finished reset password & other changes

actions/new-password.ts

@@ -0,0 +1,66 @@
+'use server'
+
+import { NewPasswordSchema } from '@/schemas'
+import { infer as zInfer } from 'zod'
+import bcrypt from 'bcryptjs'
+import { PASSWORD_SALT_LENGTH } from '@/config/validation'
+
+import { getPasswordResetTokenByToken } from '@/data/password-reset-token'
+import { getUserByEmail } from '@/data/user'
+import db from '@/lib/db'
+
+export const newPassword = async (values: zInfer<typeof NewPasswordSchema>, token?: string | null) => {
+  if (!token) {
+    return { error: 'auth.form.error.missing_token' }
+  }
+
+  const validatedFields = NewPasswordSchema.safeParse(values)
+
+  if (!validatedFields.success) {
+    return { error: 'auth.form.error.invalid_fields' }
+  }
+
+  const existingToken = await getPasswordResetTokenByToken(token)
+
+  if (!existingToken) {
+    return { error: 'auth.form.error.invalid_token' }
+  }
+
+  const hasExpired = new Date(existingToken.expires) < new Date()
+
+  if (hasExpired) {
+    return { error: 'auth.form.error.expired_token' }
+  }
+
+  const existingUser = await getUserByEmail(existingToken.email)
+
+  if (!existingUser) {
+    return { error: 'auth.form.error.invalid_email' }
+  }
+
+  const { password } = validatedFields.data
+  const hashedPassword = await bcrypt.hash(password, PASSWORD_SALT_LENGTH)
+
+  try {
+    await db.user.update({
+      where: { id: existingUser.id },
+      data: { password: hashedPassword },
+    })
+  } catch (err) {
+    console.error(err)
+    return { error: 'db.error.update.user_password' }
+  }
+
+  try {
+    await db.passwordResetToken.delete({
+      where: { id: existingToken.id },
+    })
+
+    return { success: 'db.success.update.password_updated' }
+  } catch (err) {
+    //TODO: Implement logging
+    console.error(err)
+  }
+
+  return { error: 'db.error.common.something_wrong' }
+}