCIpY)<{
zLy>gl)|9|hF>4=JIaXtHRlq01+=k=;Q^=ff=UDqyN%Ge_0pJ7efOX<7-B)I*Q!|*c
z746Ad1cS`h$-9#7RzAhPleG3N@-i7^6+l%IV7X-57f3=d5i-kTk^ym780)1FgQ+S!
z?{sv-khsXhAovZVmrjtY3!Ojh#MUx@+jk|YuA)&fQeQp^)oo=kRd*hfwfh3oI`UOE
zg=+iw=%o`(AP=Uh@ZL?feSpE6GOkOuF3>xP^3bT_Q)%7$ZOh178Dy?~CL1xaDF~O8
zdv+kDOIY(!2D3w1J><$>$+l6*tXfyDZI_l+tS_ziTGB6W9J)YVEi%dKy6Dbl!5=><
zQX7|Q`;{a$-!;r>apBrz>%!*AwozDG(8R#BkFK-xSvg7IY#k%-39>dWcOEdFd&}r$
zXSfcqe=SLFx)3ym>{@tmoMfI#S8SMUU2vVrMR-#ipTc9(Ad{%M-MheNk+JK;rIkQA
z%ZW1IcC;Y_J}y<4C#Y-t%>10zxl~#orfKh&WwnKB_@K1jYk7cd9lpR7()vJ6%hCas
z<>w*n@Lettv{W>-&YzLkcH2Ql`CiEbjGo6fl5olgrtx<ElOZG*2@k9*+h<wc&<j|F
z=rgmlYkBxE2d`JKUX=#hHNx*o76A4ZW`pv}5v;f&Rb+jEylpMBVjP-vC&9GQ(DOkV
z!dzXFp<yhT0T@#J3|O<JJH^!3ha^9^)fCi--DGy)d~D#?G$=^xj)@^%%&~^-NfQNF
zwxDmUAg#n`m{kaMJYP-}w2SmTT~}jT@`E!6%ZY{cx-4_2Aglti<X145U(9<OqxF<b
z0IVL`UXq$(Q4E1Ofi4*oW)tw#CJcFA@(XJWLk<j#9aB^P0ijZfeCC5cDgXcg07*qo
IM6N<$g78jJ@&Et;

literal 0
HcmV?d00001

diff --git a/data/mails/reset-password/template.latte b/data/mails/reset-password/template.latte
new file mode 100644
index 0000000..606d6b0
--- /dev/null
+++ b/data/mails/reset-password/template.latte
@@ -0,0 +1,63 @@
+<html>
+<head>
+	<meta charset="utf-8">
+	<title>Passwort zurücksetzen</title>
+	<style>
+	body {
+	}
+    .message-block {
+        font-family: Arial, sans-serif;
+        max-width: 600px;
+        margin: 0 auto;
+        margin-top: 20px;
+        padding: 20px;
+    }
+    .header {
+        background-color: rgb(255, 199, 44);
+        width: 100%;
+        height: 15%;
+        text-align: center;
+    }
+    .title {
+        display: flex;
+        flex-wrap: wrap;
+    }
+    .wrapper {
+        display: inline-block;
+    }
+    .quote {
+        font-style: italic;
+        font-size: x-small;
+        color: slategray;
+    }
+    img {
+        margin: 1rem;
+    }
+    h1 {
+        margin-top: auto;
+        margin-bottom: auto;
+    }
+	</style>
+</head>
+<body>
+    <div id="header" class="header">
+        <div class="wrapper">
+            <div id="title" class="title">
+                <img src="assets/icon.png" />
+                <h1>Beekeeper</h1>
+            </div>
+        </div>
+    </div>
+    <div id="message-block" class="message-block">
+        <p>Hallo {$username},</p>
+        <br />
+        <p>Dein Passwort wurde zurückgesetzt.</p>
+        <p>Bitte klicke auf <a href="{$passwordResetLink}">diesen Link</a> um ein neues Passwort zu vergeben.</p>
+        <br />
+        <p>Wenn du dein Passwort nicht zurückgesetzt hast, kannst du diese Nachricht ignorieren!</p>
+        <br />
+        <p>Mit fleißigen Grüßen,</p>
+        <p>Der Beekeeper</p>
+    </div>
+</body>
+</html>
diff --git a/data/migrations/business/Version20240827155813.php b/data/migrations/business/Version20240827155813.php
new file mode 100644
index 0000000..59162dc
--- /dev/null
+++ b/data/migrations/business/Version20240827155813.php
@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Migrations\Bee;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20240827155813 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return "Create Table 'user_password_token'";
+    }
+
+    public function up(Schema $schema): void
+    {
+        $sql = "CREATE TABLE user_password_token (
+                    id binary(16) NOT NULL,
+                    user_id binary(16) NOT NULL,
+                    updated_at datetime NOT NULL,
+                    created_at datetime NOT NULL,
+                    PRIMARY KEY (id)
+                );";
+
+        $this->addSql($sql);
+    }
+
+    public function down(Schema $schema): void
+    {
+        $this->addSql("DROP TABLE user_password_token;");
+    }
+}
diff --git a/src/ApiDomain/External/Authentication/config/routes.php b/src/ApiDomain/External/Authentication/config/routes.php
index 06dda9f..dc8b4fd 100644
--- a/src/ApiDomain/External/Authentication/config/routes.php
+++ b/src/ApiDomain/External/Authentication/config/routes.php
@@ -1,9 +1,11 @@
 <?php
 
