daphnis/app/(authenticated)/(settings)/settings/(settings components)/security/forgotpassword.tsx
2024-06-29 15:51:29 -04:00

63 lines
1.4 KiB
TypeScript

"use server";
import { getAuth } from "@/auth/queries/getauth";
import { artemis, daphnis } from "@/lib/prisma";
import { Argon2id } from "oslo/password";
export const updatePassword = async (
currentPassword: string,
newPassword: string,
confirmNewPassword: string
) => {
// Check if new passwords match
if (newPassword !== confirmNewPassword) {
return { error: "New passwords do not match" };
}
const { user } = await getAuth();
if (!user) {
return { error: "User not authenticated" };
}
try {
// Fetch user from database
const existingUser = await daphnis.user.findUnique({
where: {
id: user.id,
},
});
if (!existingUser) {
return { error: "User not found" };
}
// Verify current password
const isPasswordValid = await new Argon2id().verify(
existingUser.hashedPassword,
currentPassword
);
if (!isPasswordValid) {
return { error: "Current password is incorrect" };
}
// Hash new password
const hashedPassword = await new Argon2id().hash(newPassword);
// Update user's password
await daphnis.user.update({
where: {
id: user.id,
},
data: {
hashedPassword,
},
});
return { success: "Password updated successfully" };
} catch (error: any) {
return { error: "Failed to update password: " + error.message };
}
};