first commit

lib/UpdatePassword.ts

@@ -0,0 +1,60 @@
+"use server";
+
+import { getAuth } from "@/auth/queries/getauth";
+import { daphnis } from "@/lib/prisma";
+import { Argon2id } from "oslo/password";
+
+export const InApplicationPasswordReset = async (
+  currentPassword: string,
+  newPassword: string,
+  confirmNewPassword: string
+) => {
+  // Check if new passwords match
+  if (newPassword !== confirmNewPassword) {
+    throw new Error("New passwords do not match");
+  }
+
+  const { user } = await getAuth();
+
+  if (!user) {
+    throw new Error("User not authenticated");
+  }
+
+  try {
+    // Fetch user from database
+    const existingUser = await daphnis.user.findUnique({
+      where: {
+        id: user.id,
+      },
+    });
+
+    if (!existingUser) {
+      throw new Error("User not found");
+    }
+
+    // Verify current password
+    const isPasswordValid = await new Argon2id().verify(
+      existingUser.hashedPassword,
+      currentPassword
+    );
+
+    if (!isPasswordValid) {
+      throw new Error("Current password is incorrect");
+    }
+
+    // Hash new password
+    const hashedPassword = await new Argon2id().hash(newPassword);
+
+    // Update user's password
+    await daphnis.user.update({
+      where: {
+        id: user.id,
+      },
+      data: {
+        hashedPassword,
+      },
+    });
+  } catch (error) {
+    throw new Error("Failed to update password");
+  }
+};