92 lines
2.4 KiB
TypeScript
92 lines
2.4 KiB
TypeScript
import { IdentityProvider } from "@prisma/client";
|
|
import { z } from "zod";
|
|
|
|
import { hashPassword, validPassword, verifyPassword } from "@calcom/lib/auth";
|
|
import prisma from "@calcom/prisma";
|
|
|
|
import { TRPCError } from "@trpc/server";
|
|
|
|
import { router, authedProcedure } from "../../trpc";
|
|
|
|
export const authRouter = router({
|
|
changePassword: authedProcedure
|
|
.input(
|
|
z.object({
|
|
oldPassword: z.string(),
|
|
newPassword: z.string(),
|
|
})
|
|
)
|
|
.mutation(async ({ input, ctx }) => {
|
|
const { oldPassword, newPassword } = input;
|
|
|
|
const { user } = ctx;
|
|
|
|
if (user.identityProvider !== IdentityProvider.CAL) {
|
|
throw new TRPCError({ code: "FORBIDDEN", message: "THIRD_PARTY_IDENTITY_PROVIDER_ENABLED" });
|
|
}
|
|
|
|
const currentPasswordQuery = await prisma.user.findFirst({
|
|
where: {
|
|
id: user.id,
|
|
},
|
|
select: {
|
|
password: true,
|
|
},
|
|
});
|
|
|
|
const currentPassword = currentPasswordQuery?.password;
|
|
|
|
if (!currentPassword) {
|
|
throw new TRPCError({ code: "NOT_FOUND", message: "MISSING_PASSWORD" });
|
|
}
|
|
|
|
const passwordsMatch = await verifyPassword(oldPassword, currentPassword);
|
|
if (!passwordsMatch) {
|
|
throw new TRPCError({ code: "BAD_REQUEST", message: "INCORRECT_PASSWORD" });
|
|
}
|
|
|
|
if (oldPassword === newPassword) {
|
|
throw new TRPCError({ code: "BAD_REQUEST", message: "PASSWORD_MATCHES_OLD" });
|
|
}
|
|
|
|
if (!validPassword(newPassword)) {
|
|
throw new TRPCError({ code: "BAD_REQUEST", message: "INVALID_PASSWORD" });
|
|
}
|
|
|
|
const hashedPassword = await hashPassword(newPassword);
|
|
await prisma.user.update({
|
|
where: {
|
|
id: user.id,
|
|
},
|
|
data: {
|
|
password: hashedPassword,
|
|
},
|
|
});
|
|
}),
|
|
verifyPassword: authedProcedure
|
|
.input(
|
|
z.object({
|
|
passwordInput: z.string(),
|
|
})
|
|
)
|
|
.mutation(async ({ input, ctx }) => {
|
|
const user = await prisma.user.findUnique({
|
|
where: {
|
|
id: ctx.user.id,
|
|
},
|
|
});
|
|
|
|
if (!user?.password) {
|
|
throw new TRPCError({ code: "INTERNAL_SERVER_ERROR" });
|
|
}
|
|
|
|
const passwordsMatch = await verifyPassword(input.passwordInput, user.password);
|
|
|
|
if (!passwordsMatch) {
|
|
throw new TRPCError({ code: "UNAUTHORIZED" });
|
|
}
|
|
|
|
return;
|
|
}),
|
|
});
|