 use Bee\API\External\Authentication\Handler\ConfirmRegistrationHandler;
+use Bee\API\External\Authentication\Handler\ForgotPasswordHandler;
 use Bee\API\External\Authentication\Handler\LoginUserHandler;
 use Bee\API\External\Authentication\Handler\LogoutUserHandler;
 use Bee\API\External\Authentication\Handler\RegisterUserHandler;
+use Bee\API\External\Authentication\Handler\ResetPasswordHandler;
 use Bee\Infrastructure\Session\Middleware\LoggedInUserMiddleware;
 
 return [
@@ -40,4 +42,20 @@ return [
             RegisterUserHandler::class
         ],
     ],
+    [
+        'name' => 'auth.forgot-password',
+        'path' => '/api/auth/forgot-password',
+        'allowed_methods' => ['POST'],
+        'middleware' => [
+            ForgotPasswordHandler::class,
+        ],
+    ],
+    [
+        'name' => 'auth.reset-password',
+        'path' => '/api/auth/reset-password',
+        'allowed_methods' => ['POST'],
+        'middleware' => [
+            ResetPasswordHandler::class,
+        ],
+    ],
 ];
\ No newline at end of file
diff --git a/src/ApiDomain/External/Authentication/config/service_manager.php b/src/ApiDomain/External/Authentication/config/service_manager.php
index 61124b9..3d22b21 100644
--- a/src/ApiDomain/External/Authentication/config/service_manager.php
+++ b/src/ApiDomain/External/Authentication/config/service_manager.php
@@ -3,9 +3,13 @@
 use Bee\API\External\Authentication\Formatter\ConfirmRegistrationFormatter;
 use Bee\API\External\Authentication\Formatter\LoginUserFormatter;
 use Bee\API\External\Authentication\Handler\ConfirmRegistrationHandler;
+use Bee\API\External\Authentication\Handler\ForgotPasswordHandler;
 use Bee\API\External\Authentication\Handler\LoginUserHandler;
 use Bee\API\External\Authentication\Handler\LogoutUserHandler;
 use Bee\API\External\Authentication\Handler\RegisterUserHandler;
+use Bee\API\External\Authentication\Handler\ResetPasswordHandler;
+use Bee\API\External\Authentication\ResponseFormatter\ForgotPasswordResponseFormatter;
+use Bee\API\External\Authentication\ResponseFormatter\ResetPasswordResponseFormatter;
 use Reinfi\DependencyInjection\Factory\AutoWiringFactory;
 
 return [
@@ -13,11 +17,15 @@ return [
         // Formatter
         ConfirmRegistrationFormatter::class => AutoWiringFactory::class,
         LoginUserFormatter::class => AutoWiringFactory::class,
+        ForgotPasswordResponseFormatter::class => AutoWiringFactory::class,
+        ResetPasswordResponseFormatter::class => AutoWiringFactory::class,
 
