aboutsummaryrefslogtreecommitdiff
path: root/src/app
diff options
context:
space:
mode:
Diffstat (limited to 'src/app')
-rw-r--r--src/app/api/user/password/route.ts53
1 files changed, 9 insertions, 44 deletions
diff --git a/src/app/api/user/password/route.ts b/src/app/api/user/password/route.ts
index 9972fb5..956ef53 100644
--- a/src/app/api/user/password/route.ts
+++ b/src/app/api/user/password/route.ts
@@ -9,68 +9,33 @@ import { updatePasswordSchema } from "@/lib/validation"
export async function PATCH(request: NextRequest) {
try {
const session = await getServerSession(authOptions)
-
- if (!session?.user?.id) {
- return NextResponse.json(
- { error: "Unauthorized" },
- { status: 401 }
- )
- }
+ if (!session?.user?.id) return NextResponse.json({ error: "Unauthorized" }, { status: 401 })
const body = await request.json()
-
const result = updatePasswordSchema.safeParse(body)
if (!result.success) {
- return NextResponse.json(
- { error: "Validation failed", details: result.error.errors },
- { status: 400 }
- )
+ return NextResponse.json({ error: "Validation failed", details: result.error.errors }, { status: 400 })
}
const { currentPassword, newPassword } = result.data
-
await dbConnect()
- // Get user with current password
const user = await User.findById(session.user.id)
-
- if (!user) {
- return NextResponse.json(
- { error: "User not found" },
- { status: 404 }
- )
- }
+ if (!user) return NextResponse.json({ error: "User not found" }, { status: 404 })
- // Verify current password
const isCurrentPasswordValid = await bcrypt.compare(currentPassword, user.password)
-
if (!isCurrentPasswordValid) {
- return NextResponse.json(
- { error: "Current password is incorrect" },
- { status: 400 }
- )
+ return NextResponse.json({ error: "Current password is incorrect" }, { status: 400 })
}
- // Hash new password
const hashedNewPassword = await bcrypt.hash(newPassword, 12)
+
+ await User.findByIdAndUpdate(session.user.id, { password: hashedNewPassword })
- // Update password
- await User.findByIdAndUpdate(
- session.user.id,
- { password: hashedNewPassword }
- )
-
- return NextResponse.json({
- message: "Password updated successfully"
- })
-
+ return NextResponse.json({ message: "Password updated successfully" })
} catch (error) {
console.error("Password update error:", error)
-
- return NextResponse.json(
- { error: "Internal server error" },
- { status: 500 }
- )
+ return NextResponse.json({ error: "Internal server error" }, { status: 500 })
}
-} \ No newline at end of file
+}
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-30 18:01:54 +0000