From 8185bb76f6048d065759c08fd63d0213a99056c8 Mon Sep 17 00:00:00 2001 From: Bradley Shellnut Date: Fri, 1 Mar 2024 17:17:13 -0800 Subject: [PATCH] Fixing update password and sign out redirect. --- package.json | 8 +- pnpm-lock.yaml | 101 ++++++------------ .../password/change/+page.server.ts | 61 +++++------ .../(protected)/password/change/+page.svelte | 10 ++ src/routes/(auth)/login/+page.server.ts | 9 +- 5 files changed, 77 insertions(+), 112 deletions(-) diff --git a/package.json b/package.json index 079b530..0af4669 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ }, "devDependencies": { "@melt-ui/pp": "^0.3.0", - "@melt-ui/svelte": "^0.74.3", + "@melt-ui/svelte": "^0.74.4", "@playwright/test": "^1.42.0", "@resvg/resvg-js": "^2.6.0", "@sveltejs/adapter-auto": "^3.1.1", @@ -38,7 +38,7 @@ "@types/pg": "^8.11.2", "@typescript-eslint/eslint-plugin": "^6.21.0", "@typescript-eslint/parser": "^6.21.0", - "autoprefixer": "^10.4.17", + "autoprefixer": "^10.4.18", "dotenv": "^16.4.5", "drizzle-kit": "^0.20.14", "eslint": "^8.57.0", @@ -93,7 +93,7 @@ "@sveltejs/adapter-vercel": "^5.1.0", "@types/feather-icons": "^4.29.4", "@vercel/og": "^0.5.20", - "bits-ui": "^0.18.4", + "bits-ui": "^0.18.6", "boardgamegeekclient": "^1.9.1", "class-variance-authority": "^0.7.0", "clsx": "^2.1.0", @@ -106,7 +106,7 @@ "just-kebab-case": "^4.2.0", "loader": "^2.1.1", "lucia": "3.0.1", - "lucide-svelte": "^0.343.0", + "lucide-svelte": "^0.344.0", "mysql2": "^3.9.2", "nanoid": "^5.0.6", "open-props": "^1.6.20", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c68b83e..77e962c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -48,8 +48,8 @@ dependencies: specifier: ^0.5.20 version: 0.5.20 bits-ui: - specifier: ^0.18.4 - version: 0.18.4(svelte@4.2.12) + specifier: ^0.18.6 + version: 0.18.6(svelte@4.2.12) boardgamegeekclient: specifier: ^1.9.1 version: 1.9.1 @@ -87,8 +87,8 @@ dependencies: specifier: 3.0.1 version: 3.0.1 lucide-svelte: - specifier: ^0.343.0 - version: 0.343.0(svelte@4.2.12) + specifier: ^0.344.0 + version: 0.344.0(svelte@4.2.12) mysql2: specifier: ^3.9.2 version: 3.9.2 @@ -132,10 +132,10 @@ dependencies: devDependencies: '@melt-ui/pp': specifier: ^0.3.0 - version: 0.3.0(@melt-ui/svelte@0.74.3)(svelte@4.2.12) + version: 0.3.0(@melt-ui/svelte@0.74.4)(svelte@4.2.12) '@melt-ui/svelte': - specifier: ^0.74.3 - version: 0.74.3(svelte@4.2.12) + specifier: ^0.74.4 + version: 0.74.4(svelte@4.2.12) '@playwright/test': specifier: ^1.42.0 version: 1.42.0 @@ -170,8 +170,8 @@ devDependencies: specifier: ^6.21.0 version: 6.21.0(eslint@8.57.0)(typescript@5.3.3) autoprefixer: - specifier: ^10.4.17 - version: 10.4.17(postcss@8.4.35) + specifier: ^10.4.18 + version: 10.4.18(postcss@8.4.35) dotenv: specifier: ^16.4.5 version: 16.4.5 @@ -1975,21 +1975,21 @@ packages: - supports-color dev: false - /@melt-ui/pp@0.3.0(@melt-ui/svelte@0.74.3)(svelte@4.2.12): + /@melt-ui/pp@0.3.0(@melt-ui/svelte@0.74.4)(svelte@4.2.12): resolution: {integrity: sha512-b07Bdh8l2KcwKVCXOY+SoBw1dk9eWvQfMSi6SoacpRVyVmmfpi0kV4oGt3HYF0tUCB3sEmVicxse50ZzZxEzEA==} engines: {pnpm: '>=8.6.3'} peerDependencies: '@melt-ui/svelte': '>= 0.29.0' svelte: ^3.55.0 || ^4.0.0 || ^5.0.0-next.1 dependencies: - '@melt-ui/svelte': 0.74.3(svelte@4.2.12) + '@melt-ui/svelte': 0.74.4(svelte@4.2.12) estree-walker: 3.0.3 magic-string: 0.30.5 svelte: 4.2.12 dev: true - /@melt-ui/svelte@0.74.2(svelte@4.2.12): - resolution: {integrity: sha512-bIfZakPK4h6mOeoeqFnpksUGxkGp5JO2xtfhv/eXjG2rTogsSeVZRPe8eTtE7HoCbokP1+mVM9LqWxipsYTjUA==} + /@melt-ui/svelte@0.74.4(svelte@4.2.12): + resolution: {integrity: sha512-EeDP3C1grK+bPTezJQXKid2k4RRGZakyHTghD/zg//fM6Gqe4JykVtV0Yih4QJs+yGTgJq/EaNQMQ6JkTnvHxg==} peerDependencies: svelte: '>=3 <5' dependencies: @@ -2000,21 +2000,6 @@ packages: focus-trap: 7.5.4 nanoid: 5.0.6 svelte: 4.2.12 - dev: false - - /@melt-ui/svelte@0.74.3(svelte@4.2.12): - resolution: {integrity: sha512-eA2Jz3Pf276BdxDumC24mDdpnFuiepfJQSkKWqRSGmSxut0HNVD/kcOAuWfJGDrUfAGPo+aOGJD70P3YIqALVQ==} - peerDependencies: - svelte: '>=3 <5' - dependencies: - '@floating-ui/core': 1.6.0 - '@floating-ui/dom': 1.6.3 - '@internationalized/date': 3.5.2 - dequal: 2.0.3 - focus-trap: 7.5.4 - nanoid: 5.0.6 - svelte: 4.2.12 - dev: true /@napi-rs/wasm-runtime@0.1.1: resolution: {integrity: sha512-ATj9ua659JgrkICjJscaeZdmPr44cb/KFjNWuD0N6pux0SpzaM7+iOuuK11mAnQM2N9q0DT4REu6NkL8ZEhopw==} @@ -3197,8 +3182,8 @@ packages: resolution: {integrity: sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==} dev: true - /@sinclair/typebox@0.32.14: - resolution: {integrity: sha512-EC77Mw8huT2z9YlYbWfpIQgN6shZE1tH4NP4/Trig8UBel9FZNMZRJ42ubJI8PLor2uIU+waLml1dce5ReCOPg==} + /@sinclair/typebox@0.32.15: + resolution: {integrity: sha512-5Lrwo7VOiWEBJBhHmqNmf3TPB9ll8gcEshvYJyAIJyCZ2PF48MFOtiDHJNj8+FsNcqImaQYmxVkKBCBlyAa/wg==} requiresBuild: true optional: true @@ -3743,15 +3728,15 @@ packages: resolution: {integrity: sha512-tLRNUXati5MFePdAk8dw7Qt7DpxPB60ofAgn8WRhW6a2rcimZnYBP9oxHiv0OHy+Wz7kPMG+t4LGdt31+4EmGg==} dev: false - /autoprefixer@10.4.17(postcss@8.4.35): - resolution: {integrity: sha512-/cpVNRLSfhOtcGflT13P2794gVSgmPgTR+erw5ifnMLZb0UnSlkK4tquLmkd3BhA+nLo5tX8Cu0upUsGKvKbmg==} + /autoprefixer@10.4.18(postcss@8.4.35): + resolution: {integrity: sha512-1DKbDfsr6KUElM6wg+0zRNkB/Q7WcKYAaK+pzXn+Xqmszm/5Xa9coeNdtP88Vi+dPzZnMjhge8GIV49ZQkDa+g==} engines: {node: ^10 || ^12 || >=14} hasBin: true peerDependencies: postcss: ^8.1.0 dependencies: - browserslist: 4.22.2 - caniuse-lite: 1.0.30001579 + browserslist: 4.23.0 + caniuse-lite: 1.0.30001591 fraction.js: 4.3.7 normalize-range: 