         // Handler
         LoginUserHandler::class => AutoWiringFactory::class,
         LogoutUserHandler::class => AutoWiringFactory::class,
         ConfirmRegistrationHandler::class => AutoWiringFactory::class,
-        RegisterUserHandler::class => AutoWiringFactory::class
+        RegisterUserHandler::class => AutoWiringFactory::class,
+        ForgotPasswordHandler::class => AutoWiringFactory::class,
+        ResetPasswordHandler::class => AutoWiringFactory::class,
     ],
 ];
diff --git a/src/ApiDomain/External/Authentication/src/Handler/ForgotPasswordHandler.php b/src/ApiDomain/External/Authentication/src/Handler/ForgotPasswordHandler.php
new file mode 100644
index 0000000..76da25a
--- /dev/null
+++ b/src/ApiDomain/External/Authentication/src/Handler/ForgotPasswordHandler.php
@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\API\External\Authentication\Handler;
+
+use Bee\API\External\Authentication\ResponseFormatter\ForgotPasswordResponseFormatter;
+use Bee\Handling\User\Handler\Command\ForgotPassword\ForgotPasswordCommandBuilder;
+use Bee\Handling\User\Handler\Command\ForgotPassword\ForgotPasswordCommandHandler;
+use Bee\Infrastructure\Request\Middleware\AnalyzeBodyMiddleware;
+use Bee\Infrastructure\Request\Middleware\AnalyzeHeaderMiddleware;
+use Bee\Infrastructure\Response\SuccessResponse;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+
+class ForgotPasswordHandler implements RequestHandlerInterface
+{
+    public function __construct(
+        private readonly ForgotPasswordCommandHandler $forgotPasswordCommandHandler,
+        private readonly ForgotPasswordCommandBuilder $forgotPasswordCommandBuilder,
+        private readonly ForgotPasswordResponseFormatter $responseFormatter,
+    ) {
+    }
+
+    public function handle(ServerRequestInterface $request): ResponseInterface
+    {
+        $host = $request->getAttribute(AnalyzeHeaderMiddleware::HOST_ATTRIBUTE);
+        $data = $request->getAttribute(AnalyzeBodyMiddleware::JSON_DATA);
+
+        $forgotPasswordCommand = $this->forgotPasswordCommandBuilder->build(
+            domain: $host,
+            mail: $data['mail'],
+        );
+        $result = $this->forgotPasswordCommandHandler->execute($forgotPasswordCommand);
+        
+        return new SuccessResponse($this->responseFormatter->format($result));
+    }
+}
diff --git a/src/ApiDomain/External/Authentication/src/Handler/ResetPasswordHandler.php b/src/ApiDomain/External/Authentication/src/Handler/ResetPasswordHandler.php
new file mode 100644
index 0000000..b3b5cd2
--- /dev/null
+++ b/src/ApiDomain/External/Authentication/src/Handler/ResetPasswordHandler.php
@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\API\External\Authentication\Handler;
+
+use Bee\API\External\Authentication\ResponseFormatter\ResetPasswordResponseFormatter;
+use Bee\Handling\User\Exception\UserPasswordConfirmationMismatchException;
+use Bee\Handling\User\Exception\UserPasswordTokenNotFoundByIdException;
+use Bee\Handling\User\Handler\Command\ResetPassword\ResetPasswordCommandBuilder;
+use Bee\Handling\User\Handler\Command\ResetPassword\ResetPasswordCommandHandler;
+use Bee\Infrastructure\Request\Middleware\AnalyzeBodyMiddleware;
+use Bee\Infrastructure\Response\SuccessResponse;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Ramsey\Uuid\Uuid;
+
+class ResetPasswordHandler implements RequestHandlerInterface
+{
+    public function __construct(
+        private readonly ResetPasswordCommandHandler $handler,
+        private readonly ResetPasswordCommandBuilder $builder,
+        private readonly ResetPasswordResponseFormatter $responseFormatter,
+    ) {
+    }
+
+    /**
+     * @throws UserPasswordConfirmationMismatchException
+     * @throws UserPasswordTokenNotFoundByIdException
+     */
+    public function handle(ServerRequestInterface $request): ResponseInterface
+    {
+        $data = $request->getAttribute(AnalyzeBodyMiddleware::JSON_DATA);
+
+        $resetPasswordCommand = $this->builder->build(
+            Uuid::fromString($data['passwordToken']),
+            $data['newPassword'],
+            $data['passwordConfirmation'],
+        );
+        $result = $this->handler->execute($resetPasswordCommand);
+        
+        return new SuccessResponse($this->responseFormatter->format($result));
+    }
+}
diff --git a/src/ApiDomain/External/Authentication/src/ResponseFormatter/ForgotPasswordResponseFormatter.php b/src/ApiDomain/External/Authentication/src/ResponseFormatter/ForgotPasswordResponseFormatter.php
new file mode 100644
index 0000000..39ec4c8
--- /dev/null
+++ b/src/ApiDomain/External/Authentication/src/ResponseFormatter/ForgotPasswordResponseFormatter.php
@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\API\External\Authentication\ResponseFormatter;
+
+use Bee\Handling\User\Handler\Command\ForgotPassword\ForgotPasswordCommandResult;
+
+class ForgotPasswordResponseFormatter
+{
+    public function format(ForgotPasswordCommandResult $forgotPasswordCommandResult): array
+    {
+        return [
+            
+        ];
+    }
+}
diff --git a/src/ApiDomain/External/Authentication/src/ResponseFormatter/ResetPasswordResponseFormatter.php b/src/ApiDomain/External/Authentication/src/ResponseFormatter/ResetPasswordResponseFormatter.php
new file mode 100644
index 0000000..5c858f9
--- /dev/null
+++ b/src/ApiDomain/External/Authentication/src/ResponseFormatter/ResetPasswordResponseFormatter.php
@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\API\External\Authentication\ResponseFormatter;
+
+use Bee\Handling\User\Handler\Command\ResetPassword\ResetPasswordCommandResult;
+
+class ResetPasswordResponseFormatter
+{
+    public function format(ResetPasswordCommandResult $resetPasswordCommandResult): array
+    {
+        return [
+            
+        ];
+    }
+}
diff --git a/src/ApiDomain/External/User/src/Handler/ChangePasswordHandler.php b/src/ApiDomain/External/User/src/Handler/ChangePasswordHandler.php
index 0d83b8f..8b4fb5e 100644
--- a/src/ApiDomain/External/User/src/Handler/ChangePasswordHandler.php
+++ b/src/ApiDomain/External/User/src/Handler/ChangePasswordHandler.php
@@ -32,6 +32,7 @@ class ChangePasswordHandler implements RequestHandlerInterface
             $user,
             $data['password'],
             $data['newPassword'],
+            $data['newPasswordConfirmation'],
         );
         $this->handler->execute($query);
 
diff --git a/src/DataDomain/Business/config/service_manager.php b/src/DataDomain/Business/config/service_manager.php
index 0dc87f1..78f14c3 100644
--- a/src/DataDomain/Business/config/service_manager.php
+++ b/src/DataDomain/Business/config/service_manager.php
@@ -14,8 +14,6 @@ return [
         'doctrine.entity_manager.orm_bee' => [BaseEntityManagerFactory::class, 'orm_bee'],
         'doctrine.configuration.orm_bee' => [ConfigurationFactory::class, 'orm_bee'],
         'doctrine.connection.orm_bee' => [ConnectionFactory::class, 'orm_bee'],
-        EntityManager::class => EntityManagerFactory::class,
-
-        UserRepository::class => [AutowireRepositoryFactory::class, EntityManager::class, User::class],
+        EntityManager::class => EntityManagerFactory::class
     ],
 ];
diff --git a/src/DataDomain/Business/src/Entity/User.php b/src/DataDomain/Business/src/Entity/User.php
index 48d1646..77215c1 100644
--- a/src/DataDomain/Business/src/Entity/User.php
+++ b/src/DataDomain/Business/src/Entity/User.php
@@ -3,6 +3,7 @@
 namespace Bee\Data\Business\Entity;
 
 use DateTime;
+use Doctrine\Common\Collections\Collection;
 use Doctrine\ORM\Mapping as ORM;
 use Bee\Infrastructure\UuidGenerator\UuidGenerator;
 use Ramsey\Uuid\UuidInterface;
@@ -39,6 +40,9 @@ class User {
     /** @ORM\OneToOne(targetEntity="Bee\Data\Business\Entity\UserSession", mappedBy="user") */
     private ?UserSession $session;
 
