From 534918d81d891c32c01b0e59fff05638df9c3dee Mon Sep 17 00:00:00 2001
From: schererleander <leander@schererleander.de>
Date: Fri, 26 Dec 2025 14:57:34 +0100
Subject: refactor(api): simplify password update logic

---
 src/app/api/user/password/route.ts | 53 +++++++-------------------------------
 1 file changed, 9 insertions(+), 44 deletions(-)

(limited to 'src/app/api/user')

diff --git a/src/app/api/user/password/route.ts b/src/app/api/user/password/route.ts
index 9972fb5..956ef53 100644
--- a/src/app/api/user/password/route.ts
+++ b/src/app/api/user/password/route.ts
@@ -9,68 +9,33 @@ import { updatePasswordSchema } from "@/lib/validation"
 export async function PATCH(request: NextRequest) {
   try {
     const session = await getServerSession(authOptions)
-    
-    if (!session?.user?.id) {
-      return NextResponse.json(
-        { error: "Unauthorized" },
-        { status: 401 }
-      )
-    }
+    if (!session?.user?.id) return NextResponse.json({ error: "Unauthorized" }, { status: 401 })
 
     const body = await request.json()
-    
     const result = updatePasswordSchema.safeParse(body)
     
     if (!result.success) {
-      return NextResponse.json(
-        { error: "Validation failed", details: result.error.errors },
-        { status: 400 }
-      )
+      return NextResponse.json({ error: "Validation failed", details: result.error.errors }, { status: 400 })
     }
 
     const { currentPassword, newPassword } = result.data
-
     await dbConnect()
 
-    // Get user with current password
     const user = await User.findById(session.user.id)
-    
-    if (!user) {
-      return NextResponse.json(
-        { error: "User not found" },
-        { status: 404 }
-      )
-    }
+    if (!user) return NextResponse.json({ error: "User not found" }, { status: 404 })
 
-    // Verify current password
     const isCurrentPasswordValid = await bcrypt.compare(currentPassword, user.password)
-    
     if (!isCurrentPasswordValid) {
-      return NextResponse.json(
-        { error: "Current password is incorrect" },
-        { status: 400 }
-      )
+      return NextResponse.json({ error: "Current password is incorrect" }, { status: 400 })
     }
 
-    // Hash new password
     const hashedNewPassword = await bcrypt.hash(newPassword, 12)
+    
+    await User.findByIdAndUpdate(session.user.id, { password: hashedNewPassword })
 
-    // Update password
-    await User.findByIdAndUpdate(
-      session.user.id,
-      { password: hashedNewPassword }
-    )
-
-    return NextResponse.json({
-      message: "Password updated successfully"
-    })
-
+    return NextResponse.json({ message: "Password updated successfully" })
   } catch (error) {
     console.error("Password update error:", error)
-    
-    return NextResponse.json(
-      { error: "Internal server error" },
-      { status: 500 }
-    )
+    return NextResponse.json({ error: "Internal server error" }, { status: 500 })
   }
-} 
\ No newline at end of file
+}
-- 
cgit v1.3.1