BradNut/AdelieStack
1
0
Fork 0
mirror of https://github.com/BradNut/AdelieStack synced 2025-09-08 17:40:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixing the status check cases for changing password from account settings.

Browse source
This commit is contained in:
Bradley Shellnut 2025-01-06 22:28:29 -08:00
parent 1319a74967
commit da0df78c05
3 changed files with 26 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/lib/dtos/settings/password/change-password.dto.ts
View file

@ -1,4 +1,3 @@
import { refinePasswords } from '$lib/validations/account';
import { z } from 'zod'; import { z } from 'zod';
export const changePasswordDto = z.object({ export const changePasswordDto = z.object({

3
src/lib/server/api/users/users.controller.ts
View file

@ -48,12 +48,15 @@ export class UsersController extends Controller {
}) })
.put('/me/password', authState('session'), zValidator('json', changePasswordDto), rateLimit({ limit: 5, minutes: 15 }), async (c) => { .put('/me/password', authState('session'), zValidator('json', changePasswordDto), rateLimit({ limit: 5, minutes: 15 }), async (c) => {
const { current_password, new_password, confirm_password } = c.req.valid('json'); const { current_password, new_password, confirm_password } = c.req.valid('json');
c.var.logger.debug(`Update password: ${current_password} ${new_password} ${confirm_password}`);
if (new_password !== confirm_password) { if (new_password !== confirm_password) {
c.var.logger.error(`Password mismatch: ${new_password} !== ${confirm_password}`);
return c.json({ error: 'Passwords do not match' }, StatusCodes.UNPROCESSABLE_ENTITY); return c.json({ error: 'Passwords do not match' }, StatusCodes.UNPROCESSABLE_ENTITY);
} }
try { try {
const correctPassword = await this.usersService.verifyPassword(c.var.session.userId, { password: current_password }); const correctPassword = await this.usersService.verifyPassword(c.var.session.userId, { password: current_password });
if (!correctPassword) { if (!correctPassword) {
c.var.logger.error('Incorrect password');
return c.json({ error: 'Unable to update password' }, StatusCodes.UNAUTHORIZED); return c.json({ error: 'Unable to update password' }, StatusCodes.UNAUTHORIZED);
} }
await this.usersService.updatePassword(c.var.session.userId, new_password); await this.usersService.updatePassword(c.var.session.userId, new_password);

36
src/routes/(app)/(protected)/settings/account/+page.server.ts
View file

@ -1,11 +1,11 @@
import { zod } from 'sveltekit-superforms/adapters';
import { fail, setError, superValidate } from 'sveltekit-superforms';
import { StatusCodes } from '@/constants/status-codes.js';
import { updateEmailDto } from '$lib/dtos/settings/email/update-email.dto.js'; import { updateEmailDto } from '$lib/dtos/settings/email/update-email.dto.js';
import { verifyEmailDto } from '$lib/dtos/settings/email/verify-email.dto.js'; import { verifyEmailDto } from '$lib/dtos/settings/email/verify-email.dto.js';
import { redirect } from 'sveltekit-flash-message/server';
import { notSignedInMessage } from '$lib/utils/flashMessages.js';
import { changePasswordDto } from '$lib/dtos/settings/password/change-password.dto'; import { changePasswordDto } from '$lib/dtos/settings/password/change-password.dto';
import { notSignedInMessage } from '$lib/utils/flashMessages.js';
import { StatusCodes } from '@/constants/status-codes.js';
import { redirect } from 'sveltekit-flash-message/server';
import { fail, setError, superValidate } from 'sveltekit-superforms';
import { zod } from 'sveltekit-superforms/adapters';
export const load = async (event) => { export const load = async (event) => {
const { parent } = event; const { parent } = event;
@ -52,19 +52,27 @@ export const actions = {
return fail(StatusCodes.BAD_REQUEST, { changePasswordForm }); return fail(StatusCodes.BAD_REQUEST, { changePasswordForm });
} }
const { error } = await locals.api.users.me.password.$put({ json: changePasswordForm.data }).then(locals.parseApiResponse); const data = await locals.api.users.me.password.$put({ json: changePasswordForm.data }).then(locals.parseApiResponse);
const { error, response } = data;
const { status }: { status: StatusCodes } = response;
console.log('data', data);
console.log('error', error); console.log('error', error);
if (error) { if (error) {
if (error.status === StatusCodes.UNPROCESSABLE_ENTITY) { console.log('status', status);
console.log(StatusCodes.UNPROCESSABLE_ENTITY === status);
console.log(StatusCodes.BAD_REQUEST === status);
console.log(StatusCodes.UNAUTHORIZED === status);
if (status === StatusCodes.UNPROCESSABLE_ENTITY) {
return setError(changePasswordForm, 'confirm_password', 'Confirm password does not match'); return setError(changePasswordForm, 'confirm_password', 'Confirm password does not match');
} else if (error.status === StatusCodes.BAD_REQUEST) { } else if (status === StatusCodes.BAD_REQUEST) {
return setError(changePasswordForm, 'password', error.message); return setError(changePasswordForm, 'current_password', 'Current password is incorrect');
} else if (error.status === StatusCodes.FORBIDDEN) { } else if (status === StatusCodes.UNAUTHORIZED) {
return setError(changePasswordForm, 'password', error.message); return setError(changePasswordForm, 'current_password', 'Current password is incorrect');
} else { } else if (status === StatusCodes.TOO_MANY_REQUESTS) {
console.log('error', error); return setError(changePasswordForm, 'current_password', 'You have tried to change your password too many times. Please try again later.');
return setError(changePasswordForm, 'password', error);
} }
console.log('error', error);
return setError(changePasswordForm, 'current_password', error);
} }
return { changePasswordForm }; return { changePasswordForm };
}, },