user change api route

2025-12-22 09:56:58 +00:00 · 2025-05-17 20:29:08 +02:00 · 2025-05-17 20:29:08 +02:00 · 204cbc65c0
commit 204cbc65c0
parent 955f9f2861
2 changed files with 99 additions and 0 deletions
--- a/app/api/user/change/password/route.ts
+++ b/app/api/user/change/password/route.ts
@ -0,0 +1,58 @@
+import { NextRequest, NextResponse } from "next/server";
+import prisma from "@/app/prisma";
+import jwt from "jsonwebtoken";
+import bcrypt from "bcryptjs";
+
+interface Body {
+    token: string;
+    old_password: string;
+    password: string;
+}
+
+export async function POST(request: NextRequest) {
+    try {
+        const body: Body = await request.json();
+
+        if (!body.token || !body.old_password || !body.password) {
+            return NextResponse.json({ error: "Missing required fields" }, { status: 400 });
+        }
+
+        if(!process.env.JWT_SECRET) {
+            return NextResponse.json({ error: "No JWT secret found" }, { status: 500 });
+        }
+
+        const decoded = jwt.verify(body.token, process.env.JWT_SECRET) as { id: string };
+
+        const user = await prisma.user.findUnique({
+            where: {
+                id: decoded.id,
+            },
+        });
+
+        if (!user) {
+            return NextResponse.json({ error: "User not found" }, { status: 404 });
+        }
+
+        const validPassword = await bcrypt.compare(body.old_password, user.password);
+
+        if (!validPassword) {
+            return NextResponse.json({ error: "Invalid password" }, { status: 401 });
+        }
+
+        const hashedPassword = await bcrypt.hash(body.password, 10);
+
+        await prisma.user.update({
+            where: {
+                id: decoded.id,
+            },
+            data: {
+                password: hashedPassword,
+            },
+        });
+
+        return NextResponse.json({ message: "Password updated successfully" }, { status: 200 });
+    } catch (error: any) {
+        return NextResponse.json({ error: "Internal Server Error" }, { status: 500 });
+    }
+}
+
--- a/app/api/user/change/profile/route.ts
+++ b/app/api/user/change/profile/route.ts
@ -0,0 +1,41 @@
+import { NextRequest, NextResponse } from "next/server";
+import prisma from "@/app/prisma";
+import jwt from "jsonwebtoken";
+
+interface Body {
+    token: string;
+    username: string;
+    name: string;
+    email: string;
+}
+
+export async function POST(request: NextRequest) {
+    try {
+        const body: Body = await request.json();
+
+        if (!body.username || !body.name || !body.email) {
+            return NextResponse.json({ error: "Missing required fields" }, { status: 400 });
+        }
+
+        if(!process.env.JWT_SECRET) {
+            return NextResponse.json({ error: "No JWT secret found" }, { status: 500 });
+        }
+
+        const decoded = jwt.verify(body.token, process.env.JWT_SECRET) as { id: string };
+
+        const user = await prisma.user.findUnique({
+            where: {
+                id: decoded.id,
+            },
+        });
+
+        if (!user) {
+            return NextResponse.json({ error: "User not found" }, { status: 404 });
+        }
+
+        return NextResponse.json({ message: "Profile updated successfully" }, { status: 200 });
+    } catch (error: any) {
+        return NextResponse.json({ error: "Internal Server Error" }, { status: 500 });
+    }
+}
+