From 204cbc65c0cd000c3b7544cd7cb42bbeb69e708f Mon Sep 17 00:00:00 2001 From: headlesdev Date: Sat, 17 May 2025 20:29:08 +0200 Subject: [PATCH] user change api route --- app/api/user/change/password/route.ts | 58 +++++++++++++++++++++++++++ app/api/user/change/profile/route.ts | 41 +++++++++++++++++++ 2 files changed, 99 insertions(+) create mode 100644 app/api/user/change/password/route.ts create mode 100644 app/api/user/change/profile/route.ts diff --git a/app/api/user/change/password/route.ts b/app/api/user/change/password/route.ts new file mode 100644 index 0000000..ea1a581 --- /dev/null +++ b/app/api/user/change/password/route.ts @@ -0,0 +1,58 @@ +import { NextRequest, NextResponse } from "next/server"; +import prisma from "@/app/prisma"; +import jwt from "jsonwebtoken"; +import bcrypt from "bcryptjs"; + +interface Body { + token: string; + old_password: string; + password: string; +} + +export async function POST(request: NextRequest) { + try { + const body: Body = await request.json(); + + if (!body.token || !body.old_password || !body.password) { + return NextResponse.json({ error: "Missing required fields" }, { status: 400 }); + } + + if(!process.env.JWT_SECRET) { + return NextResponse.json({ error: "No JWT secret found" }, { status: 500 }); + } + + const decoded = jwt.verify(body.token, process.env.JWT_SECRET) as { id: string }; + + const user = await prisma.user.findUnique({ + where: { + id: decoded.id, + }, + }); + + if (!user) { + return NextResponse.json({ error: "User not found" }, { status: 404 }); + } + + const validPassword = await bcrypt.compare(body.old_password, user.password); + + if (!validPassword) { + return NextResponse.json({ error: "Invalid password" }, { status: 401 }); + } + + const hashedPassword = await bcrypt.hash(body.password, 10); + + await prisma.user.update({ + where: { + id: decoded.id, + }, + data: { + password: hashedPassword, + }, + }); + + return NextResponse.json({ message: "Password updated successfully" }, { status: 200 }); + } catch (error: any) { + return NextResponse.json({ error: "Internal Server Error" }, { status: 500 }); + } +} + diff --git a/app/api/user/change/profile/route.ts b/app/api/user/change/profile/route.ts new file mode 100644 index 0000000..8bfef59 --- /dev/null +++ b/app/api/user/change/profile/route.ts @@ -0,0 +1,41 @@ +import { NextRequest, NextResponse } from "next/server"; +import prisma from "@/app/prisma"; +import jwt from "jsonwebtoken"; + +interface Body { + token: string; + username: string; + name: string; + email: string; +} + +export async function POST(request: NextRequest) { + try { + const body: Body = await request.json(); + + if (!body.username || !body.name || !body.email) { + return NextResponse.json({ error: "Missing required fields" }, { status: 400 }); + } + + if(!process.env.JWT_SECRET) { + return NextResponse.json({ error: "No JWT secret found" }, { status: 500 }); + } + + const decoded = jwt.verify(body.token, process.env.JWT_SECRET) as { id: string }; + + const user = await prisma.user.findUnique({ + where: { + id: decoded.id, + }, + }); + + if (!user) { + return NextResponse.json({ error: "User not found" }, { status: 404 }); + } + + return NextResponse.json({ message: "Profile updated successfully" }, { status: 200 }); + } catch (error: any) { + return NextResponse.json({ error: "Internal Server Error" }, { status: 500 }); + } +} +