+    /* @ORM\OneToMany(targetEntity="Bee\Data\Business\Entity\UserPasswordToken", mappedBy="user") */
+    private Collection $passwordTokens;
+
     /** @ORM\Column(name="last_login_at", type="datetime", nullable=true) */
     private DateTime $lastLoginAt;
 
diff --git a/src/DataDomain/Business/src/Entity/UserPasswordToken.php b/src/DataDomain/Business/src/Entity/UserPasswordToken.php
new file mode 100644
index 0000000..73c0c39
--- /dev/null
+++ b/src/DataDomain/Business/src/Entity/UserPasswordToken.php
@@ -0,0 +1,91 @@
+<?php
+
+namespace Bee\Data\Business\Entity;
+
+use DateTime;
+use Doctrine\ORM\Mapping as ORM;
+use Bee\Infrastructure\UuidGenerator\UuidGenerator;
+use Ramsey\Uuid\UuidInterface;
+
+/**
+ * @ORM\Entity(repositoryClass="Bee\Data\Business\Repository\UserPasswordTokenRepository")
+ * @ORM\Table(name="user_password_token")
+ */
+class UserPasswordToken {
+    /**
+     * @ORM\Id
+     * @ORM\Column(name="id", type="uuid_binary_ordered_time")
+     */
+    private UuidInterface $id;
+    
+    /** @ORM\Column(name="user_id", type="uuid_binary_ordered_time", nullable=false) */
+    private UuidInterface $userId;
+
+    /** 
+     * @ORM\ManyToOne(targetEntity="Bee\Data\Business\Entity\User", inversedBy="session")
+     * @ORM\JoinColumn(name="user_id", referencedColumnName="id", nullable=true)
+     */
+    private User $user;
+        
+    /** @ORM\Column(name="created_at", type="datetime") */
+    private DateTime $createdAt;
+    
+    /** @ORM\Column(name="updated_at", type="datetime") */
+    private DateTime $updatedAt;
+
+
+    public function __construct() {
+        $this->id = UuidGenerator::generate();
+        
+        $now = new DateTime();
+        $this->setCreatedAt($now);
+        $this->setUpdatedAt($now);
+    }
+
+    
+    /**
+     * @ORM\PrePersist
+     * @ORM\PreUpdate
+     */
+    public function updateTimestamps(): void {
+        $now = new DateTime();
+        $this->setUpdatedAt($now);
+    }
+
+
+    public function getId(): UuidInterface {
+        return $this->id;
+    }
+    
+    public function getUserId(): UuidInterface {
+        return $this->userId;
+    }
+    
+    public function setUserId(UuidInterface $userId): void {
+        $this->userId = $userId;
+    }
+
+    public function getUser(): User {
+        return $this->user;
+    }
+
+    public function setUser(User $user): void {
+        $this->user = $user;
+    }
+
+    public function getCreatedAt(): DateTime {
+        return $this->createdAt;
+    }
+
+    public function setCreatedAt(DateTime $createdAt): void {
+        $this->createdAt = $createdAt;
+    }
+
+    public function getUpdatedAt(): DateTime {
+        return $this->updatedAt;
+    }
+
+    public function setUpdatedAt(DateTime $updatedAt): void {
+        $this->updatedAt = $updatedAt;
+    }
+}
\ No newline at end of file
diff --git a/src/DataDomain/Business/src/Repository/PermissionRepository.php b/src/DataDomain/Business/src/Repository/PermissionRepository.php
index ac02a73..dfb1892 100644
--- a/src/DataDomain/Business/src/Repository/PermissionRepository.php
+++ b/src/DataDomain/Business/src/Repository/PermissionRepository.php
@@ -5,6 +5,4 @@ namespace Bee\Data\Business\Repository;
 use Doctrine\ORM\EntityRepository;
 
 class PermissionRepository extends EntityRepository {
-}
-
-?>
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/src/DataDomain/Business/src/Repository/ProductRepository.php b/src/DataDomain/Business/src/Repository/ProductRepository.php
deleted file mode 100644
index 8769b29..0000000
--- a/src/DataDomain/Business/src/Repository/ProductRepository.php
+++ /dev/null
@@ -1,10 +0,0 @@
-<?php
-
-namespace Bee\Data\Business\Repository;
-
-use Doctrine\ORM\EntityRepository;
-
-class ProductRepository extends EntityRepository {
-}
-
-?>
\ No newline at end of file
diff --git a/src/DataDomain/Business/src/Repository/RoleRepository.php b/src/DataDomain/Business/src/Repository/RoleRepository.php
index d624dee..31b34c6 100644
--- a/src/DataDomain/Business/src/Repository/RoleRepository.php
+++ b/src/DataDomain/Business/src/Repository/RoleRepository.php
@@ -6,5 +6,3 @@ use Doctrine\ORM\EntityRepository;
 
 class RoleRepository extends EntityRepository {
 }
-
-?>
\ No newline at end of file
diff --git a/src/DataDomain/Business/src/Repository/UserPasswordTokenRepository.php b/src/DataDomain/Business/src/Repository/UserPasswordTokenRepository.php
new file mode 100644
index 0000000..f06abb5
--- /dev/null
+++ b/src/DataDomain/Business/src/Repository/UserPasswordTokenRepository.php
@@ -0,0 +1,10 @@
+<?php
+
+namespace Bee\Data\Business\Repository;
+
+use Bee\Data\Business\Entity\User;
+use Doctrine\ORM\EntityRepository;
+use Bee\Data\Business\Entity\UserSession;
+
+class UserPasswordTokenRepository extends EntityRepository {
+}
\ No newline at end of file
diff --git a/src/DataDomain/Business/src/Repository/UserRepository.php b/src/DataDomain/Business/src/Repository/UserRepository.php
index 9bcd58c..96f32e7 100644
--- a/src/DataDomain/Business/src/Repository/UserRepository.php
+++ b/src/DataDomain/Business/src/Repository/UserRepository.php
@@ -22,5 +22,3 @@ class UserRepository extends EntityRepository {
         return $user;
     }
 }
-
-?>
\ No newline at end of file
diff --git a/src/DataDomain/Business/src/Repository/UserSessionRepository.php b/src/DataDomain/Business/src/Repository/UserSessionRepository.php
index cdb91ee..ae12783 100644
--- a/src/DataDomain/Business/src/Repository/UserSessionRepository.php
+++ b/src/DataDomain/Business/src/Repository/UserSessionRepository.php
@@ -7,16 +7,4 @@ use Doctrine\ORM\EntityRepository;
 use Bee\Data\Business\Entity\UserSession;
 
