@proofkit/cli
Version:
Create web application with the ProofKit stack
51 lines (46 loc) • 1.89 kB
text/typescript
"use server";
import { actionClient } from "@/server/safe-action";
import { resetPasswordSchema } from "./schema";
import {
deletePasswordResetSessionTokenCookie,
invalidateUserPasswordResetSessions,
} from "@/server/auth/utils/password-reset";
import { validatePasswordResetSessionRequest } from "@/server/auth/utils/password-reset";
import { createSession } from "@/server/auth/utils/session";
import { generateSessionToken } from "@/server/auth/utils/session";
import { setSessionTokenCookie } from "@/server/auth/utils/session";
import { verifyPasswordStrength } from "@/server/auth/utils/password";
import { invalidateUserSessions } from "@/server/auth/utils/session";
import { updateUserPassword } from "@/server/auth/utils/user";
import { redirect } from "next/navigation";
export const resetPasswordAction = actionClient
.schema(resetPasswordSchema)
.action(async ({ parsedInput }) => {
const { password } = parsedInput;
const { session: passwordResetSession, user } =
await validatePasswordResetSessionRequest();
if (passwordResetSession === null) {
return {
error: "Not authenticated",
};
}
if (!passwordResetSession.email_verified) {
return {
error: "Forbidden",
};
}
const strongPassword = await verifyPasswordStrength(password);
if (!strongPassword) {
return {
error: "Weak password",
};
}
await invalidateUserPasswordResetSessions(passwordResetSession.id_user);
await invalidateUserSessions(passwordResetSession.id_user);
await updateUserPassword(passwordResetSession.id_user, password);
const sessionToken = generateSessionToken();
const session = await createSession(sessionToken, user.id);
await setSessionTokenCookie(sessionToken, session.expiresAt);
await deletePasswordResetSessionTokenCookie();
return redirect("/");
});