feat(storage): MinIO object storage, Neon Auth, Supabase removal
Deploy to route.crispygoat.com / deploy (push) Failing after 3m1s
Deploy to route.crispygoat.com / deploy (push) Failing after 3m1s
- Add MinIO/S3-compatible storage client (src/lib/storage.ts) with uploadObject, deleteObject, presigned URL helpers, and BUCKETS constant - Wire product images, brand logos, and water log photos to MinIO via the new storage client - Migrate forgot-password to Neon Auth (remove Supabase /auth/v1/recover call) - Migrate send-scheduled cron to direct Postgres + Resend (remove Supabase Edge Function proxy) - Add logoUrl to email types (OrderReceipt, Welcome, PasswordReset) and pass brand_settings.logo_url from all call sites - Update email templates to use dynamic logoUrl instead of hardcoded Supabase bucket URLs - Remove hardcoded Supabase URLs from TuxedoVideoHero, TuxedoAboutPage, TimeTrackingFieldClient; use brand_settings props + local public/ fallback - Download brand logos (3) and tuxedo-hero.mp4 (36MB) from Supabase bucket to public/ for local development - Add MinIO env vars to .env.example (endpoint, access key, secret, buckets) - Fix TimeTrackingFieldClient to destructure logoUrl and brandAccent props - Fix admin/users.ts logoUrl type (null → undefined for optional string) - Remove stale sb- cookie from wholesale-auth - Migrate tuxedo/about page to remove supabase import and use pool query for wholesale_settings lookup
This commit is contained in:
@@ -1,48 +1,60 @@
|
||||
"use server";
|
||||
|
||||
import { auth } from "@/lib/auth";
|
||||
import { query } from "@/lib/db";
|
||||
import "server-only";
|
||||
import { getSession } from "@/lib/auth";
|
||||
import { setUserPassword } from "@/lib/auth";
|
||||
import { getAdminUser } from "@/lib/admin-permissions";
|
||||
|
||||
const MIN_PASSWORD_LENGTH = 8;
|
||||
|
||||
/**
|
||||
* Update the current user's Supabase auth password.
|
||||
*
|
||||
* Reads the Auth.js v5 session to identify the user. The session's
|
||||
* `user.id` is either:
|
||||
* - a Supabase auth user id (UUID) for email/password sign-ins
|
||||
* - a Google `sub` (non-UUID) for Google sign-ins — these are not
|
||||
* provisioned in Supabase auth, so the RPC will reject them. Google
|
||||
* users must be provisioned in Supabase auth separately.
|
||||
*
|
||||
* The password update itself runs as a SECURITY DEFINER PL/pgSQL function
|
||||
* (`update_user_password`) inside the database, called directly via the
|
||||
* shared `pg` pool. No Supabase REST hop required.
|
||||
* Change a user's password. Requires admin privileges.
|
||||
*
|
||||
* Use this for admin-initiated password resets. For self-service
|
||||
* password changes, users should use the forgot password flow.
|
||||
*/
|
||||
export async function updatePasswordAction(
|
||||
userId: string,
|
||||
newPassword: string
|
||||
): Promise<{ error?: string; userId?: string }> {
|
||||
const session = await auth();
|
||||
const uid = session?.user?.id;
|
||||
if (!uid) {
|
||||
return { error: "Not authenticated. Please log in again." };
|
||||
): Promise<{ success: boolean; error?: string }> {
|
||||
// Verify the caller is an admin
|
||||
const adminUser = await getAdminUser();
|
||||
if (!adminUser) {
|
||||
return { success: false, error: "Not authenticated. Please log in again." };
|
||||
}
|
||||
|
||||
const UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
|
||||
if (!UUID_REGEX.test(uid)) {
|
||||
return {
|
||||
error:
|
||||
"Password change is not available for social sign-in accounts. Please contact an admin.",
|
||||
};
|
||||
if (adminUser.role !== "platform_admin") {
|
||||
return { success: false, error: "Only platform admins can change passwords." };
|
||||
}
|
||||
|
||||
// Validate password
|
||||
if (!newPassword || newPassword.length < MIN_PASSWORD_LENGTH) {
|
||||
return { success: false, error: `Password must be at least ${MIN_PASSWORD_LENGTH} characters.` };
|
||||
}
|
||||
|
||||
try {
|
||||
// The RPC is SECURITY DEFINER and returns a single row (or raises).
|
||||
// We SELECT it (rather than SELECT update_user_password(...)) so the
|
||||
// call stays a normal parameterized query and we can read the result.
|
||||
await query("SELECT update_user_password($1, $2)", [uid, newPassword]);
|
||||
return { userId: uid };
|
||||
const result = await setUserPassword({
|
||||
userId,
|
||||
newPassword,
|
||||
});
|
||||
|
||||
if (result.error) {
|
||||
console.error("[updatePassword] Failed:", result.error);
|
||||
return { success: false, error: result.error.message ?? "Failed to update password." };
|
||||
}
|
||||
|
||||
console.log("[updatePassword] Password updated for user:", userId);
|
||||
return { success: true };
|
||||
} catch (err) {
|
||||
const message =
|
||||
err instanceof Error ? err.message : "Failed to update password.";
|
||||
return { error: message };
|
||||
console.error("[updatePassword] Unexpected error:", err);
|
||||
return { success: false, error: "An unexpected error occurred." };
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the current session user ID. Used by the change-password UI.
|
||||
*/
|
||||
export async function getCurrentUserId(): Promise<string | null> {
|
||||
const { data: session } = await getSession();
|
||||
return session?.user?.id ?? null;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user