Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-13 08:13:56 +10:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #330 from documenso/feat/profile-password-form

Browse Source 
feat: avoid user from updating password with the same password
This commit is contained in:
Lucas Smith
2023-08-30 14:32:21 +10:00
committed by GitHub
parent fead48c2f0 d71e43c5d6
commit 83a83164d4
3 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apps/web/src/components/forms/password.tsx
View File

@ -39,6 +39,7 @@ export const PasswordForm = ({ className }: PasswordFormProps) => {
const { const {
register, register,
handleSubmit, handleSubmit,
reset,
formState: { errors, isSubmitting }, formState: { errors, isSubmitting },
} = useForm<TPasswordFormSchema>({ } = useForm<TPasswordFormSchema>({
values: { values: {
@ -56,6 +57,8 @@ export const PasswordForm = ({ className }: PasswordFormProps) => {
password, password,
}); });
reset();
toast({ toast({
title: 'Password updated', title: 'Password updated',
description: 'Your password has been updated successfully.', description: 'Your password has been updated successfully.',
@ -73,7 +76,7 @@ export const PasswordForm = ({ className }: PasswordFormProps) => {
title: 'An unknown error occurred', title: 'An unknown error occurred',
variant: 'destructive', variant: 'destructive',
description: description:
'We encountered an unknown error while attempting to sign you In. Please try again later.', 'We encountered an unknown error while attempting to update your password. Please try again later.',
}); });
} }
} }

11
packages/lib/server-only/user/update-password.ts
View File

@ -1,4 +1,4 @@
import { hash } from 'bcrypt'; import { compare, hash } from 'bcrypt';
import { prisma } from '@documenso/prisma'; import { prisma } from '@documenso/prisma';
@ -11,7 +11,7 @@ export type UpdatePasswordOptions = {
export const updatePassword = async ({ userId, password }: UpdatePasswordOptions) => { export const updatePassword = async ({ userId, password }: UpdatePasswordOptions) => {
// Existence check // Existence check
await prisma.user.findFirstOrThrow({ const user = await prisma.user.findFirstOrThrow({
where: { where: {
id: userId, id: userId,
}, },
@ -19,6 +19,13 @@ export const updatePassword = async ({ userId, password }: UpdatePasswordOptions
const hashedPassword = await hash(password, SALT_ROUNDS); const hashedPassword = await hash(password, SALT_ROUNDS);
// Compare the new password with the old password
const isSamePassword = await compare(password, user.password as string);
if (isSamePassword) {
throw new Error('Your new password cannot be the same as your old password.');
}
const updatedUser = await prisma.user.update({ const updatedUser = await prisma.user.update({
where: { where: {
id: userId, id: userId,

10
packages/trpc/server/profile-router/router.ts
View File

@ -40,12 +40,16 @@ export const profileRouter = router({
password, password,
}); });
} catch (err) { } catch (err) {
console.error(err); let message =
'We were unable to update your profile. Please review the information you provided and try again.';
if (err instanceof Error) {
message = err.message;
}
throw new TRPCError({ throw new TRPCError({
code: 'BAD_REQUEST', code: 'BAD_REQUEST',
message: message,
'We were unable to update your profile. Please review the information you provided and try again.',
}); });
} }
}), }),