Massbug/judge4c
2
0
Fork 0
mirror of https://github.com/massbug/judge4c.git synced 2025-05-18 15:26:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(auth): improve credential validation and password verification

Browse Source
This commit is contained in:
cfngc4594 2025-03-19 08:34:15 +08:00
parent 919016cf27
commit 8ab8892388
1 changed files with 33 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
src/app/actions/auth.ts
View File

@ -11,52 +11,59 @@ const saltRounds = 10;
export async function signInWithCredentials(formData: CredentialsSignInFormValues) { export async function signInWithCredentials(formData: CredentialsSignInFormValues) {
try { try {
await signIn("credentials", { // Parse credentials using authSchema for validation
...formData, const { email, password } = await authSchema.parseAsync(formData);
redirect: false,
}); // Find user by email
const user = await prisma.user.findUnique({ where: { email } });
// Check if the user exists
if (!user) {
throw new Error("User not found.");
}
// Check if the user has a password
if (!user.password) {
throw new Error("Invalid credentials.");
}
// Check if the password matches
const passwordMatch = await bcrypt.compare(password, user.password);
if (!passwordMatch) {
throw new Error("Incorrect password.");
}
await signIn("credentials", formData);
return { success: true }; return { success: true };
} catch (error) { } catch (error) {
if (error instanceof Error) { return { error: error instanceof Error ? error.message : "Failed to sign in. Please try again." };
return { error: "Invalid credentials" };
}
return { error: "Failed to sign in. Please try again." };
} }
} }
export async function signUpWithCredentials(formData: CredentialsSignUpFormValues) { export async function signUpWithCredentials(formData: CredentialsSignUpFormValues) {
try { try {
const validatedData = await authSchema.parseAsync(formData); const validatedData = await authSchema.parseAsync(formData);
const existingUser = await prisma.user.findUnique({
where: { email: validatedData.email },
});
// Check if user already exists
const existingUser = await prisma.user.findUnique({ where: { email: validatedData.email } });
if (existingUser) { if (existingUser) {
throw new Error("User already exists"); throw new Error("User already exists");
} }
// Hash password and create user
const pwHash = await bcrypt.hash(validatedData.password, saltRounds); const pwHash = await bcrypt.hash(validatedData.password, saltRounds);
const user = await prisma.user.create({ const user = await prisma.user.create({
data: { data: { email: validatedData.email, password: pwHash },
email: validatedData.email,
password: pwHash,
},
}); });
const count = await prisma.user.count(); // Assign admin role if first user
if (count === 1) { const userCount = await prisma.user.count();
await prisma.user.update({ if (userCount === 1) {
where: { id: user.id }, await prisma.user.update({ where: { id: user.id }, data: { role: "ADMIN" } });
data: { role: "ADMIN" },
});
} }
return { success: true }; return { success: true };
} catch (error) { } catch (error) {
if (error instanceof Error) { return { error: error instanceof Error ? error.message : "Registration failed. Please try again." };
return { error: error.message };
}
return { error: "Registration failed. Please try again." };
} }
} }