 class UserSessionRepository extends EntityRepository {
-    public function findByUser(User $user) : ?UserSession {
-        $queryBuilder = $this->createQueryBuilder('us');
-        $queryBuilder
-            ->where("us.userId = :userId")
-            ->setParameter('userId', $user->getId());
-
-        /** @var ?UserSession $userSession */
-        $userSession = $queryBuilder->getQuery()->execute()[0] ?? null;
-        return $userSession;
-    }
-}
-
-?>
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/src/HandlingDomain/Registration/src/Pipeline/RegisterUser/Step/SendMailStep.php b/src/HandlingDomain/Registration/src/Pipeline/RegisterUser/Step/SendMailStep.php
index b99f9b8..d7222ec 100644
--- a/src/HandlingDomain/Registration/src/Pipeline/RegisterUser/Step/SendMailStep.php
+++ b/src/HandlingDomain/Registration/src/Pipeline/RegisterUser/Step/SendMailStep.php
@@ -41,6 +41,7 @@ class SendMailStep implements TaskInterface
                     )
             ],
             recipient: $command->getMail(),
+            sender: 'beekeeper@stack-up.de',
             senderName: "Beekeeper"
         );
 
diff --git a/src/HandlingDomain/User/config/service_manager.php b/src/HandlingDomain/User/config/service_manager.php
index 22439a9..ef46308 100644
--- a/src/HandlingDomain/User/config/service_manager.php
+++ b/src/HandlingDomain/User/config/service_manager.php
@@ -1,12 +1,17 @@
 <?php
 
 use Bee\Handling\User\Builder\UserBuilder;
+use Bee\Handling\User\Builder\UserPasswordTokenBuilder;
 use Bee\Handling\User\Handler\Command\ChangePassword\ChangePasswordCommandBuilder;
 use Bee\Handling\User\Handler\Command\ChangePassword\ChangePasswordCommandHandler;
 use Bee\Handling\User\Handler\Command\ChangeUsername\ChangeUsernameCommandBuilder;
 use Bee\Handling\User\Handler\Command\ChangeUsername\ChangeUsernameCommandHandler;
 use Bee\Handling\User\Handler\Command\CreateUser\CreateUserCommandBuilder;
 use Bee\Handling\User\Handler\Command\CreateUser\CreateUserCommandHandler;
+use Bee\Handling\User\Handler\Command\ForgotPassword\ForgotPasswordCommandBuilder;
+use Bee\Handling\User\Handler\Command\ForgotPassword\ForgotPasswordCommandHandler;
+use Bee\Handling\User\Handler\Command\ResetPassword\ResetPasswordCommandBuilder;
+use Bee\Handling\User\Handler\Command\ResetPassword\ResetPasswordCommandHandler;
 use Bee\Handling\User\Rule\UserPasswordMatchRule;
 use Bee\Handling\User\Rule\UserWithIdentifierAlreadyExistsRule;
 use Reinfi\DependencyInjection\Factory\AutoWiringFactory;
@@ -18,6 +23,7 @@ return [
 
         /// Builder
         UserBuilder::class => InjectionFactory::class,
+        UserPasswordTokenBuilder::class => AutoWiringFactory::class,
 