0.1.2 picocolors: 1.0.0 @@ -3786,13 +3771,13 @@ packages: file-uri-to-path: 1.0.0 dev: false - /bits-ui@0.18.4(svelte@4.2.12): - resolution: {integrity: sha512-Xw0DdjT21rJ1ICTy3CHXAKy6is3phXRqjpNwRZldC3A316thRCJn+viEtTifgh4kI+qCm5VutzBqsrimFd+CSA==} + /bits-ui@0.18.6(svelte@4.2.12): + resolution: {integrity: sha512-UbBFuyG7qEM+VA1rA/7GRy94rXRFCW+B1LfK7uiBd6fZiPZtPmPPW1RjTblGaJjCW2E6e/ruxbuKjxW2oXDP7g==} peerDependencies: svelte: ^4.0.0 dependencies: '@internationalized/date': 3.5.2 - '@melt-ui/svelte': 0.74.2(svelte@4.2.12) + '@melt-ui/svelte': 0.74.4(svelte@4.2.12) nanoid: 5.0.6 svelte: 4.2.12 dev: false @@ -3825,17 +3810,6 @@ packages: dependencies: fill-range: 7.0.1 - /browserslist@4.22.2: - resolution: {integrity: sha512-0UgcrvQmBDvZHFGdYUehrCNIazki7/lUP3kkoi/r3YB2amZbFM9J43ZRkJTXBUZK4gmx56+Sqk9+Vs9mwZx9+A==} - engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7} - hasBin: true - dependencies: - caniuse-lite: 1.0.30001579 - electron-to-chromium: 1.4.638 - node-releases: 2.0.14 - update-browserslist-db: 1.0.13(browserslist@4.22.2) - dev: true - /browserslist@4.23.0: resolution: {integrity: sha512-QW8HiM1shhT2GuzkvklfjcKDiWFXHOeFCIA/huJPwHsslwcydgk7X+z2zXpEijP98UCY7HbubZt5J2Zgvf0CaQ==} engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7} @@ -3894,14 +3868,14 @@ packages: /camelize@1.0.1: resolution: {integrity: sha512-dU+Tx2fsypxTgtLoE36npi3UqcjSSMNYfkqgmoEhtZrraP5VWq0K7FkWVTYa8eMPtnU/G2txVsfdCJTn9uzpuQ==} - /caniuse-lite@1.0.30001579: - resolution: {integrity: sha512-u5AUVkixruKHJjw/pj9wISlcMpgFWzSrczLZbrqBSxukQixmg0SJ5sZTpvaFvxU0HoQKd4yoyAogyrAz9pzJnA==} - dev: true - /caniuse-lite@1.0.30001588: resolution: {integrity: sha512-+hVY9jE44uKLkH0SrUTqxjxqNTOWHsbnQDIKjwkZ3lNTzUUVdBLBGXtj/q5Mp5u98r3droaZAewQuEDzjQdZlQ==} dev: true + /caniuse-lite@1.0.30001591: + resolution: {integrity: sha512-PCzRMei/vXjJyL5mJtzNiUCKP59dm8Apqc3PH8gJkMnMXZGox93RbE76jHsmLwmIo6/3nsYIpJtx0O7u5PqFuQ==} + dev: true + /chai@4.4.1: resolution: {integrity: sha512-13sOfMv2+DWduEU+/xbun3LScLoqN17nBeTLUsmDfKdoiC1fr0n9PU4guu4AhRcOVFk/sW8LyZWHuhWtQZiF+g==} engines: {node: '>=4'} @@ -4374,10 +4348,6 @@ packages: postgres: 3.4.3 dev: false - /electron-to-chromium@1.4.638: - resolution: {integrity: sha512-gpmbAG2LbfPKcDaL5m9IKutKjUx4ZRkvGNkgL/8nKqxkXsBVYykVULboWlqCrHsh3razucgDJDuKoWJmGPdItA==} - dev: true - /electron-to-chromium@1.4.677: resolution: {integrity: sha512-erDa3CaDzwJOpyvfKhOiJjBVNnMM0qxHq47RheVVwsSQrgBA9ZSGV9kdaOfZDPXcHzhG7lBxhj6A7KvfLJBd6Q==} dev: true @@ -5494,8 +5464,8 @@ packages: oslo: 1.0.1 dev: false - /lucide-svelte@0.343.0(svelte@4.2.12): - resolution: {integrity: sha512-TkNQBnKU2+4gJFKZJtYmYt+uSIzqwCJf3x/MemMJyv/1WGW+1sej2aYuxoiIwqy5+0txw+OcGeNJF5sbHd6nxA==} + /lucide-svelte@0.344.0(svelte@4.2.12): + resolution: {integrity: