import { NotFoundError, SecurePassword, resolver } from "blitz" import db from "../../../db" import { authenticateUser } from "./login" import { ChangePassword } from "../validations" export default resolver.pipe( resolver.zod(ChangePassword), resolver.authorize(), async ({ currentPassword, newPassword }, ctx) => { const user = await db.user.findFirst({ where: { id: ctx.session.userId! } }) if (!user) throw new NotFoundError() await authenticateUser(user.email, currentPassword) const hashedPassword = await SecurePassword.hash(newPassword.trim()) await db.user.update({ where: { id: user.id }, data: { hashedPassword }, }) return true } )