         /// Rule
         UserWithIdentifierAlreadyExistsRule::class => InjectionFactory::class,
@@ -27,13 +33,17 @@ return [
         // Create User
         CreateUserCommandHandler::class => AutoWiringFactory::class,
         CreateUserCommandBuilder::class => AutoWiringFactory::class,
-
         // Change Password
         ChangePasswordCommandHandler::class => AutoWiringFactory::class,
         ChangePasswordCommandBuilder::class => AutoWiringFactory::class,
-
         // Change Username
         ChangeUsernameCommandHandler::class => AutoWiringFactory::class,
         ChangeUsernameCommandBuilder::class => AutoWiringFactory::class,
+        // Forgot Password
+        ForgotPasswordCommandHandler::class => InjectionFactory::class,
+        ForgotPasswordCommandBuilder::class => AutoWiringFactory::class,
+        // Reset Password
+        ResetPasswordCommandHandler::class => InjectionFactory::class,
+        ResetPasswordCommandBuilder::class => AutoWiringFactory::class,
     ],
 ];
diff --git a/src/HandlingDomain/User/src/Builder/UserPasswordTokenBuilder.php b/src/HandlingDomain/User/src/Builder/UserPasswordTokenBuilder.php
new file mode 100644
index 0000000..ce78bfd
--- /dev/null
+++ b/src/HandlingDomain/User/src/Builder/UserPasswordTokenBuilder.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace Bee\Handling\User\Builder;
+
+use Bee\Data\Business\Entity\Role;
+use Bee\Data\Business\Entity\User;
+use Bee\Data\Business\Entity\UserPasswordToken;
+use Bee\Data\Business\Repository\RoleRepository;
+use Bee\Handling\Role\Exception\RoleNotFoundByIdentifierException;
+use Bee\Infrastructure\Encryption\Client\EncryptionClient;
+use Reinfi\DependencyInjection\Annotation\Inject;
+use Reinfi\DependencyInjection\Annotation\InjectDoctrineRepository;
+
+class UserPasswordTokenBuilder
+{
+    public function build(
+        User $user
+    ): UserPasswordToken
+    {
+        $userPasswordToken = new UserPasswordToken();
+        $userPasswordToken->setUser($user);
+
+        return $userPasswordToken;
+    }
+}
diff --git a/src/HandlingDomain/User/src/Exception/UserNotFoundByMailException.php b/src/HandlingDomain/User/src/Exception/UserNotFoundByMailException.php
new file mode 100644
index 0000000..4dd0601
--- /dev/null
+++ b/src/HandlingDomain/User/src/Exception/UserNotFoundByMailException.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Bee\Handling\User\Exception;
+
+use Bee\Infrastructure\Exception\ErrorCode;
+use Bee\Infrastructure\Exception\ErrorDomain;
+use Bee\Infrastructure\Exception\Exception\Exception;
+
+class UserNotFoundByMailException extends Exception {
+
+    private const MESSAGE = 'The user with the mail %s was not found!';
+
+    public function __construct(string $identifier)
+    {
+        parent::__construct(
+            sprintf(
+                self::MESSAGE,
+                $identifier
+            ),
+            ErrorDomain::User,
+            ErrorCode::NotFound
+        );
+    }
+}
\ No newline at end of file
diff --git a/src/HandlingDomain/User/src/Exception/UserPasswordConfirmationMismatchException.php b/src/HandlingDomain/User/src/Exception/UserPasswordConfirmationMismatchException.php
new file mode 100644
index 0000000..ec447f5
--- /dev/null
+++ b/src/HandlingDomain/User/src/Exception/UserPasswordConfirmationMismatchException.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace Bee\Handling\User\Exception;
+
+use Bee\Infrastructure\Exception\ErrorCode;
+use Bee\Infrastructure\Exception\ErrorDomain;
+use Bee\Infrastructure\Exception\Exception\Exception;
+
+class UserPasswordConfirmationMismatchException extends Exception {
+
+    private const MESSAGE = 'The two passwordConfirmation does not match the newPassword';
+
+    public function __construct()
+    {
+        parent::__construct(
+            self::MESSAGE,
+            ErrorDomain::UserPassword,
+            ErrorCode::Mismatch,
+        );
+    }
+}
diff --git a/src/HandlingDomain/User/src/Exception/UserPasswordTokenNotFoundByIdException.php b/src/HandlingDomain/User/src/Exception/UserPasswordTokenNotFoundByIdException.php
new file mode 100644
index 0000000..8f2c756
--- /dev/null
+++ b/src/HandlingDomain/User/src/Exception/UserPasswordTokenNotFoundByIdException.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Bee\Handling\User\Exception;
+
+use Bee\Infrastructure\Exception\ErrorCode;
+use Bee\Infrastructure\Exception\ErrorDomain;
+use Bee\Infrastructure\Exception\Exception\Exception;
+
+class UserPasswordTokenNotFoundByIdException extends Exception {
+
+    private const MESSAGE = 'User password token with the id %s was not found!';
+
+    public function __construct(
+        string $identification
+    )
+    {
+        parent::__construct(
+            sprintf(
+                self::MESSAGE,
+                $identification
+            ),
+            ErrorDomain::UserPassword,
+            ErrorCode::Mismatch,
+        );
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommand.php b/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommand.php
index a5290b9..0b6c083 100644
--- a/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommand.php
+++ b/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommand.php
@@ -10,6 +10,7 @@ class ChangePasswordCommand
         private readonly User $user,
         private readonly string $password,
         private readonly string $newPassword,
+        private readonly string $newPasswordConfirmation,
     ) {
     }
 
@@ -24,4 +25,9 @@ class ChangePasswordCommand
     public function getPassword(): string {
         return $this->password;
     }
+
+    public function getNewPasswordConfirmation(): string
+    {
+        return $this->newPasswordConfirmation;
+    }
 }
diff --git a/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandBuilder.php b/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandBuilder.php
index 2995991..a9f6561 100644
--- a/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandBuilder.php
+++ b/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandBuilder.php
@@ -10,12 +10,14 @@ class ChangePasswordCommandBuilder
         User $user,
         string $password,
         string $newPassword,
+        string $newPasswordConfirmation,
     ): ChangePasswordCommand
     {
         return new ChangePasswordCommand(
             $user,
             $password,
             $newPassword,
+            $newPasswordConfirmation,
         );
     }
 }
diff --git a/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandHandler.php b/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandHandler.php
index 263d800..5887cd7 100644
--- a/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandHandler.php
+++ b/src/HandlingDomain/User/src/Handler/Command/ChangePassword/ChangePasswordCommandHandler.php
@@ -6,6 +6,7 @@ use Bee\Data\Business\Entity\User;
 use Bee\Data\Business\Repository\RoleRepository;
 use Bee\Data\Business\Repository\UserRepository;
 use Bee\Handling\User\Exception\UserNotFoundByIdentifierException;
+use Bee\Handling\User\Exception\UserPasswordConfirmationMismatchException;
 use Bee\Handling\User\Exception\UserWrongPasswordException;
 use Bee\Data\Business\Manager\EntityManager;
 use Bee\Infrastructure\Encryption\Client\EncryptionClient;
@@ -20,6 +21,10 @@ class ChangePasswordCommandHandler
     ) {
     }
 