sha512-OB/iazftjl2w+vpH7WJqbhHONoMqUT6aaeYvu1BQSgvc7+CKXByu4xvbI7RMOJykaiF/u3LAhyd2ucYBj+rEZQ==} peerDependencies: svelte: ^3 || ^4 || ^5.0.0-next.42 dependencies: @@ -6448,7 +6418,7 @@ packages: '@csstools/postcss-text-decoration-shorthand': 3.0.4(postcss@8.4.35) '@csstools/postcss-trigonometric-functions': 3.0.5(postcss@8.4.35) '@csstools/postcss-unset-value': 3.0.1(postcss@8.4.35) - autoprefixer: 10.4.17(postcss@8.4.35) + autoprefixer: 10.4.18(postcss@8.4.35) browserslist: 4.23.0 css-blank-pseudo: 6.0.1(postcss@8.4.35) css-has-pseudo: 6.0.2(postcss@8.4.35) @@ -7308,7 +7278,7 @@ packages: ts-deepmerge: 7.0.0 optionalDependencies: '@gcornut/valibot-json-schema': 0.0.22(@types/json-schema@7.0.15)(esbuild-runner@2.2.2)(esbuild@0.20.1)(valibot@0.28.1) - '@sinclair/typebox': 0.32.14 + '@sinclair/typebox': 0.32.15 '@sodaru/yup-to-json-schema': 2.0.1 '@vinejs/vine': 1.7.1 arktype: 1.0.29-alpha @@ -7605,17 +7575,6 @@ packages: webpack-virtual-modules: 0.5.0 dev: false - /update-browserslist-db@1.0.13(browserslist@4.22.2): - resolution: {integrity: sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==} - hasBin: true - peerDependencies: - browserslist: '>= 4.21.0' - dependencies: - browserslist: 4.22.2 - escalade: 3.1.1 - picocolors: 1.0.0 - dev: true - /update-browserslist-db@1.0.13(browserslist@4.23.0): resolution: {integrity: sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==} hasBin: true diff --git a/src/routes/(app)/(protected)/password/change/+page.server.ts b/src/routes/(app)/(protected)/password/change/+page.server.ts index 34fb670..f6df6e7 100644 --- a/src/routes/(app)/(protected)/password/change/+page.server.ts +++ b/src/routes/(app)/(protected)/password/change/+page.server.ts @@ -10,6 +10,7 @@ import { lucia } from '$lib/server/auth.js'; import type { PageServerLoad } from "./$types"; import { users } from "../../../../../schema"; import { notSignedInMessage } from "$lib/flashMessages"; +import type { Cookie } from "lucia"; export const load: PageServerLoad = async (event) => { const form = await superValidate(event, zod(changeUserPasswordSchema)); @@ -44,6 +45,10 @@ export const actions: Actions = { redirect(302, '/login', notSignedInMessage, event); } + if (!event.locals.session) { + return fail(401); + } + const user = event.locals.user; const dbUser = await db.query.users.findFirst({ @@ -65,9 +70,9 @@ export const actions: Actions = { if (!currentPasswordVerified) { return setError(form, 'current_password', 'Your password is incorrect'); } - - try { - if (user?.username) { + if (user?.username) { + let sessionCookie: Cookie; + try { if (form.data.password !