forked from PolarisPyra/daphnis
63 lines
1.4 KiB
TypeScript
63 lines
1.4 KiB
TypeScript
"use server";
|
|
|
|
import { getAuth } from "@/auth/queries/getauth";
|
|
import { artemis, lachesis } from "@/lib/prisma";
|
|
import { Argon2id } from "oslo/password";
|
|
|
|
export const updatePassword = async (
|
|
currentPassword: string,
|
|
newPassword: string,
|
|
confirmNewPassword: string
|
|
) => {
|
|
// Check if new passwords match
|
|
if (newPassword !== confirmNewPassword) {
|
|
return { error: "New passwords do not match" };
|
|
}
|
|
|
|
const { user } = await getAuth();
|
|
|
|
if (!user) {
|
|
return { error: "User not authenticated" };
|
|
}
|
|
|
|
try {
|
|
// Fetch user from database
|
|
const existingUser = await lachesis.user.findUnique({
|
|
where: {
|
|
id: user.id,
|
|
},
|
|
});
|
|
|
|
if (!existingUser) {
|
|
return { error: "User not found" };
|
|
}
|
|
|
|
// Verify current password
|
|
const isPasswordValid = await new Argon2id().verify(
|
|
existingUser.hashedPassword,
|
|
currentPassword
|
|
);
|
|
|
|
if (!isPasswordValid) {
|
|
return { error: "Current password is incorrect" };
|
|
}
|
|
|
|
// Hash new password
|
|
const hashedPassword = await new Argon2id().hash(newPassword);
|
|
|
|
// Update user's password
|
|
await lachesis.user.update({
|
|
where: {
|
|
id: user.id,
|
|
},
|
|
data: {
|
|
hashedPassword,
|
|
},
|
|
});
|
|
|
|
return { success: "Password updated successfully" };
|
|
} catch (error: any) {
|
|
return { error: "Failed to update password: " + error.message };
|
|
}
|
|
};
|