+    /**
+     * @throws UserWrongPasswordException
+     * @throws UserPasswordConfirmationMismatchException
+     */
     public function execute(ChangePasswordCommand $command): void
     {
         $user = $command->getUser();
@@ -28,6 +33,10 @@ class ChangePasswordCommandHandler
             throw new UserWrongPasswordException();
         }
 
+        if ($command->getNewPassword() !== $command->getNewPasswordConfirmation()) {
+            throw new UserPasswordConfirmationMismatchException();
+        }
+
         $encryptedPassword = $this->encryptionClient->encrypt(
             $command->getNewPassword()
         );
diff --git a/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommand.php b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommand.php
new file mode 100644
index 0000000..6cca779
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommand.php
@@ -0,0 +1,24 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ForgotPassword;
+
+class ForgotPasswordCommand
+{
+    public function __construct(
+        private readonly string $domain,
+        private readonly string $mail
+    ) {
+    }
+
+    public function getDomain(): string
+    {
+        return $this->domain;
+    }
+
+    public function getMail(): string
+    {
+        return $this->mail;
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandBuilder.php b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandBuilder.php
new file mode 100644
index 0000000..63ca3ef
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandBuilder.php
@@ -0,0 +1,18 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ForgotPassword;
+
+class ForgotPasswordCommandBuilder
+{
+    public function build(
+        string $domain,
+        string $mail
+    ): ForgotPasswordCommand {
+        return new ForgotPasswordCommand(
+            $domain,
+            $mail
+        );
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandHandler.php b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandHandler.php
new file mode 100644
index 0000000..fca5d86
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandHandler.php
@@ -0,0 +1,70 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ForgotPassword;
+
+use Bee\Data\Business\Entity\User;
+use Bee\Data\Business\Manager\EntityManager;
+use Bee\Data\Business\Repository\UserRepository;
+use Bee\Handling\User\Builder\UserPasswordTokenBuilder;
+use Bee\Handling\User\Exception\UserNotFoundByMailException;
+use Bee\Infrastructure\Mail\Service\MailService;
+use Reinfi\DependencyInjection\Annotation\Inject;
+use Reinfi\DependencyInjection\Annotation\InjectDoctrineRepository;
+
+class ForgotPasswordCommandHandler
+{
+    private const RESET_PASSWORD_LINK = "https://%s/auth/reset-password/%s";
+
+    /**
+     * @InjectDoctrineRepository(
+     *  entityManager="Bee\Data\Business\Manager\EntityManager",
+     *  entity="Bee\Data\Business\Entity\User"
+     * )
+     * @Inject("Bee\Handling\User\Builder\UserPasswordTokenBuilder")
+     * @Inject("Bee\Infrastructure\Mail\Service\MailService")
+     * @Inject("Bee\Data\Business\Manager\EntityManager")
+     */
+    public function __construct(
+        private readonly UserRepository $userRepository,
+        private readonly UserPasswordTokenBuilder $passwordTokenBuilder,
+        private readonly MailService $mailService,
+        private readonly EntityManager $entityManager,
+    ) {
+    }
+    
+    public function execute(ForgotPasswordCommand $forgotPasswordCommand): ForgotPasswordCommandResult
+    {
+        $mail = $forgotPasswordCommand->getMail();
+
+        /** @var User $user */
+        $user = $this->userRepository->findOneBy(['mail' => $mail]);
+
+        if ($user === null) {
+            throw new UserNotFoundByMailException($mail);
+        }
+
+        $passwordToken = $this->passwordTokenBuilder->build($user);
+
+        $this->entityManager->persist($passwordToken);
+        $this->entityManager->flush();
+
+        $this->mailService->send(
+            'reset-password',
+            templateData: [
+                'username' => $user->getUsername(),
+                'passwordResetLink' => sprintf(
+                    self::RESET_PASSWORD_LINK,
+                    $forgotPasswordCommand->getDomain(),
+                    $passwordToken->getId()->toString()
+                )
+            ],
+            recipient: $mail,
+            sender: 'beekeeper@stack-up.de',
+            senderName: 'Beekeeper'
+        );
+
+        return new ForgotPasswordCommandResult();
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandResult.php b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandResult.php
new file mode 100644
index 0000000..f7315b7
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ForgotPassword/ForgotPasswordCommandResult.php
@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ForgotPassword;
+
+class ForgotPasswordCommandResult
+{
+    public function __construct(
+    ) {
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommand.php b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommand.php
new file mode 100644
index 0000000..3904a3c
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommand.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ResetPassword;
+
+use Ramsey\Uuid\UuidInterface;
+
+class ResetPasswordCommand
+{
+    public function __construct(
+        private UuidInterface $passwordTokenUuid,
+        private string $newPassword,
+        private string $passwordConfirmation
+    ) {
+    }
+
+    public function getPasswordTokenUuid(): UuidInterface
+    {
+        return $this->passwordTokenUuid;
+    }
+
+    public function getNewPassword(): string
+    {
+        return $this->newPassword;
+    }
+
+    public function getPasswordConfirmation(): string
+    {
+        return $this->passwordConfirmation;
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandBuilder.php b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandBuilder.php
new file mode 100644
index 0000000..0e6786c
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandBuilder.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ResetPassword;