== form.data.confirm_password) { return setError(form, 'Password and confirm password do not match'); } @@ -79,37 +84,29 @@ export const actions: Actions = { const session = await lucia.createSession(user.id, { country: event.locals.session?.ip, }); - const sessionCookie = lucia.createSessionCookie(session.id); - redirect({ - status: 302, - location: '/login', - message: { - type: 'success', - text: 'Password changed successfully' - }, - event: sessionCookie.serialize() - }); - // return new Response(null, { - // status: 302, - // headers: { - // Location: '/login', - // 'Set-Cookie': sessionCookie.serialize() - // } - // }); - } else { - return setError( - form, - 'Error occurred. Please try again or contact support if you need further help.' - ); + sessionCookie = lucia.createBlankSessionCookie(); + } catch (e) { + console.error(e); + form.data.password = ''; + form.data.confirm_password = ''; + form.data.current_password = ''; + return setError(form, 'current_password', 'Your password is incorrect.'); } - } catch (e) { - console.error(e); - form.data.password = ''; - form.data.confirm_password = ''; - form.data.current_password = ''; - return setError(form, 'current_password', 'Your password is incorrect.'); - } + event.cookies.set(sessionCookie.name, sessionCookie.value, { + path: ".", + ...sessionCookie.attributes + }); + const message = { + type: 'success', + message: 'Password Updated. Please sign in.' + } as const; + redirect(302, '/login', message, event); + } + return setError( + form, + 'Error occurred. Please try again or contact support if you need further help.' + ); // TODO: Add toast instead? // form.data.password = ''; // form.data.confirm_password = ''; diff --git a/src/routes/(app)/(protected)/password/change/+page.svelte b/src/routes/(app)/(protected)/password/change/+page.svelte index 51de1f0..c55acbe 100644 --- a/src/routes/(app)/(protected)/password/change/+page.svelte +++ b/src/routes/(app)/(protected)/password/change/+page.svelte @@ -2,10 +2,12 @@ import { zodClient } from 'sveltekit-superforms/adapters'; import { superForm } from 'sveltekit-superforms/client'; import * as flashModule from 'sveltekit-flash-message/client'; + import * as Alert from "$lib/components/ui/alert"; import { changeUserPasswordSchema } from '$lib/validations/account'; import { Label } from '$components/ui/label'; import { Input } from '$components/ui/input'; import { Button } from '$components/ui/button'; + import { AlertTriangle } from 'lucide-svelte'; export let data; const { form, errors, enhance, delayed, message } = superForm(data.form, { @@ -17,6 +19,7 @@ flashMessage: { module: flashModule, onError: ({ result }) => { + console.log('result', result); const errorMessage = result.error.message message.set({ type: 'error', message: errorMessage }); } @@ -28,6 +31,13 @@

Change Password

+ + + Heads up! + + Changing your password will log you out of all devices. + + {#if $message}