diff options
| author | schererleander <leander@schererleander.de> | 2025-12-26 14:57:34 +0100 |
|---|---|---|
| committer | schererleander <leander@schererleander.de> | 2025-12-26 14:57:34 +0100 |
| commit | 534918d81d891c32c01b0e59fff05638df9c3dee (patch) | |
| tree | b100d103e0b2408d9a4e70a1c85ea75f4567a37a /src/app | |
| parent | 15831f7e9bbc783d72357258e0edaa9d8317c0f1 (diff) | |
refactor(api): simplify password update logic
Diffstat (limited to 'src/app')
| -rw-r--r-- | src/app/api/user/password/route.ts | 53 |
1 files changed, 9 insertions, 44 deletions
diff --git a/src/app/api/user/password/route.ts b/src/app/api/user/password/route.ts index 9972fb5..956ef53 100644 --- a/src/app/api/user/password/route.ts +++ b/src/app/api/user/password/route.ts @@ -9,68 +9,33 @@ import { updatePasswordSchema } from "@/lib/validation" export async function PATCH(request: NextRequest) { try { const session = await getServerSession(authOptions) - - if (!session?.user?.id) { - return NextResponse.json( - { error: "Unauthorized" }, - { status: 401 } - ) - } + if (!session?.user?.id) return NextResponse.json({ error: "Unauthorized" }, { status: 401 }) const body = await request.json() - const result = updatePasswordSchema.safeParse(body) if (!result.success) { - return NextResponse.json( - { error: "Validation failed", details: result.error.errors }, - { status: 400 } - ) + return NextResponse.json({ error: "Validation failed", details: result.error.errors }, { status: 400 }) } const { currentPassword, newPassword } = result.data - await dbConnect() - // Get user with current password const user = await User.findById(session.user.id) - - if (!user) { - return NextResponse.json( - { error: "User not found" }, - { status: 404 } - ) - } + if (!user) return NextResponse.json({ error: "User not found" }, { status: 404 }) - // Verify current password const isCurrentPasswordValid = await bcrypt.compare(currentPassword, user.password) - if (!isCurrentPasswordValid) { - return NextResponse.json( - { error: "Current password is incorrect" }, - { status: 400 } - ) + return NextResponse.json({ error: "Current password is incorrect" }, { status: 400 }) } - // Hash new password const hashedNewPassword = await bcrypt.hash(newPassword, 12) + + await User.findByIdAndUpdate(session.user.id, { password: hashedNewPassword }) - // Update password - await User.findByIdAndUpdate( - session.user.id, - { password: hashedNewPassword } - ) - - return NextResponse.json({ - message: "Password updated successfully" - }) - + return NextResponse.json({ message: "Password updated successfully" }) } catch (error) { console.error("Password update error:", error) - - return NextResponse.json( - { error: "Internal server error" }, - { status: 500 } - ) + return NextResponse.json({ error: "Internal server error" }, { status: 500 }) } -}
\ No newline at end of file +} |