feat: Password update functionality
This commit is contained in:
parent
b0fc2f7c18
commit
885ff0fcd3
GPG Key ID:
4508A15C4DB91C5B
@ -32,7 +32,8 @@ export const loginSchema = z.object({
|
||||
password: z.string().nonempty('Password must not be empty.'),
|
||||
});
|
||||
|
||||
export const changePasswordSchema = z.object({
|
||||
export const changePasswordSchema = z
|
||||
.object({
|
||||
currentPassword: z.string().nonempty('Password must not be empty.'),
|
||||
newPassword: z
|
||||
.string()
|
||||
@ -41,6 +42,10 @@ export const changePasswordSchema = z.object({
|
||||
.regex(/(?=.*[a-z])/gm, 'New password must contain at lowercase letter.')
|
||||
.regex(/(?=.*\d)/gm, 'New password must contain at least one number.')
|
||||
.regex(/(?=.*\W)/gm, 'New password must contain at least one special character'),
|
||||
})
|
||||
.refine((schema) => schema.currentPassword !== schema.newPassword, {
|
||||
message: 'New password cannot be the same as old password.',
|
||||
path: ['newPassword'],
|
||||
});
|
||||
|
||||
export const changeUsernameSchema = z.object({
|
||||
|
||||
@ -1,9 +1,10 @@
|
||||
import { redirect } from '@sveltejs/kit';
|
||||
import type { Actions } from '@sveltejs/kit';
|
||||
import { fail, message, superValidate } from 'sveltekit-superforms';
|
||||
import { fail, message, setError, superValidate } from 'sveltekit-superforms';
|
||||
import { zod } from 'sveltekit-superforms/adapters';
|
||||
import { auth } from '$lib/server/db/auth';
|
||||
import { changeUsernameSchema, changePasswordSchema } from '$lib/types/schema.js';
|
||||
import type { APIError } from 'better-auth/api';
|
||||
|
||||
export async function load({ request }) {
|
||||
const session = await auth.api.getSession({
|
||||
@ -24,10 +25,28 @@ export const actions = {
|
||||
updatePassword: async ({ request }) => {
|
||||
const newpassForm = await superValidate(request, zod(changePasswordSchema));
|
||||
|
||||
try {
|
||||
if (!newpassForm.valid) {
|
||||
return fail(400, { newpassForm });
|
||||
}
|
||||
|
||||
await auth.api.changePassword({
|
||||
headers: request.headers,
|
||||
body: {
|
||||
newPassword: newpassForm.data.newPassword,
|
||||
currentPassword: newpassForm.data.currentPassword,
|
||||
revokeOtherSessions: false,
|
||||
},
|
||||
});
|
||||
} catch (e) {
|
||||
const errorMessage = (e as APIError).body.message as string;
|
||||
if ((e as APIError).body.code === 'INVALID_PASSWORD') {
|
||||
return setError(newpassForm, 'currentPassword', errorMessage.charAt(0).toUpperCase() + errorMessage.slice(1));
|
||||
} else {
|
||||
return setError(newpassForm, 'newPassword', errorMessage.charAt(0).toUpperCase() + errorMessage.slice(1));
|
||||
}
|
||||
}
|
||||
|
||||
return message(newpassForm, 'Password updated.');
|
||||
},
|
||||
updateUsername: async ({ request }) => {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user