29d9d23a26
- CartContext: lazy initializers replace mount-only useEffect hydration; remove 8 no-initialize-state warnings - Toast/AdminSearchInput: React 19 useContext/use + drop forwardRef (3 no-react19-deprecated-apis) - ProductFormModal: lazy initializers + useSyncExternalStore for mount; parent adds key=editingProduct.id - InstallPrompt: useReducer for prompt state (no-cascading-set-state) - QRScanModal: ref-based latest-callback pattern replaces useEffectEvent deps mistake - OnboardingFlow: functional setState (rerender-functional-setstate) - UsersPage/StopsCalendar/FeaturesAndStats: lazy initializers (rerender-lazy-state-init) - FAQClientPage: server-side brand settings fetch via getBrandSettingsPublic in layout; remove supabase import - LandingPageWrapper: href='#' → href='#top' (anchor-is-valid) - TuxedoVideoHero: replace animate-bounce with ease-out-expo (no-inline-bounce-easing) - ProductTableClient: useCallback for handleDeleted (jsx-no-new-function-as-prop) - excel-parser: pre-compile delimiter regexes (js-hoist-regexp) - water-log/settings: Promise.all for parallel DB calls (async-parallel) - ToastNotification: extract toast store to separate file (only-export-components) - WholesaleClient: inline <WholesaleIcon/> instead of hoisting to const (rendering-hoist-jsx)
63 lines
1.9 KiB
TypeScript
63 lines
1.9 KiB
TypeScript
"use server";
|
|
|
|
import "server-only";
|
|
import { getSession } from "@/lib/auth";
|
|
import { setUserPassword } from "@/lib/auth";
|
|
import { getAdminUser } from "@/lib/admin-permissions";
|
|
import { serverLog, serverError } from "@/lib/server-log";
|
|
|
|
const MIN_PASSWORD_LENGTH = 8;
|
|
|
|
/**
|
|
* Change a user's password. Requires admin privileges.
|
|
*
|
|
* Use this for admin-initiated password resets. For self-service
|
|
* password changes, users should use the forgot password flow.
|
|
*/
|
|
export async function updatePasswordAction(
|
|
userId: string,
|
|
newPassword: string
|
|
): Promise<{ success: boolean; error?: string }> {
|
|
|
|
await getSession(); // Verify the caller is an admin
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) {
|
|
return { success: false, error: "Not authenticated. Please log in again." };
|
|
}
|
|
|
|
if (adminUser.role !== "platform_admin") {
|
|
return { success: false, error: "Only platform admins can change passwords." };
|
|
}
|
|
|
|
// Validate password
|
|
if (!newPassword || newPassword.length < MIN_PASSWORD_LENGTH) {
|
|
return { success: false, error: `Password must be at least ${MIN_PASSWORD_LENGTH} characters.` };
|
|
}
|
|
|
|
try {
|
|
const result = await setUserPassword({
|
|
userId,
|
|
newPassword,
|
|
});
|
|
|
|
if (result.error) {
|
|
serverError("[updatePassword] Failed:", result.error);
|
|
return { success: false, error: result.error.message ?? "Failed to update password." };
|
|
}
|
|
|
|
serverLog("[updatePassword] Password updated for user:", userId);
|
|
return { success: true };
|
|
} catch (err) {
|
|
serverError("[updatePassword] Unexpected error:", err);
|
|
return { success: false, error: "An unexpected error occurred." };
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the current session user ID. Used by the change-password UI.
|
|
*/
|
|
export async function getCurrentUserId(): Promise<string | null> {
|
|
const { data: session } = await getSession();
|
|
return session?.user?.id ?? null;
|
|
}
|