+
+use Ramsey\Uuid\UuidInterface;
+
+class ResetPasswordCommandBuilder
+{
+    public function build(
+        UuidInterface $passwordTokenUuid,
+        string $newPassword,
+        string $passwordConfirmation
+    ): ResetPasswordCommand {
+        return new ResetPasswordCommand(
+            $passwordTokenUuid,
+            $newPassword,
+            $passwordConfirmation
+        );
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandHandler.php b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandHandler.php
new file mode 100644
index 0000000..2f1abce
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandHandler.php
@@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ResetPassword;
+
+use Bee\Data\Business\Entity\UserPasswordToken;
+use Bee\Data\Business\Manager\EntityManager;
+use Bee\Data\Business\Repository\UserPasswordTokenRepository;
+use Bee\Handling\User\Exception\UserPasswordConfirmationMismatchException;
+use Bee\Handling\User\Exception\UserPasswordTokenNotFoundByIdException;
+use Bee\Infrastructure\Encryption\Client\EncryptionClient;
+use Reinfi\DependencyInjection\Annotation\Inject;
+use Reinfi\DependencyInjection\Annotation\InjectDoctrineRepository;
+
+class ResetPasswordCommandHandler
+{
+    /**
+     * @InjectDoctrineRepository(
+     *  entityManager="Bee\Data\Business\Manager\EntityManager",
+     *  entity="Bee\Data\Business\Entity\UserPasswordToken"
+     * )
+     * @Inject("Bee\Infrastructure\Encryption\Client\EncryptionClient")
+     * @Inject("Bee\Data\Business\Manager\EntityManager")
+     */
+    public function __construct(
+        private readonly UserPasswordTokenRepository $repository,
+        private readonly EncryptionClient $encryptionClient,
+        private readonly EntityManager $entityManager,
+    ) {
+    }
+
+    public function execute(ResetPasswordCommand $resetPasswordCommand): ResetPasswordCommandResult
+    {
+        $passwordTokenId = $resetPasswordCommand->getPasswordTokenUuid();
+
+        // Load and check password token
+        /** @var ?UserPasswordToken $passwordToken */
+        $passwordToken = $this->repository->findOneBy(['id' => $passwordTokenId]);
+        if ($passwordToken === null) {
+            throw new UserPasswordTokenNotFoundByIdException($passwordTokenId->toString());
+        }
+
+        if ($resetPasswordCommand->getNewPassword() !== $resetPasswordCommand->getPasswordConfirmation()) {
+            throw new UserPasswordConfirmationMismatchException();
+        }
+
+        // Update Password
+        $user = $passwordToken->getUser();
+        $user->setPassword($this->encryptionClient->encrypt($resetPasswordCommand->getNewPassword()));
+
+        // Save to DB
+        $this->entityManager->remove($passwordToken);
+        $this->entityManager->persist($user);
+        if ($user->getSession() !== null) {
+            $this->entityManager->remove($user->getSession());
+        }
+
+        $this->entityManager->flush();
+
+        return new ResetPasswordCommandResult();
+    }
+}
diff --git a/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandResult.php b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandResult.php
new file mode 100644
index 0000000..acb9182
--- /dev/null
+++ b/src/HandlingDomain/User/src/Handler/Command/ResetPassword/ResetPasswordCommandResult.php
@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Handling\User\Handler\Command\ResetPassword;
+
+class ResetPasswordCommandResult
+{
+    public function __construct(
+        #TODO
+    ) {
+    }
+}
diff --git a/src/Infrastructure/Database/src/AutowireRepositoryFactory.php b/src/Infrastructure/Database/src/AutowireRepositoryFactory.php
new file mode 100644
index 0000000..5f46248
--- /dev/null
+++ b/src/Infrastructure/Database/src/AutowireRepositoryFactory.php
@@ -0,0 +1,24 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Bee\Infrastructure\Database;
+
+use Doctrine\ORM\EntityManager;
+use Psr\Container\ContainerInterface;
+use Roave\PsrContainerDoctrine\AbstractFactory;
+
+class AutowireRepositoryFactory extends AbstractFactory
+{
+    protected function createWithConfig(ContainerInterface $container, string $configKey)
+    {
+        /** @var EntityManager $em */
+        $em = $container->get(EntityManager::class);
+        return $em->getRepository($configKey);
+    }
+
+    protected function getDefaultConfig(string $configKey): array
+    {
+        return [];
+    }
+}
diff --git a/src/Infrastructure/Database/src/ConfigServiceFactory.php b/src/Infrastructure/Database/src/ConfigServiceFactory.php
deleted file mode 100644
index 0548333..0000000
--- a/src/Infrastructure/Database/src/ConfigServiceFactory.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace Bee\Infrastructure\Database;
-
-use Doctrine\ORM\EntityManager;
-use Doctrine\ORM\EntityRepository;
-use Doctrine\Persistence\ObjectRepository;
-use Laminas\ServiceManager\Factory\FactoryInterface;
-use Psr\Container\ContainerInterface;
-
-class AutowireRepositoryFactory implements FactoryInterface
-{
-    public function __construct(
-        private readonly string $entityManagerClass,
-        private readonly string $entityClass,
-    ) {
-        var_dump($this->entityClass, $this->entityClass);
-    }
-
-    public function __invoke(
-        ContainerInterface $container,
-        $requestedName,
-        ?array $options = null
-    ): ObjectRepository|EntityRepository
-    {
-        /** @var EntityManager $em */
-        $em = $container->get($this->entityManagerClass);
-
-        return $em->getRepository($this->entityClass);
-    }
-}
diff --git a/src/Infrastructure/UuidGenerator/src/UuidGenerator.php b/src/Infrastructure/UuidGenerator/src/UuidGenerator.php
index 31a2235..a078253 100644
--- a/src/Infrastructure/UuidGenerator/src/UuidGenerator.php
+++ b/src/Infrastructure/UuidGenerator/src/UuidGenerator.php
@@ -13,6 +13,4 @@ class UuidGenerator {
         $factory->setCodec($codec);
         return $factory->uuid1();
     }
-}
-
-?>
\ No newline at end of file
+}
\ No newline at end of file